Episodios
-
In this episode of the Dr. Zero Trust podcast, hosts James Pham and Oz Wasserman from Opsin discuss the implications of generative AI in the context of cybersecurity and Zero Trust principles. They explore the evolution of AI, the risks associated with generative AI, and how Opsin aims to secure sensitive data while leveraging AI for productivity. The conversation highlights the importance of understanding the security landscape as generative AI becomes more integrated into enterprise environments.
-
I discussed various topics related to #cybersecurity, including CISA's new international cyber security plan, the appointment of a new CISO at UnitedHealthcare, the progress of federal agencies in implementing #zerotrust, and the evolving landscape of hacking influenced by #AI. The discussion also touches on a serious hacking incident involving The Walt Disney Company and food safety, insights into hacker motivations, and the vulnerabilities present in critical infrastructure. I really emphasized the need for effective leadership and actionable solutions to address these pressing cybersecurity challenges. #drzerotrust #happyhalloween
TakeawaysCISA's international cyber security plan aims to enhance global cooperation.
UnitedHealthcare's new CISO faces significant challenges post-ransomware attack.
Federal agencies are making progress on Zero Trust implementation.
AI is changing the hacking landscape, making it more accessible.
A former Disney employee's hacking incident raises serious food safety concerns.
Insights from hackers reveal motivations beyond financial gain.
Critical infrastructure vulnerabilities are alarmingly prevalent.
Effective leadership is crucial for solving cybersecurity issues.
Simple fixes can prevent major security breaches.
The conversation highlights the importance of proactive cybersecurity measures.
-
¿Faltan episodios?
-
In this conversation, I discuss the ineffectiveness of compliance violations and fines in changing corporate behavior regarding cybersecurity. I present data showing that fines are often negligible compared to company revenues, making them merely a cost of doing business. I argue for a reevaluation of negligence in cybersecurity and emphasizes the need for accountability, suggesting that without significant consequences, organizations will continue to prioritize profit over security.
Takeaways
Compliance violations are often seen as a cost of doing business.
Fines do not significantly impact large corporations' revenues.
Cyber insurance can offset the costs of compliance violations.
Statistically, companies often see stock price increases after breaches.
The current compliance framework does not enforce real change.
Negligence in cybersecurity needs a clearer legal definition.
Fines for violations should be more substantial to deter negligence.
Government organizations often escape penalties for breaches.
The data suggests a need for a shift in accountability measures.
Compliance does not equate to actual security improvements.
-
In this conversation, I discuss various cybersecurity incidents and trends affecting organizations, including CrowdStrike's stock performance, foreign influence in U.S. elections, cybersecurity failures at Sellafield, and the impact of cyber incidents on critical infrastructure. The conversation also covers recent breaches at ADT and American Waterworks, challenges in healthcare cybersecurity, and T-Mobile's compliance issues. Throughout, I emphasizes the importance of robust cybersecurity measures and the ongoing threats faced by organizations.
TakeawaysCrowdStrike's stock has seen a resurgence after a breach.
Foreign actors are actively trying to influence U.S. elections.
Sellafield's cybersecurity failures have resulted in significant fines.
Cybersecurity incidents in critical infrastructure lead to financial losses.
Chinese hackers have targeted U.S. telecom companies for intelligence.
ADT has experienced multiple breaches in a short time frame.
American Waterworks reported unauthorized activity in its systems.
Healthcare organizations are struggling with cybersecurity preparedness.
MoneyGram faced a cybersecurity issue affecting customer data.
T-Mobile is under pressure to improve its cybersecurity measures.
-
In this conversation, I discuss various cybersecurity topics, including investment strategies in cybersecurity stocks, vulnerabilities in vehicle security, the implications of AI vulnerabilities, the rise of cyber threats related to social media scandals, workforce development initiatives in cybersecurity, the risks posed by North Korean cyber actors, the disconnect between leadership and security teams regarding ransomware, political cybersecurity breaches, the critical state of cybersecurity in healthcare, and the increasing threats to aviation security.
-
Den Jones talks about why he is launching 909 Cyber for smb's and other businesses. He and I chat about how to address critical strategic shortfalls for organizations and he runs us through how he put Zero Trust in place while at Adobe! Don't miss this one!
-
The conversation delves into various pressing cybersecurity issues, including a recent attack on Hezbollah involving explosive pagers, the implications of cyber warfare, election interference by Iranian hackers, the severe impact of ransomware on healthcare, and the ongoing challenges of data privacy. The discussion also critiques the effectiveness of cybersecurity reports and the need for more substantial recommendations in the industry.
The Hezbollah attack demonstrates the potential for cyber to cause physical harm. Ransomware attacks in healthcare have resulted in fatalities. Data privacy is an illusion in the digital age. Cybersecurity breaches often lead to stock market rebounds for affected companies. The sophistication of cyber attacks is increasing, requiring better defenses. Election interference remains a significant concern with foreign actors involved. Ransomware attacks can disrupt critical services and endanger lives. The value of personal data is often underestimated in legal settlements. Phishing scams are becoming more sophisticated and harder to detect. Cybersecurity reports need to provide actionable insights rather than generic advice.
takeaways -
In this conversation, Myself and Aaron Shah from Cybermaxx discuss the complexities of cybersecurity, emphasizing the importance of understanding both offensive and defensive strategies. We explore the dichotomy in cyber operations, the adversarial mindset, and the common misconceptions clients have about their risk levels. The discussion also covers the role of Managed Detection and Response (MDR) services, the challenges faced by small and mid-sized businesses, and best practices for effective cybersecurity management.
-
In this conversation, I discuss various topics including music licensing, the recent school shooting in Georgia, the impact of cyber security breaches on corporate reputation, the glitch in Chase Bank ATMs, the warning from Warren Buffett about cyber insurance losses, Chinese hackers exploiting software bugs, the launch of a cyber incident reporting portal by CISA, a bipartisan bill to strengthen healthcare cybersecurity, and a judge granting a request to suppress a cyber expert's efforts to warn the public.
-
In this podcast episode, DrZeroTrust discusses various cybersecurity topics, including a partnership between G2 and security vendors, a cryptocurrency scam that led to the collapse of a Kansas bank, weaknesses in the FBI's cybersecurity practices, a breach at National Public Data, the state of phishing training, the use of AI chatbots by police officers, new cybersecurity rules proposed by the FAA, a lawsuit against Georgia Tech over cybersecurity failures, and allegations that the Biden administration pressured Meta (formerly Facebook) to censor COVID-19 content. DrZeroTrust emphasizes the importance of contributing to the cybersecurity community and encourages individuals to think critically and conduct their own research.
-
In this conversation, I discuss various topics including the US Army's failed $11 million marketing deal with the UFL and Dwayne 'The Rock' Johnson, the state of ransomware in state and local government organizations, the Mimecast Global Threat Intelligence Report, the reliance on a few tech companies for critical aspects of the economy, the need for campaigns to report cyber breaches, the vulnerabilities in open source software, and the findings from the IBM Cost of a Data Breach Report.
-
Evgeniy, the author of a book on soft skills in technology sales, discusses the importance of soft skills in the tech industry. He emphasizes the need for curiosity, the ability to overcome fear, and the importance of practicing soft skills outside of work. Evgeniy also talks about the flaws in the way conferences are organized and suggests a more networking-focused approach. He advises against making assumptions and encourages asking questions to better understand others' needs. The conversation highlights the value of visualization and the power of listening.
Get a copy here: https://www.softskillstech.ca/
-
What should we know about the "possible" DDoS hit on the Trump X broadcast? What does another breach of billions of records mean? Even if it's got criminal record and background information? Uh oh. And more on this one!
-
In this conversation, I interview Gentry Lane, CEO and founder of Nemesis Global, about cybersecurity and the challenges faced in the industry. They discuss the lack of leadership and strategy in national cybersecurity, the need for a global, interoperable system platform for early detection and threat recognition, and the ineffectiveness of current cybersecurity measures. Gentry emphasizes the importance of taking action and implementing radical changes to address the persistent aggression on critical infrastructure. She also highlights the need for technical expertise and a shift in mindset within leadership positions. Overall, the conversation calls for a more proactive and comprehensive approach to cybersecurity.
Keywords: cybersecurity, leadership, strategy, critical infrastructure, early detection, threat recognition, technical expertise
Takeaways
The lack of leadership and strategy in national cybersecurity is a major challenge. There is a need for a global, interoperable system platform for early detection and threat recognition. Current cybersecurity measures are ineffective and require radical changes. Technical expertise and a shift in mindset within leadership positions are crucial for addressing cybersecurity challenges. -
Was my full body scan MRI worth it? IBM's data breach report is out, what should we pay attention to. Did Crowdstrike's issue reveal more about how fragile our connected world is? And are Deepfakes protected speech? Lot's to discuss on this one!
-
What are Non-Human Identities, and why should we care? What does a 4 time CISO have to say about this issue? Does Zero Trust stand up to his scrutiny? Don't miss this one!
-
DDoS hosts get arrested, but is it really a legit punishment? Cisco has an issue with remote access and a level 10 vuln, uh oh! Deepfakes are up over 1000% in countries with elections in 2024! And Snowflake adds MFA, after their issue, hurray! Buckle up!
-
In this conversation I discuss the Confucius Institute, cybersecurity search engines, ransomware defense evasion tactics, the GOP platform on protecting critical infrastructure, the OpenAI breach, cybersecurity concerns in the automotive industry, the White House's push for increased cyber funds, and the healthcare industry's pushback against cybersecurity reporting rules.
Takeaways
Augusta, Georgia is not an exciting place to visit
The Confucius Institute raises concerns about its funding and curriculum
Cybersecurity search engines like Greyhat Warfare can provide valuable information
Ransomware attackers are focusing on defense evasion tactics
The GOP platform emphasizes protecting critical infrastructure from hackers
OpenAI faced a breach but did not inform law enforcement
The automotive industry is increasingly concerned about cybersecurity
The White House is seeking increased cyber funds for federal agencies
The healthcare industry is pushing back against proposed cybersecurity reporting rules
-
New "listening" sites in Cuba, uh oh. Is Temu a threat, it is from China. OpenSSH has some serious issues. Will the Supreme Court affect our cyber security posture? TeamViewer gets hit as well. Buckle up!
-
Did Microsoft's leadership really say they don't have to play by China's rules? Did they potentially lie in front of Congress? Have you ever read the book that is guiding Chinese cyber warfare strategy? I'll tell you where it is. Those important points and WHOLE lot more on this one.
- Mostrar más
