­
Continuous Security Validation: Reducing Your Organization's Attack Surface By Brad La Porte and Bikash Barai - All Articles - CISO Platform

Continuous%20Security%20Validation%20Reducing%20Your%20Organizations%20Attack%20Surface.png?profile=RESIZE_710x

In this segment, we explore key areas critical to enhancing cybersecurity, focusing on multi-factor authentication and security training. By addressing vulnerabilities and promoting awareness, organizations can significantly strengthen their security posture and mitigate potential risks effectively.

 

 

Here is the verbatim discussion:

Identify the areas that are the most critical to you and I'll I'll pick an example here um multiactor authentication so um anyone that you on the front page of the newspaper you'll see uh organizations that or you'll see that criminals are are having these data breaches and they're stealing uh all these records these records end up being username and password and um and what's end up happening is uh with access of service is criminals are able to just you know their main entry point is credential stuffing and they can use automated tools that just go after an organization and then they just keep trying different combinations uh until they find an access to someone and then they get in they move laterally and get to an administrator so an organization can reduce their attack surface significantly just by having multiactor authentication um and it adds that extra layer of uh security in their environment and then there's other areas that are there but um you know that's the the biggest area um the other area is uh security training overall just making people aware it's a mindset it's a it's a culture and and identifying if I see a fishing email I need to report it and having a process around that and then and then building it over time um so maybe uh doing a simulated fishing exercise that turns into a uh ransing.

 

 Highlights:

 

Multi-Factor Authentication (MFA): Experts highlight the importance of implementing multi-factor authentication as a crucial defense measure against credential stuffing attacks. By requiring additional verification beyond usernames and passwords, organizations can reduce their attack surface and enhance security against unauthorized access.

Security Training and Awareness: The discussion emphasizes the significance of security training in cultivating a security-conscious culture within organizations. Educating employees about phishing threats and promoting a mindset of vigilance can significantly reduce the likelihood of successful cyber attacks. Implementing processes for reporting suspicious emails and conducting simulated phishing exercises can further reinforce security awareness and readiness.

 

Prioritizing multi-factor authentication and security training are essential steps in bolstering cybersecurity defenses. By implementing MFA to strengthen access controls and fostering a culture of security awareness, organizations can mitigate the risk of data breaches and unauthorized access. This segment underscores the importance of proactive measures in safeguarding digital assets and maintaining a resilient security posture in today's evolving threat landscape.

 
 

Speakers:

Brad LaPorte a former army officer with extensive experience in cybersecurity, provides invaluable insights into the evolving landscape of digital threats. With a background in military operations, LaPorte witnessed firsthand the early stages of nation-state cyber attacks, laying the groundwork for his deep understanding of cybersecurity challenges. Through his journey, he has observed the transformation of defense tactics from traditional, labor-intensive methods to modern, cloud-based solutions. LaPorte's expertise offers a unique perspective on the intersection of technology, security, and the underground economy of cybercrime. In this discussion, he shares his experiences and analysis, shedding light on the complexities of cybersecurity in the digital age.

 
 
 
 

Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.

Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to the cloud.

 

https://twitter.com/bikashbarai1

https://www.linkedin.com/in/bikashbarai/ 

 
 
 
 

 

 

 

Votes: 0
E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)

  • Description:

    CISO Platform Talks: Security Fireside Chat With a Top CISO

    Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.

    We’ve had the privilege of…

  • Created by: Biswajit Banerjee
  • Tags: ciso, fireside chat

CISO MeetUp: Executive Cocktail Reception @ Black Hat USA , Las Vegas 2025

  • Description:

    We are excited to invite you to the CISO MeetUp: Executive Cocktail Reception if you are there at the Black Hat Conference USA, Las Vegas 2025. This event is organized by EC-Council & FireCompass with CISOPlatform as proud community partner. 

    This evening is designed for Director-level and above cybersecurity professionals to connect, collaborate, and unwind in a relaxed setting. Enjoy…

  • Created by: Biswajit Banerjee
  • Tags: black hat 2025, ciso meetup, cocktail reception, usa events, cybersecurity events, ciso

6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)

  • Description:

    Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.

    Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.

    Date : Sept 2025 - Oct 2025

    Venue: Delhi, Mumbai, Bangalore, Pune,…

  • Created by: Biswajit Banerjee

National Insider Risk Symposium, Washington DC, USA 2025

  • Description:

    We are excited to invite you to the 10th National Insider Risk Symposium, a premier forum bringing together leaders and experts from both the commercial and public sectors to address the evolving landscape of insider threats. CISOPlatform is a proud community partner for this event. 

    Event Details:
    Venue: National Housing Center, 1201 15th St NW, Washington, D.C. 20005
    Dates: September 17–18,…

  • Created by: Biswajit Banerjee
  • Tags: national insider risk symposium, ciso, cybersecurity events, usa events