CyberScoop Radio

In this episode, Greg Otto talks with Adam Darrah, director of intelligence at Vigilante, about hacker gangs on the dark web, how they run their ransomware operations, and if the cybersecurity community get ever get past the mindset of shaming victims when they are hit with a breach.

Right before the world drastically changed due to the COVID-19 pandemic, the craziest story in cybersecurity was the Vault 7 trial. With that ending in a mistrial, Greg Otto and Jeff Stone look at how the government failed to get a conviction, what we learned about the CIA and when, if ever, we could see a new trial.

The creator behind the zero-trust network model, John Kindervag, talks about why “trust” has become a vulnerability that needs to be mitigated like other vulnerabilities and where to start. Sponsored by Palo Alto Networks. Guest: John Kindervag, VP and principal analyst

One of the bigger stipulations in GDPR is that third-party service providers, including companies who run the ever-ubiquitous cloud, will also be responsible for following the correct protocols when it comes to protecting EU citizen data. Yet just as companies keep throwing everything into the cloud, we keep seeing errors in the way companies are safeguarding personally identifiable data. If you have been following the work of Chris Vickery, you know how easily these errors can be found. Vickery, ‎Director of Cyber Risk Research for California-based Upguard, has been finding misconfigured cloud instances all over the internet. Just in the past year, Vickery has found openly discoverable cloud instances at places like a Florida credit monitoring firm, media behemoth Viacom, and even at the Department of Defense. Each finding had enough PII to keep privacy officers sleepless for weeks. While those incidents were all based in America, Vickery recently came across a similar breach at french marketing firm Octoly, which caters to European social media influencers. In a few weeks, Octoly's response to such a finding is going to possibly be under much more scrutiny. I talked to Vickery and Upguard CEO Mike Baukes about how they see these security incidents playing out under GDPR, and whether cloud providers will lead the way when it comes to breach response.

In the latest CyberScoop Radio podcast, Chris Niggel, Okta's director of security and compliance talks about how identity management can be the catalyst to turn shadow IT into distributed IT. By implementing a strong tool, users can get their work done at any time from any place, while security teams can be confident their enterprise's data stays where it should. Sponsored by Okta. Guest: Chris Niggel, director of security and compliance

Global Security Advocate Thomas Fischer talks with CyberScoop's Greg Otto about the mind shift companies are going to have to embrace if they want to be in tune with GDPR once it goes into effect in May.

Henry Sowell, Technical Director for Hortonworks spoke with CyberScoop on how open source systems allow for that flexibility and scalability, especially at a time where the onslaught of threats has never been greater. Sponsored by Hortonworks. Guest: Henry Sowell, technical director

With millions of indicators contained in threat intelligence data, it's important for analysts to stay focused on worthwhile information that could indicate a data breach for their particular organizations, says Jessica Ferguson, director of security architecture at Alaska Airlines. Sponsored by Anomali. Guest: Jessica Ferguson, director of security architecture

With massive networks at federal government agencies, a workforce clamoring for the ability to work collaboratively and pushes from Congress to move away from legacy systems, cybersecurity is monumental concern. Nearly every federal organization struggles with cost-effective cybersecurity risk management against the backdrop of today’s advanced threats, the shortage of skilled cybersecurity talent, and countless compliance regulations and security mandates. So can agencies fix their problems with adversaries pounding away at their systems every day? Two Cisco executives, Will Ash and Doug Cowan, talked with CyberScoop Managing Editor Greg Otto about the challenges that must be faced when dealing with cybersecurity inside the government, how the change doesn't happen overnight, and what new technologies provide in the way some relief.

Travis Farral, director of security strategy for Anomali, talks about the many benefits of threat intelligence and what is being done to disrupt adversaries through counterintelligence initiatives. Sponsored by Anomali.

Larry Ponemon, chairman and founder of the Ponemon Institute, talks with Wyatt Kash about the growing need for enterprises to leverage the right kind of threat intelligence.