Podcasts about ibm x force iris

What are the top findings from the Cost of a Data Breach Report 2020? Charles DeBeck, a cyber threat intelligence expert with IBM X‑Force IRIS, talks about what drives costs higher for some organizations. "We observed a growing divide between organizations that were well prepared and organizations that weren't," DeBeck says. DeBeck covers more highlights from the report, including top root causes such as cloud misconfiguration and compromised credentials. He also shares what the study found were the most successful security measures for mitigating costs: security automation and incident response readiness. View highlights and download the report: https://www.ibm.com/security/digital-assets/cost-data-breach-report/

"APT groups jump at the chance to take advantage of people's emotions," says Ryan Castillo, an analyst on the threat hunt and discovery team within IBM X‑Force IRIS. One such advanced persistent threat (APT) group has recently been detected mining the "treasure trove of COVID-19 lures" activated by overall uncertainty and misinformation in the face of the global pandemic. Castillo and Joshua Chung, a strategic cyber intel analyst for IBM X-Force IRIS, join the hosts to discuss recent activity from ITG16, a North Korean government state‑sponsored threat group. The conversation covers the threat group's targets and tactics and how they anticipate ITG16 to evolve their operations in the future. Read the full episode transcript on the SecurityIntelligence blog: https://securityintelligence.com/media/recent-activity-from-itg16-a-north-korean-threat-group/

ITG08, which shares overlap with the group FIN6, is a financially motivated threat group known for currently targeting e-commerce platforms. Chris Caridi from IBM's Threat Intelligence Production Team and Ole Villadsen from the Threat Hunt and Discovery team of IBM X-Force IRIS join the hosts to explore research around the threat group. The conversation covers a discussion of advanced persistent threats (APTs); ITG08's tools, techniques and procedures (TTPs); and how organizations can effectively defend their assets against ITG08 and related criminal threat activity.   Learn more about the ITG08 threat group on the SecurityIntelligence blog: https://ibm.biz/BdqzjR

"State and local governments’ IT infrastructure is currently in a state of what we would call transformative change...making information technology now a primary medium for citizens to interact with their local government," explains Claire Zaboeva, an expert in identifying and assessing cyber-based threats for IBM X-Force IRIS. For all the benefits these changes bring, there's a flip side: there are now more vectors for threat actors to conduct malicious activities within government infrastructures.  Why are threat actors targeting state and local governments and how can states protect public infrastructure? Melissa Frydrych, who researches cyber threat intelligence for IBM X-Force IRIS, joins Zaboeva in a conversation about the kinds of preventative measures states are taking to protect everything from citizens to utilities to elections.  For more security stories and to learn more about the research covered in this episode, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

Recovering from a ransomware attack isn't like paying your electric bill; there's no guarantee that the lights suddenly come back on. How, then, should organizations like municipalities and hospitals plan to remediate in the case of a ransomware attack — or better yet, take preventative security measures? Matthew DeFir and Robert Gates, both members of the IBM X-Force IRIS team, share their advice on how organizations can prevent ransomware attacks. They discuss why attackers choose moments when they can apply maximum pressure, the importance of backing up systems, insights into taxpayers' views on ransomware, and why organizations should not pay the ransom. Plus, Pam and David discuss how ransomware has impacted the cities they live in.  For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

What’s the difference between a destructive attack and a traditional breach? “Destructive malware is malicious software that has the capability to render an effective system inoperable and also challenges reconstitution,” explains Charles DeBeck, a senior cyber threat intelligence researcher at IBM X-Force IRIS. A kind of attack originally associated with nation-states, new research suggests an expanding trend in who is employing destructive attacks, and where. Wendi Whitmore, director of the IBM X-Force Threat Intelligence team, says, “The average cost of one of these attacks — a destructive incident versus a traditional breach — is actually 61 times higher.” DeBeck and Whitmore join our hosts for a conversation about the evolution of destructive attacks, how organizations can defend against them, and how to best prepare for remediation. For a further look at trends in destructive attacks, visit SecurityIntelligence.com: https://ibm.co/2OFUHs5

"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a problem." Lateral movement is one way threat actors escalate annoyances into problems. "Lateral movement consists of a series of techniques that enable an adversary to access and control remote systems in a network," Joey Victorino, a consultant for IBM X-Force IRIS, explains. In some cases, all it takes is four seconds for an adversary to pivot across a network. Charles and Joey join Pam to discuss the implications of lateral movement becoming more automated for threat actors; the potential business impact of lateral movement; how to limit the success of a threat actor in an environment; and how security precautions such as multifactor authentication (MFA) can mitigate the impact of lateral movement. For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.

In today's podcast, we hear that Olympic Destroyer exploits EternalRomance and morphs as it moves from machine to machine. Other Olympic hacks are out there, too. The US Intelligence Community tells Congress to expect a more assertive Iran, Russia, and North Korea in cyberspace. They also forecast more election influence operations. General Nakasone has been nominated to succeed Admiral Rogers at NSA and US Cyber Command. Yossi Oren from BGU on two-factor authentication for the disabled. Guest is John Kuhn from IBM X-Force Iris on the uptick in spam around the Valentine’s Day holiday.Coin mining continues to make a nuisance of itself. 

The first half of 2017 passed in a flash, though it may not always have felt that way to members of IBM X-Force Incident Response and Intelligence Services (IRIS). In this podcast, Kevin Albano, X-Force IRIS Global Lead for Threat Intelligence, discusses the major cyber attacks of the past few months, including Shamoon, WannaCry and Petya, and examines some of the trends he and his team have identified so far in 2017. Kevin also make predictions for the months ahead (spoiler alert: ransomware isn't going away) and shares insights into the inner workings of the IRIS team. Download the solution brief [https://ibm.co/2vjhBKI] to learn more about proactively tackling security threats with IBM X-Force IRIS, or visit the X-Force IRIS website [https://ibm.co/2whvrdI] for additional resources.