CISO Series public
[search 0]
More

Download the App!

show episodes
 
This podcast focuses on many non-technical aspects of cyber risk, cyber security and information security at the intersection of technology and managing to business expectations. Guests include CIOs, CEOs, and CISOs discussing the many facets of the information security industry, what matters, what needs to change and how to deal with modern-day challenges in this dynamic industry.
 
Loading …
show series
 
In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers: Why SMBs absolutely need a security program How and when to hire a vCISO, and when it's time to hire a full-time CISO How industry associations can help…
 
FireEye releases report and network auditing tool for SolarWinds-type hacks SolarWinds malware arsenal widens with Raindrop DNSpooq bugs let attackers hijack DNS on millions of devices Thanks to our episode sponsor Armis One of the biggest challenges security teams face is they do not have a clear picture of all assets in their environment. The res…
 
Parler resurfaces online Darknet forum Joker's Stash shutting down Microsoft Defender to enable auto-remediation by default Thanks to our episode sponsor Armis All cybersecurity programs start with gaining full visibility into all the assets in the environment. Yet security teams continue to struggle to see every thing they have. This asset blind s…
 
Xiaomi added to Pentagon blacklist Dating apps are using images from the siege to ban rioters’ accounts NSA suggests enterprises use designated DNS-over-HTTPS resolvers Thanks to our episode sponsor Armis Lack of complete visibility to all assets in any environment is a huge cybersecurity challenge for every organization. And fragmentation across t…
 
Hackers waltzed past MFA used by CISA on cloud accounts Social media convulses after Capitol attack Google fixes bug that delayed COVID contact-tracing apps Thanks to our episode sponsor, IT Asset Management Group Are you checking your IT asset disposal vendor’s homework? Organizations should record unique IDs of each asset disposed of and reconcil…
 
Link to blog post This week’s Cyber Security Headlines Week in Review, January 11-15, 2021 is hosted by Steve Prentice @stevenprentice with our guest Allan Alford, @AllanAlfordinTX. Thanks to our episode sponsor, IT Asset Management Group Organizations must have adequate written policies and procedures to meet the regulatory requirements for the di…
 
Europol confirms dark web marketplace takedown Google to reportedly block all political ads... again DoD halts deployment of cybersecurity system Thanks to our episode sponsor, IT Asset Management Group Are you checking your IT asset disposal vendor’s homework? Organizations should record unique IDs of each asset disposed of and reconcile their rec…
 
Hackers leak stolen Pfizer COVID-19 vaccine data online Social media’s big terrible week Parler archived due to “mind-numbing” mistake Thanks to our episode sponsor, IT Asset Management Group Poorly managed IT asset disposal, lack of due diligence, and a disposal program without clearly defined responsible parties has now resulted in millions of do…
 
SolarWinds breach now linked to Turla UK ruling limits the reach of "general warrants" UN data breach exposes staff records Thanks to our episode sponsor, IT Asset Management Group How does your organization measure a successful IT asset disposal program? Are decisions driven by dollars saved, ease of use, or security and compliance risk reduction?…
 
Parler removed from Apple, Google, and Amazon Facial-recognition app Clearview sees a spike in use after Capitol attack Emotet tops malware charts in December after reboot Thanks to our episode sponsor, IT Asset Management Group Organizations must have adequate written policies and procedures to meet the regulatory requirements for the disposal of …
 
Our sponsor, Omada’s identity governance tip of the day Deploy identity capabilities in phases. If you try to do a massive lift and shift problems will occur and it will probably take longer than you expect. See where you can add value early on. First, launch the solution’s basic functionality. What can be done without writing custom code? Where yo…
 
Link to Blog Post This week’s Cyber Security Headlines Week in Review - January 4-8, 2021 is hosted by Steve Prentice, with our guest, Ross Young, CISO, Caterpillar Financial (LinkedIn). Thanks to our episode sponsor, Omada Get stakeholders on board early. Sounds simple, but the hard part is making sure everyone has the right level of information t…
 
In this episode, guest Drew Spaniel walks us through the new law passed in late 2020, The IoT Cybersecurity Improvement Act of 2020 (HR 1668), and how if will affect not just US federal government procurement, but IoT device manufacturers, and consumers as well. The Act calls for IoT devices to be secured by manufacturers based on NIST guidance and…
 
Google, Alphabet employees unionize NYSE no longer plans to de-list Chinese firms Amazon banned from using AWS trademark in China Our sponsor, Omada’s identity governance tip of the day Upon launching a project map your business priorities to best-practice identity processes. Then, perform a fit-gap analysis between functional areas in the process …
 
Microsoft source code accessed by SolarWinds attackers Slack suffers massive outage UK judge denies Assange extradition to US Our sponsor, Omada’s identity governance tip of the day Well-tested process frameworks are great starting points. No need to reinvent. Just tweak processes that have already proven effective such as automating identity manag…
 
Russian SolarWinds hack damage escalates Backdoor account discovered in more than 100,000 Zyxel firewalls and VPN gateways Wall Street to kick out Chinese telecom giants Our sponsor, Omada’s identity governance tip of the day Get stakeholders on board early. Sounds simple, but the hard part is making sure everyone has the right level of information…
 
T-Mobile discloses data breach CISA updates SolarWinds guidance Emotet strikes Lithuanian health infrastructure Thanks to our sponsor ReversingLabs Newly created digital data that supports productivity is growing greater than forty percent annually. With more employees working remote and businesses reliant on this digital content, what steps are yo…
 
Google Docs bug exposes users private documents Kawasaki discloses security breach, potential data leak Brexit deal warns of security dangers of Netscape Communicator Thanks to our sponsor ReversingLabs We’ve seen a 430% growth in next generation cyber attacks actively targeting open-source software projects. Worse yet, contemporary malware impleme…
 
Defending the COVID-19 vaccine supply chain Cellular aggregation tool detailed in police records CISA releases malware detection tool for Azure and Microsoft 365 Thanks to our sponsor ReversingLabs The SolarWinds attack has highlighted the need to scan “gold” software images prior to their release or consumption, and look for software tampering, in…
 
Microsoft resellers seen as Russian cyberattack mules GoDaddy employees fail holiday bonus phishing test SolarWinds releases updated advisory for new SUPERNOVA malware Thanks to our sponsor ReversingLabs Less than thirty percent of organizations have a formal threat hunting program, yet threat hunting has shown to improve overall security postures …
 
Treasury Department’s senior leaders were targeted by SolarWinds hack Draft lawsuit alleges Google and Facebook agreed to team up against antitrust action Three VPN providers with criminal ties taken down Thanks to our sponsor ReversingLabs Ransomware is responsible for causing the most destructive amount of downtime - more than seventeen hours. Ar…
 
Attackers staged a dry-run against SolarWinds in October 2019 NSO Group spyware reportedly used against journalists CIA agents exposed with stolen data Thanks to our sponsor ReversingLabs Open source packages from repos such as PyPI, npm, RubyGems and NuGet can be complex, and contain tens of thousands of files. Are you confident these files are sa…
 
SolarWinds supply chain attack updates Trump officials plan to split up Cyber Command and NSA Google explains the cause of its recent outage Thanks to our sponsor ReversingLabs Seventy seven percent of organizations are increasing investments in automation to simplify and speed response times. How are you leveraging Machine Learning and AI to solve…
 
Ex-Homeland Security adviser: 'We're being hacked' Ignore Facebook 'Christmas bonus' come-on Twitter to start removing COVID-19 vaccine misinformation Thanks to our sponsor ReversingLabs A ransomware attack occurs every 10 seconds. What are you doing to detect hidden malware and expose key Indicators of compromise before they exploit your business.…
 
Trump considers clemency for Silk Road founder Researcher warned of SolarWinds security issues last year What can the US do to prevent cyberattacks? Thanks to our sponsor ReversingLabs A ransomware attack occurs every 10 seconds. What are you doing to detect hidden malware and expose key Indicators of compromise before they exploit your business. L…
 
Microsoft seizes SolarWinds domain – quarantine starts today Twitter will use Amazon Web Services to power user feeds Data breach at Canadian financial services firm highlights perils of insider threats Thanks to our sponsor ReversingLabs 96% of commercial applications include open source components. Is open source software putting your supply chai…
 
SolarWinds Orion carrying malware Multiple US agencies impacted by SolarWinds supply-chain attack New EU data use legislation could lead to big tech fines Thanks to our sponsor ReversingLabs Cybersecurity staffing shortages exceed 3 million security professions globally, and the skills gap continues to widen. Learn how ReversingLabs automates the t…
 
Adrozek malware can infect over 30K Windows PCs a day Subway UK finds TrickBot on its menu Ransomware in schools grew in 2020, more on the way in 2021 Thanks to our sponsor ReversingLabsToday the most advanced threats lay hidden…deep within files and objects. In only milliseconds, ReversingLabs is able to analyze the world’s most complex files, pro…
 
Breaking up Facebook won't be easy Intel source 'Spider' outed in election lawsuit's redaction gaff AI is coming for your job … slowly Thanks to our sponsor, Code42. Code42’s annual Data Exposure Report on Insider Risk reveals that 42% of data breaches in the past year were caused by a malicious or criminal insider. Read the report for tips on how …
 
The Cybersecurity community responds to FireEye hack Christopher Krebs sues over threats of violence Google makes changes to how Chrome extensions handle data Thanks to our sponsor, Code42. Code42, insider risk detection and response leader, is excited to announce the release of its annual Data Exposure Report on Insider Risk. The report reveals th…
 
Microsoft’s December 2020 Patch Tuesday fixes 58 vulnerabilities Unpatched bugs open GE radiological devices to remote code execution Cloudflare and Apple design a new privacy-friendly internet protocol Thanks to our sponsor, Code42. Tomorrow Code42 will release its annual Data Exposure Report on Insider Risk. Last year’s report revealed that 63% o…
 
Google publishes cross-site leaks wiki NSA warns of state-sponsored attacks on remote-work systems Greater Baltimore Medical Center hit with ransomware attack Thanks to our sponsor, Code42. Organizations are moving faster than ever before and security tools like DLP, UEBA and CASB can’t keep up. Code42 Incydr takes a Zero Trust approach to managing…
 
Drug dealers offer Pfizer vaccine on the Dark Web Data theft from Italian defense manufacturer was an inside job Philadelphia food bank loses $1 million in BEC scam Thanks to our sponsor, Code42. Code42 is a cybersecurity company that offers a completely new approach to the old problem of insider threats. Code42’s insider risk platform, Incydr, hel…
 
Spotify celebrity pages defaced to plug Trump, Taylor Swift Clop ransomware gang rips off 2M credit cards from retailer E-Land 8% of all Google Play apps vulnerable to old security bug Thanks to our episode sponsor, AuthSafe. Are online frauds a concern for your organization? Is it a hurdle for progress? Timely predictions and detections with cogni…
 
Malicious hackers target the Covid-19 vaccine ‘cold chain’ Hackers target US think tanks Massachusetts passes ban on police facial recognition Thanks to our episode sponsor, SecureLayer7. Managing the vulnerabilities and workflows within an organization can be a handful of a task. What your organization needs is a product that is capable of oversee…
 
US Supreme Court eyes narrowing of CFAA FBI warns of BEC scammers using email auto-forwarding in attacks Trump lawyer calls for Christopher Krebs’ execution Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybe…
 
Baltimore schools struggling with ransomware UK tightens restrictions on Huawei 5G equipment ZeroLogon now detected by Windows Defender Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for…
 
Biden transition team forced to build its own cybersecurity protections China owns the lion’s share of internet cross-border data flow U.S. Supreme Court to rule on hacking laws Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there …
 
Brazil continues to recover from its worst cyberattack Apple's security chief indicted on bribery charges Baidu apps are leaking data Thanks to our sponsor, Dtex Traditional Employee Monitoring solutions are creepy. Capturing screenshots, recording keystrokes, monitoring web browsing and following social media activities is unnecessary and damages …
 
New Jersey passes anti-doxxing law TikTok patches account takeover flaw Watch out of DDoS on Black Friday Thanks to our sponsor, Dtex Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises ru…
 
GoDaddy employees duped in cryptocurrency hack Global financial industry facing fresh round of cyberthreats Egregor ransomware prints its own ransom notes Thanks to our sponsor, Dtex Reliance on ‘person of interest’ identification and potential analyst bias have put first-generation insider threat solutions on the shelf. DTEX InTERCEPT offers IT an…
 
Worldwide campaign targets ZeroLogon exploit Brandon Wales takes over at CISA Maybe ransomware operators aren’t trustworthy after all? Thanks to our sponsor, Dtex Remote Workforce Security is a thing. Network detection and web proxy solutions have been rendered nearly useless as employees are working remotely and away from the corporate network. DT…
 
Trump’s tweets to lose protected status post-presidency macOS Big Sur lets apps slip past security safety nets Deepfake bot used to abuse women runs wild on Telegram Thanks to our sponsor, Dtex Endpoint DLP tools that rely on intrusive, resource intensive content inspection rules do nothing but slow down endpoint performance and upset your SecOps t…
 
Trump fires CISA director Chris Krebs Facebook and Twitter grilled over US election actions Darktrace pays out nearly $2 million in overtime pay class action suit Thanks to our sponsor, Dtex Traditional Employee Monitoring solutions are creepy. Capturing screenshots, recording keystrokes, monitoring web browsing and following social media activitie…
 
Apple responds to macOS privacy concerns The ransomware landscape is increasingly crowded Microsoft pauses Windows 10 updates in December Thanks to our sponsor, Dtex Reliance on ‘person of interest’ identification and potential analyst bias have put first-generation insider threat solutions on the shelf. DTEX InTERCEPT offers IT and SecOps teams a …
 
Qualcomm receives U.S. permission to sell 4G chips to Huawei Microsoft says three APTs have targeted seven COVID-19 vaccine makers Cobalt Strike 4.0 toolkit shared online Thanks to our sponsor, Dtex Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all…
 
Finland pushes through change to ID code law Researchers find Trickbot is still kicking New study looks at the source of Android malware And here's a special offer from our sponsor, Blumira. Staffing a 24/7 full-time security operations center with trained security analysts isn’t a reality for many organizations. Blumira’s end-to-end detection and …
 
Facebook extends ban on political ads EU tightens cybersurveillance export laws Palo Alto Networks acquires Expanse And here's a special offer from our sponsor, Blumira. CISOs are all trying to do more with less these days; balancing compliance, security and business objectives. Consolidate your security with one end-to-end detection and response p…
 
Biden aide Bill Russo attacks Facebook’s post-election role Twitter could face its first GDPR penalty within days New Ghimob malware can spy on 153 Android mobile applications And here's a special offer from our sponsor, Blumira. Staffing a 24/7 full-time security operations center with trained security analysts isn’t a reality for many organizatio…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login