Podcasts about infrastructure security agency cisa

  • 178PODCASTS
  • 326EPISODES
  • 35mAVG DURATION
  • 1WEEKLY EPISODE
  • May 28, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about infrastructure security agency cisa

Latest podcast episodes about infrastructure security agency cisa

Cyber Security Today
Phishing Scams, DNS Hijacking, and Cybersecurity Leadership Shakeup

Cyber Security Today

Play Episode Listen Later May 28, 2025 11:30 Transcription Available


  In this episode of Cybersecurity Today, host Jim Love explores the intricacies behind phishing emails that cleverly spoof Microsoft addresses, making many fall for scams despite appearing legitimate. Love emphasizes the need for a stringent 'zero trust' approach to counter these advanced tactics. Additionally, the episode delves into the activities of the hacking group Hazy Hawk, which exploits misconfigured DNS records to hijack trusted domains and propagate malware. Organizations are warned about the importance of regular DNS audits to prevent such attacks. The episode also covers the alarming wave of departures at the Cybersecurity and Infrastructure Security Agency (CISA), raising concerns over the agency's effectiveness amid increasing cyber threats. In another segment, Love discusses a sophisticated fraud operation out of Hanoi, where perpetrators manipulated X's Creator Revenue Sharing Program to siphon funds through fraudulent engagement metrics. The need for built-in fraud prevention mechanisms in digital reward systems is stressed. The episode concludes with a call for listener feedback and support. 00:00 Introduction and Overview 00:27 Phishing Scams: Authentic-Looking Emails 02:58 DNS Misconfigurations and Hazy Hawk 05:36 CISA Leadership Exodus 08:16 X's Creator Revenue Sharing Fraud 10:56 Conclusion and Contact Information

Business of Tech
Rise in Remote Work Drives New Ventures; Insurers Address AI Risks as CISA Alters Info Sharing

Business of Tech

Play Episode Listen Later May 13, 2025 13:33


Remote work is driving a significant startup boom, reshaping the IT services market. A recent study indicates that companies with higher levels of remote work during the COVID-19 pandemic have seen a notable increase in employee startups, with an estimated 11.6% of new business formations attributed to this trend. Despite major corporations reinstating return-to-office mandates, remote work adoption in the U.S. has risen from 19.9% in late 2022 to 23.6% in early 2025, highlighting a growing demand for tools and services that support distributed teams. This shift presents both opportunities and challenges for employers, as they risk losing key talent to new ventures while also facing higher employee attrition rates.The insurance industry is beginning to address the risks associated with artificial intelligence (AI) by offering new products to cover potential losses from AI-related errors. Lloyds of London has introduced a policy that protects businesses from legal claims arising from malfunctioning AI systems, reflecting a growing recognition of AI as an operational risk. This development raises important questions about accountability and liability when AI systems fail, as seen in recent incidents involving customer service chatbots. As insurers start to underwrite AI risks, companies must adapt their service level agreements and governance structures to meet new requirements.The Cybersecurity and Infrastructure Security Agency (CISA) has announced a significant change in how it shares information, focusing on urgent alerts related to emerging threats while reducing routine updates. This shift, coupled with budget cuts that could reduce CISA's funding by 17%, raises concerns about the agency's capacity to respond to increasing cyber threats. IT services firms and cybersecurity vendors must adapt to this new landscape, as the responsibility for threat detection and response shifts more towards the private sector. Organizations that previously relied on CISA for support may find themselves facing increased operational risks due to reduced visibility and slower response times.In a related development, Microsoft has extended support for its Office applications on Windows 10 until October 2028, allowing users more time to transition to Windows 11. This decision reflects a broader trend in the technology sector, where companies are adapting their support strategies to meet user needs. By decoupling the upgrade cycles for Windows and Office, Microsoft acknowledges the resistance to forced upgrades and the importance of maintaining enterprise customer relationships. This extension provides IT service providers with additional time for operational planning while emphasizing the ongoing need for modernization in the long term. Four things to know today 00:00 Remote Work Fuels Startup Surge, Alters IT Talent Strategies Amid Growing Demand for Flexibility05:07 From Chatbot Lawsuits to Pontifical Warnings: AI Errors Now Seen as Business and Social Risk07:57 CISA Alert Shift and Budget Cuts Signal Rising Cybersecurity Burden for Private Sector10:08 Office Gets a Lifeline on Windows 10: Microsoft Decouples OS and App Upgrades Through 2028 Supported by: https://syncromsp.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Software Engineering Institute (SEI) Podcast Series
The Best and Brightest: 6 Years of Supporting the President's Cup Cybersecurity Competition

Software Engineering Institute (SEI) Podcast Series

Play Episode Listen Later May 12, 2025 21:40


A strong cyber defense is vital to  public- and private-sector activities in the United States. In 2019, in response to an executive order to strengthen America's cybersecurity workforce, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) partnered with the SEI to develop and run the President's Cup Cybersecurity Competition, a national cyber competition that identifies and rewards the best cybersecurity talent in the federal workforce. In six years, more than 8,000 people have taken part in the President's Cup. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Jarrett Booz, technical lead for the President's Cup, and John DiRicco, a training specialist in the SEI's CERT Division, sit down with Matthew Butkovic, the CERT technical director of cyber risk and resilience, to reflect on six years of hosting the cup, including challenges, lessons learned, the path forward, and publicly available resources.  

The Cybersecurity Defenders Podcast
#212 - Intel Chat: RSA 2025

The Cybersecurity Defenders Podcast

Play Episode Listen Later May 5, 2025 46:46


In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.During a talk at RSA, DHS Secretary Kristi Noem provided an update on the future direction of the Cybersecurity and Infrastructure Security Agency (CISA) under the new Trump administration.During the panel discussion titled “AI and Cyber Defense: Protecting Critical Infrastructure” which brought together federal research leaders to talk about how AI and automation are being leveraged to address mounting cyber risks across the U.S. critical infrastructure landscape. A new report titled The Rise of State-Sponsored Hacktivism provides a detailed analysis of how hacktivist operations have become an increasingly prominent feature of geopolitical cyber conflict.

Business of Tech
Kaseya Launches AI Tools for MSPs; Cybersecurity Updates and New Legislation Impacting Online Safety

Business of Tech

Play Episode Listen Later Apr 30, 2025 13:46


Kaseya has launched a series of AI-driven tools and policy changes at its Connect 2025 event, aimed at enhancing operational efficiencies for IT service providers. The Kaseya 365 Ops platform utilizes AI to help customers improve their operational efficiency, with early users reportedly saving an average of 160 hours per month, equivalent to the productivity of one additional technician. Additionally, Kaseya is introducing free-to-use Datto backup hardware for up to three devices per customer, significantly reducing upfront costs for partners. The relaunch of the Datto Alto 5, a 2TB encrypted backup device offered at the price of a 1TB unit, provides better value and security for small to medium-sized businesses.SentinelOne, Huntress, and Microsoft have also made significant updates in cybersecurity and operational tools. SentinelOne unveiled its next-generation Purple AI Athena release, which automates critical processes such as threat triaging and investigation, while Huntress enhanced its managed identity threat detection and response solution to combat the rising threat of identity-based attacks. Microsoft announced that paid subscriptions will be required for its Windows Server 2025 hotpatching service, which allows administrators to install security updates without rebooting their servers, transitioning to a subscription model after June 30th.Homeland Security Secretary Kristi Noem announced plans to refocus the Cybersecurity and Infrastructure Security Agency (CISA) on protecting critical infrastructure from sophisticated threats, particularly those posed by China. She criticized previous leadership for mission drift and emphasized the need for improved information sharing across government agencies. Additionally, the Take It Down Act has passed the House, mandating social media companies to remove flagged non-consensual sexual images within 48 hours, raising concerns about potential misuse and the impact on smaller platforms.OpenAI has rolled back an update to its GPT-4.0 model due to concerns over overly flattering responses that compromised user trust. The company aims to refine its approach based on long-term user feedback, emphasizing the importance of accuracy and directness in AI interactions, especially for professionals in decision-making roles. This rollback serves as a reminder for IT leaders to ensure that AI-generated communications are truthful and not merely affirming, as the tone of AI can significantly shape trust in client relationships. Four things to know today 00:00 Kaseya Connect 2025: AI Ops Push, Free Backup Hardware, and Fred Voccola's Ongoing Presence Signal Business-as-Usual with a New Toolkit04:14 SentinelOne's AI Analyst, Huntress's Identity Defense, and Microsoft's Paid Patching 07:24 Noem Refocuses CISA on Infrastructure Threats as Congress Advances AI Image Takedown Law10:29 OpenAI Walks Back GPT-4o Update After Sycophantic Shift, Raising Critical Questions for AI Use in IT Services Supported by:  https://getnerdio.com/nerdio-manager-for-msp/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Business of Tech
Zendesk Shifts to Outcome-Based Pricing; CISA Faces Resignations Amid Budget Cuts and Cyber Threats

Business of Tech

Play Episode Listen Later Apr 23, 2025 15:31


Zendesk has made a significant shift in its pricing model by moving away from traditional seat licenses to an outcome-based pricing structure. This change, articulated by CEO Tom Eggemeier, means that customers will only pay when an AI agent successfully resolves a business problem. This approach aligns with a broader industry trend towards consumption-based pricing, where costs are directly linked to the value delivered rather than the number of licenses or usage. As organizations increasingly adopt AI technologies, this model could reshape the software landscape, pushing providers to rethink their value propositions and focus on delivering tangible business outcomes.The Cybersecurity and Infrastructure Security Agency (CISA) is facing challenges as two high-ranking officials resign amid budget cuts that threaten to reduce its workforce by nearly 40%. The agency's Secure by Design initiative, aimed at enhancing software security, may be impacted by these changes, raising concerns about the future of national cybersecurity efforts. Additionally, CISA has halted the use of certain threat-hunting tools, which could further hinder its ability to address cyber threats effectively. The situation highlights the critical need for managed service providers (MSPs) to adapt their business models to incorporate security measures that align with evolving regulatory and customer demands.Kaseya and other companies are introducing AI-driven tools designed to enhance IT management and cybersecurity for managed service providers. Kaseya's Spring 2025 release includes features that automate workflows and improve user experience, while Cork Protection has launched a tool to help MSPs quickly assess cyber insurance policies. These innovations reflect a growing trend in the industry to leverage AI for operational efficiency and improved service delivery. As MSPs adopt these technologies, they can better position themselves to meet client needs and navigate the complexities of cybersecurity.OpenAI has partnered with The Washington Post to enable ChatGPT to summarize and link to the newspaper's reporting, marking a significant development in the relationship between AI and journalism. This collaboration aims to enhance the quality of information provided to users while raising questions about copyright and the reliability of AI-generated content. Despite OpenAI's advancements in research capabilities, concerns remain about the accuracy of AI in complex tasks. The partnership underscores the ongoing tension between the demand for high-quality information and the challenges of integrating AI into content creation and dissemination. Four things to know today 00:00 Zendesk Drops Per-User Pricing—Now It's Pay When AI Gets the Job Done03:56 Cyber Shakeup: CISA Faces Staff Exodus and Tool Loss While Pentagon Tightens Software Security Standards06:52 From Cyber Orchestration to Frontline AI: New Releases Highlight MSP-Centric Innovation Across the Ecosystem10:35 As OpenAI Partners with Major Newsrooms, Benchmark Reveals Deep Research Still Struggles with Accuracy  Supported by: https://timezest.com/mspradio/ https://www.huntress.com/mspradio/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Business of Tech
CVE Program Saved, CISA Nomination Blocked, OpenAI's AI Models Released, SolarWinds Goes Private

Business of Tech

Play Episode Listen Later Apr 17, 2025 14:58


The U.S. government has renewed funding for the Common Vulnerabilities and Exposures (CVE) Program, a critical database for tracking cybersecurity flaws, just hours before its funding was set to expire. Established 25 years ago, the CVE program assigns unique identifiers to security vulnerabilities, facilitating consistent communication across the cybersecurity landscape. The renewal of funding comes amid concerns that without it, new vulnerabilities could go untracked, posing risks to national security and critical infrastructure. In response to the funding uncertainty, two initiatives emerged: the CVE Foundation, a nonprofit aimed at ensuring the program's independence, and the Global CVE Allocation System, a decentralized platform introduced by the European Union.In addition to the CVE funding situation, Oregon Senator Ron Wyden has blocked the nomination of Sean Planky to lead the Cybersecurity and Infrastructure Security Agency (CISA) due to the agency's refusal to release a crucial unclassified report from 2022. This report details security issues within U.S. telecommunications companies, which Wyden claims represent a multi-year cover-up of negligent cybersecurity practices. The senator argues that the public deserves access to this information, especially in light of recent cyber threats, including the SALT typhoon hack that compromised sensitive communications.The cybersecurity landscape is further complicated by significant layoffs at CISA, which could affect nearly 40% of its workforce, potentially weakening U.S. national security amid rising cyber threats. Recent cuts have already impacted critical personnel, including threat hunters, which could hinder the agency's ability to share vital threat intelligence with the private sector. Meanwhile, the Defense Digital Service at the Pentagon is facing a mass resignation of nearly all its staff, following pressure from the Department of Government Efficiency, which could effectively shut down the program designed to accelerate technology adoption during national security crises.On the technology front, OpenAI has released new AI reasoning models, O3 and O4 Mini, but notably did not provide a safety report for the new GPT-4.1 model, raising concerns about transparency and accountability in AI development. The lack of a safety report is particularly alarming as AI systems become more integrated into client-facing tools. Additionally, SolarWinds Corporation has been acquired by Ternerva Capital, prompting managed service providers (MSPs) to reassess their dependencies on SolarWinds products and consider the implications for product roadmaps and support guarantees. Four things to know today 00:00 From Panic to Pivot: U.S. Saves CVE Program at the Eleventh Hour04:17 A Cybersecurity Meltdown: One Senator Blocks, Another Leader Quits, and a Whole Pentagon Team Walks Out08:54 OpenAI Just Leveled Up AI Reasoning—But Left Out the Fine Print11:45 SolarWinds Is Private Again: What That Means for MSPs Watching the Roadmap  Supported by:  https://www.huntress.com/mspradio/ https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship   Join Dave April 22nd to learn about Marketing in the AI Era.  Signup here:  https://hubs.la/Q03dwWqg0 All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

The Gate 15 Podcast Channel
Weekly Security Sprint EP 107. Hacktivism, Nation-states, and political violence

The Gate 15 Podcast Channel

Play Episode Listen Later Apr 16, 2025 29:04


In this week's Security Sprint Andy and Hunter talk about the following topics:Warm Open:• How Healthcare Facilities Can Be Truly Disaster-Resilient. Healthcare Facilities Today spoke with Jon Crosson, director of health sector resilience at Health-ISAC, on what makes a solid resiliency program for healthcare facilities, the importance of real-time information sharing and how healthcare facility managers can use partnerships to improve response and recovery efforts. • Healthcare cybersecurity needs a total overhaul, by Errol Weiss, Chief Security Officer, Health-ISAC• Addressing Risks from Chris Krebs and Government Censorshipo Fact Sheet: President Donald J. Trump Addresses Risks from Chris Krebs and Government Censorshipo Trump Revenge Tour Targets Cyber Leaders, Electionso Gate 15: Cybersecurity & Infrastructure Security: Time to Make This Happen, December 15, 2017 Following the House of Representatives, the US Senate needs to approve the re-designation of DHS's National Protection and Programs Directorate (NPPD) to become the Cybersecurity and Infrastructure Security Agency (CISA); The President should nominate, and the Senate should confirm, Christopher Krebs as Under Secretary for NPPD and then as the first Director of National Cybersecurity and Infrastructure Security.Main Topics: Hacktivism & Nation-State Influence• CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide• IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities• Top 10 Advanced Persistent Threat (APT) Groups That Dominated 2024• The rising tide: A 2024 retrospective of hacktivismPolitical Violence, Executive Protection• ‘Save the white race': Teen who gunned down his parents was plotting a ‘political revolution' that included ‘getting rid of' President Trump, police say• Pennsylvania Man Charged with Making Threats to Assault and Murder President Donald J. Trump, Other U.S. Officials, and Immigration and Customs Enforcement Agents & ‘Going to assassinate him myself': Man ‘buying 1 gun a month since the election' threatened to kill Trump in multiple YouTube comments under name ‘Mr Satan,' FBI says• Suspect in custody after overnight arson at Pennsylvania Gov. Josh Shapiro's residenceo Was Cody Balmer 'Upset' With Gov Josh Shapiro Over Property Seizure? o Harrisburg man to be charged with attempted murder of Gov. Josh Shapiro for setting fire to official residenceo Suspect in arson at Pennsylvania Gov. Josh Shapiro's residence planned to beat him, documents sayo Suspected arsonist Cody Balmer accused of firebombing Gov. Shapiro's home shared disturbing photos onlineo Cody Balmer's Social Media Reveals Anti-Joe Biden Posts• Protect Democracy: How does Gen Z really feel about democracy? 11% believe that it political violence is sometimes necessary to achieve progress.• Arrest made at UnitedHealthcare headquarters after reports of an intruder Quick Hits:• Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit• 8 April 2025 NCSC, FBI, DCSA bulletin – Online Targeting of Current & Former U.S. Government Employees. • FAA Drone Detection Testing. The FAA will conduct drone-detection testing in Cape May, New Jersey, between April 14-25. • Top homeland security lawmaker calls for cautious cuts to CISA• CISA cuts: ‘Open season' for US? • Senator puts hold on Trump's nominee for CISA director, citing telco security ‘cover up' • OCC Notifies Congress of Incident Involving Email Systemo Treasury bureau notifies Congress that email hack was a ‘major' cybersecurity incidento Hackers lurked in Treasury OCC's systems since June 2023 breach• US Cyber Command: Posture Statement of Lieutenant General William J. Hartman

Cyber Bites
Cyber Bites - 11th April 2025

Cyber Bites

Play Episode Listen Later Apr 10, 2025 7:45


* Cyber Attacks Target Multiple Australian Super Funds, Half Million Dollars Stolen* Intelligence Agencies Warn of "Fast Flux" Threat to National Security* SpotBugs Token Theft Revealed as Origin of Multi-Stage GitHub Supply Chain Attack* ASIC Secures Court Orders to Shut Down 95 "Hydra-Like" Scam Companies* Oracle Acknowledges "Legacy Environment" Breach After Weeks of DenialCyber Attacks Target Multiple Australian Super Funds, Half Million Dollars Stolenhttps://www.itnews.com.au/news/aussie-super-funds-targeted-by-fraudsters-using-stolen-creds-616269https://www.abc.net.au/news/2025-04-04/superannuation-cyber-attack-rest-afsa/105137820Multiple Australian superannuation funds have been hit by a wave of cyber attacks, with AustralianSuper confirming that four members have lost a combined $500,000 in retirement savings. The nation's largest retirement fund has reportedly faced approximately 600 attempted cyber attacks in the past month alone.AustralianSuper has now confirmed that "up to 600" of its members were impacted by the incident. Chief member officer Rose Kerlin stated, "This week we identified that cyber criminals may have used up to 600 members' stolen passwords to log into their accounts in attempts to commit fraud." The fund has taken "immediate action to lock these accounts" and notify affected members.Rest Super has also been impacted, with CEO Vicki Doyle confirming that "less than one percent" of its members were affected—equivalent to fewer than 20,000 accounts based on recent membership reports. Rest detected "unauthorised activity" on its member access portal "over the weekend of 29-30 March" and "responded immediately by shutting down the member access portal, undertaking investigations and launching our cyber security incident response protocols."While Rest stated that no member funds were transferred out of accounts, "limited personal information" was likely accessed. "We are in the process of contacting impacted members to work through what this means for them and provide support," Doyle said.HostPlus has confirmed it is "actively investigating the situation" but stated that "no HostPlus member losses have occurred" so far. Several other funds including Insignia and Australian Retirement were also reportedly affected.Members across multiple funds have reported difficulty accessing their accounts online, with some logging in to find alarming $0 balances displayed. The disruption has caused considerable anxiety among account holders.National cyber security coordinator Lieutenant General Michelle McGuinness confirmed that "cyber criminals are targeting individual account holders of a number of superannuation funds" and is coordinating with government agencies and industry stakeholders in response. The Australian Prudential Regulation Authority (APRA) and Australian Securities and Investments Commission (ASIC) are engaging with all potentially impacted funds.AustralianSuper urged members to log into their accounts "to check that their bank account and contact details are correct and make sure they have a strong and unique password that is not used for other sites." The fund also noted it has been working with "the Australian Signals Directorate, the National Office of Cyber Security, regulators and other authorities" since detecting the unauthorised access.If you're a member of any of those funds, watch for official communications and be wary of potential phishing attempts that may exploit the situation.Intelligence Agencies Warn of "Fast Flux" Threat to National Securityhttps://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/fast-flux-national-security-threatMultiple intelligence agencies have issued a joint cybersecurity advisory warning organizations about a significant defensive gap in many networks against a technique known as "fast flux." The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), FBI, Australian Signals Directorate, Canadian Centre for Cyber Security, and New Zealand National Cyber Security Centre have collaborated to raise awareness about this growing threat.Fast flux is a domain-based technique that enables malicious actors to rapidly change DNS records associated with a domain, effectively concealing the locations of malicious servers and creating resilient command and control infrastructure. This makes tracking and blocking such malicious activities extremely challenging for cybersecurity professionals."This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection," states the advisory. Threat actors employ two common variants: single flux, where a single domain links to numerous rotating IP addresses, and double flux, which adds an additional layer by frequently changing the DNS name servers responsible for resolving the domain.The advisory highlights several advantages that fast flux networks provide to cybercriminals: increased resilience against takedown attempts, rendering IP blocking ineffective due to rapid address turnover, and providing anonymity that complicates investigations. Beyond command and control communications, fast flux techniques are also deployed in phishing campaigns and to maintain cybercriminal forums and marketplaces.Notably, some bulletproof hosting providers now advertise fast flux as a service differentiator. One such provider boasted on a dark web forum about protecting clients from Spamhaus blocklists through easily enabled fast flux capabilities.The advisory recommends organizations implement a multi-layered defense approach, including leveraging threat intelligence feeds, analyzing DNS query logs for anomalies, reviewing time-to-live values in DNS records, and monitoring for inconsistent geolocation. It also emphasizes the importance of DNS and IP blocking, reputation filtering, enhanced monitoring, and information sharing among cybersecurity communities."Organizations should not assume that their Protective DNS providers block malicious fast flux activity automatically, and should contact their providers to validate coverage of this specific cyber threat," the advisory warns.Intelligence agencies are urging all stakeholders—both government and providers—to collaborate in developing scalable solutions to close this ongoing security gap that enables threat actors to maintain persistent access to compromised systems while evading detection.SpotBugs Token Theft Revealed as Origin of Multi-Stage GitHub Supply Chain Attackhttps://unit42.paloaltonetworks.com/github-actions-supply-chain-attack/Security researchers have traced the sophisticated supply chain attack that targeted Coinbase in March 2025 back to its origin point: the theft of a personal access token (PAT) associated with the popular open-source static analysis tool SpotBugs.Palo Alto Networks Unit 42 revealed in their latest update that while the attack against cryptocurrency exchange Coinbase occurred in March 2025, evidence suggests the malicious activity began as early as November 2024, demonstrating the attackers' patience and methodical approach."The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs," Unit 42 explained. This initial compromise allowed the threat actors to move laterally between repositories until gaining access to reviewdog, another open-source project that became a crucial link in the attack chain.Investigators determined that the SpotBugs maintainer was also an active contributor to the reviewdog project. When the attackers stole this maintainer's PAT, they gained the ability to push malicious code to both repositories.The breach sequence began when attackers pushed a malicious GitHub Actions workflow file to the "spotbugs/spotbugs" repository using a disposable account named "jurkaofavak." Even more concerning, this account had been invited to join the repository by one of the project maintainers on March 11, 2025 – suggesting the attackers had already compromised administrative access.Unit 42 revealed the attackers exploited a vulnerability in the repository's CI/CD process. On November 28, 2024, the SpotBugs maintainer modified a workflow in the "spotbugs/sonar-findbugs" repository to use their personal access token while troubleshooting technical difficulties. About a week later, attackers submitted a malicious pull request that exploited a GitHub Actions feature called "pull_request_target," which allows workflows from forks to access secrets like the maintainer's PAT.This compromise initiated what security experts call a "poisoned pipeline execution attack" (PPE). The stolen credentials were later used to compromise the reviewdog project, which in turn affected "tj-actions/changed-files" – a GitHub Action used by numerous organizations including Coinbase.One puzzling aspect of the attack is the three-month delay between the initial token theft and the Coinbase breach. Security researchers speculate the attackers were carefully monitoring high-value targets that depended on the compromised components before launching their attack.The SpotBugs maintainer has since confirmed the stolen PAT was the same token later used to invite the malicious account to the repository. All tokens have now been rotated to prevent further unauthorized access.Security experts remain puzzled by one aspect of the attack: "Having invested months of effort and after achieving so much, why did the attackers print the secrets to logs, and in doing so, also reveal their attack?" Unit 42 researchers noted, suggesting there may be more to this sophisticated operation than currently understood.ASIC Secures Court Orders to Shut Down 95 "Hydra-Like" Scam Companieshttps://asic.gov.au/about-asic/news-centre/find-a-media-release/2025-releases/25-052mr-asic-warns-of-threat-from-hydra-like-scammers-after-obtaining-court-orders-to-shut-down-95-companies/The Australian Securities and Investments Commission (ASIC) has successfully obtained Federal Court orders to wind up 95 companies suspected of involvement in sophisticated online investment and romance baiting scams, commonly known as "pig butchering" schemes.ASIC Deputy Chair Sarah Court warned consumers to remain vigilant when engaging with online investment websites and mobile applications, describing the scam operations as "hydra-like" – when one is shut down, two more emerge in its place."Scammers will use every tool they can think of to steal people's money and personal information," Court said. "ASIC takes action to frustrate their efforts, including by prosecuting those that help facilitate their conduct and taking down over 130 scam websites each week."The Federal Court granted ASIC's application after the regulator discovered most of the companies had been incorporated using false information. Justice Stewart described the case for winding up each company as "overwhelming," citing a justifiable lack of confidence in their conduct and management.ASIC believes many of these companies were established to provide a "veneer of credibility" by purporting to offer genuine services. The regulator has taken steps to remove numerous related websites and applications that allegedly facilitated scam activity by tricking consumers into making investments in fraudulent foreign exchange, digital assets, or commodities trading platforms.In some cases, ASIC suspects the companies were incorporated using stolen identities, highlighting the increasingly sophisticated techniques employed by scammers. These operations often create professional-looking websites and applications designed to lull victims into a false sense of security.The action represents the latest effort in ASIC's ongoing battle against investment scams. The regulator reports removing approximately 130 scam websites weekly, with more than 10,000 sites taken down to date – including 7,227 fake investment platforms, 1,564 phishing scam hyperlinks, and 1,257 cryptocurrency investment scams.Oracle Acknowledges "Legacy Environment" Breach After Weeks of Denialhttps://www.bloomberg.com/news/articles/2025-04-02/oracle-tells-clients-of-second-recent-hack-log-in-data-stolenOracle has finally admitted to select customers that attackers breached a "legacy environment" and stole client credentials, according to a Bloomberg report. The tech giant characterized the compromised data as old information from a platform last used in 2017, suggesting it poses minimal risk.However, this account conflicts with evidence provided by the threat actor from late 2024 and posted records from 2025 on a hacking forum. The attacker, known as "rose87168," listed 6 million data records for sale on BreachForums on March 20, including sample databases, LDAP information, and company lists allegedly stolen from Oracle Cloud's federated SSO login servers.Oracle has reportedly informed customers that cybersecurity firm CrowdStrike and the FBI are investigating the incident. According to cybersecurity firm CybelAngel, Oracle told clients that attackers gained access to the company's Gen 1 servers (Oracle Cloud Classic) as early as January 2025 by exploiting a 2020 Java vulnerability to deploy a web shell and additional malware.The breach, detected in late February, reportedly involved the exfiltration of data from the Oracle Identity Manager database, including user emails, hashed passwords, and usernames.When initially questioned about the leaked data, Oracle firmly stated: "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data." However, cybersecurity expert Kevin Beaumont noted this appears to be "wordplay," explaining that "Oracle rebadged old Oracle Cloud services to be Oracle Classic. Oracle Classic has the security incident." This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

Forbes Daily Briefing
‘Someone Should Be In Jail': Trump Cybersecurity Officials Stunned By Signal Leak

Forbes Daily Briefing

Play Episode Listen Later Mar 26, 2025 4:39


Cybersecurity and Infrastructure Security Agency (CISA) staff tell Forbes they're stunned by the leak, amid calls for heads to roll. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Business of Tech
Google Acquires Wiz for $32B, CISA Reinstates Laid-Off Workers, Cloudflare Launches Threat Platform

Business of Tech

Play Episode Listen Later Mar 19, 2025 11:25


Google has officially confirmed its acquisition of cloud security firm Wiz for a staggering $32 billion, marking the largest deal in the company's history. This strategic move aims to bolster Google Cloud's security and multi-cloud capabilities, especially as the demand for cloud security intensifies. Wiz, founded in 2020, has quickly gained traction, serving nearly half of the Fortune 100 companies and projecting a significant increase in annual recurring revenue. However, the acquisition comes with risks, including potential regulatory scrutiny and a substantial reverse termination fee, reflecting the challenges Google may face in integrating Wiz into its existing cloud infrastructure.In a related development, the Cybersecurity and Infrastructure Security Agency (CISA) is working to contact over 130 former employees after a federal court ruled their layoffs were unlawful. This decision is part of a broader legal challenge against workforce cuts made during the Trump administration. The reinstated employees will receive full pay and benefits while on administrative leave, but the agency has already lost a significant portion of its workforce, raising concerns about its ability to combat cyber threats effectively. The situation highlights the ongoing challenges faced by CISA in maintaining a capable workforce amid increasing cyberattacks.Cloudflare has launched a new threat events platform called Cloudforce One, designed to enhance real-time intelligence on cyberattacks. This platform leverages Cloudflare's extensive global network, which has blocked billions of cyber threats daily. Additionally, Logic Monitor has partnered with Amazon Web Services to facilitate the migration of VMware workloads to AWS, aiming to optimize cloud performance for global enterprises. Meanwhile, RingCentral has introduced several AI features to improve business communications, including a virtual assistant for managing inbound calls and tools for real-time knowledge retrieval.Lastly, a London court held a secret hearing regarding Apple's appeal against a UK government order to create a backdoor in its encrypted cloud storage systems. This case raises significant concerns about government surveillance, encryption, and data privacy, with potential global implications for cloud security and regulatory compliance. Civil rights organizations have criticized the secrecy of the proceedings, emphasizing the importance of strong encryption in protecting individuals from harassment and oppression. The outcome of this case could have far-reaching effects on the balance between security and privacy in the digital age. Four things to know today 00:00 Google's Biggest Deal Ever: $32B on Wiz to Secure the Cloud. Will It Work?03:25 CISA Scrambles to Contact Wrongfully Laid-Off Employees Amid Cybersecurity Workforce Strain05:27 Cloudflare, AWS, and RingCentral Drop Major Updates07:39 UK Court Holds Secret Hearing on Apple's Encryption Backdoor Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorshiphttps://www.huntress.com/mspradio/ Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Reimagining Cyber
The CISA Shake-Up: What It Means for Cybersecurity - Ep 141

Reimagining Cyber

Play Episode Listen Later Mar 19, 2025 10:57


Significant changes are underway at the Cybersecurity and Infrastructure Security Agency (CISA), and the cybersecurity community is paying close attention. In this episode, we break down the recent funding cuts, layoffs, and restructuring efforts that could reshape the agency's mission—and potentially impact national cybersecurity.Join Rob Aragao as he analyzes:

The Cybersecurity Defenders Podcast
#202 - Intel Chat: CISA, BianLian (not), Crafty Camel, Github malvertising & SCADA

The Cybersecurity Defenders Podcast

Play Episode Listen Later Mar 14, 2025 38:28


In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of the LimaCharlie community.The Cybersecurity and Infrastructure Security Agency (CISA) is facing significant operational challenges as budget constraints force it to scale back key cybersecurity programs.Scammers are taking a new approach to extortion by mailing physical ransom letters to victims, claiming to be the operators of the BianLian ransomware group.A newly identified advanced persistent threat (APT) group, dubbed "Crafty Camel," has been targeting aviation operational technology (OT) systems using a sophisticated technique involving polyglot files. A new malvertising campaign is leveraging deceptive online ads to distribute information-stealing malware hosted on GitHub, highlighting an ongoing evolution in cybercriminal tactics.Security researchers have disclosed details of multiple vulnerabilities in Supervisory Control and Data Acquisition (SCADA) systems that could be exploited to facilitate attacks on industrial environments.

Business of Tech
CISA Layoffs, AI Chatbots in Government, and Utah's Age Verification Law: Tech Policy Updates

Business of Tech

Play Episode Listen Later Mar 12, 2025 16:15


Former Trump administration cybersecurity official Sean Planky has been nominated to lead the Cybersecurity and Infrastructure Security Agency (CISA). His nomination comes amid significant layoffs at the agency, where over 100 employees were let go, including key members of the Red Team responsible for simulating cyberattacks. These cuts raise concerns about CISA's ability to maintain cybersecurity amid ongoing federal budget constraints, potentially leading to increased threats in the private sector as federal infrastructure and intelligence sharing weaken.In the realm of artificial intelligence, the General Services Administration (GSA) has introduced a custom chatbot named GSAI to automate various government tasks, coinciding with significant job cuts within the agency. While the chatbot aims to enhance efficiency, internal memos have warned employees against inputting sensitive information. This trend reflects a broader movement in the federal government towards tech-driven workforce reductions, raising questions about data privacy and the reliability of AI tools in government operations.Utah has made headlines by passing legislation requiring App Store operators to verify the ages of users and obtain parental consent for minors downloading apps. This law, aimed at enhancing online safety for children, has garnered support from major tech companies but has also faced criticism regarding potential infringements on privacy rights. The Supreme Court is expected to examine age verification issues, particularly concerning adult content websites, highlighting the ongoing debate over online safety regulations.The podcast also discusses the competitive landscape of AI, with Google reporting continued growth in search queries despite the rise of ChatGPT. New benchmarks have been developed to measure the honesty of AI models, revealing that larger models do not necessarily correlate with higher honesty rates. As companies like Microsoft and Amazon introduce advanced AI tools, the implications for businesses are significant, emphasizing the need for oversight and governance in AI deployment to mitigate risks associated with inaccuracies and compliance issues. Three things to know today00:00 Cybersecurity Jobs Cut, AI Hired, and Kids Get ID'd—Welcome to the Future of Tech Policy05:45 ChatGPT Isn't Killing Google Search—And AI Lies More Than You'd Think08:27 Microsoft and OpenAI: A Rocky Relationship, While AI Prices Tumble Supported by:  https://getflexpoint.com/msp-radio/  Event: https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

RunAs Radio
Secure by Design with Karinne Bessette

RunAs Radio

Play Episode Listen Later Mar 5, 2025 40:04


What does it mean to be secure by design? Richard chats with Karinne Bessette about the scope of the problem around making more secure software. Karinne talks about the US government's Cybersecurity and Infrastructure Security Agency (CISA) push to promote more secure software products. The conversation digs into some of the more famous exploits in recent years and some of the challenges of dealing with development tools that require super-user privileges, getting security testing done promptly and responding to exploits effectively when they happen.LinksWomen in TeamsCISA Secure by DesignAzure Kubernetes ServiceMicrosoft Security Response CenterRecorded February 21, 2025

Business of Tech
U.S. Cyber Policy Shift: MSPs Face New Threats, Talent Retention Challenges, and IPO Market Decline

Business of Tech

Play Episode Listen Later Mar 4, 2025 13:42


U.S. Cyber Command has been ordered to halt all planning against Russia, marking a significant shift in the country's cyber policy. This decision, directed by Defense Secretary Pete Hedgeset, comes as the focus of U.S. cybersecurity efforts pivots away from Russia and towards threats from China and other adversaries. Reports indicate that this change has raised concerns about potential vulnerabilities, especially as Russian cybercriminal groups remain active. The Cybersecurity and Infrastructure Security Agency (CISA) has denied claims that it is reducing its focus on Russian threats, asserting its commitment to defending against all cyber threats to U.S. critical infrastructure.The podcast also discusses the challenges faced by IT service providers in retaining new talent. A recent report highlights that employees with one to three years of experience have a significantly higher churn rate compared to their more experienced counterparts. This situation underscores the need for managed service providers (MSPs) to enhance their onboarding processes, career progression paths, and workplace culture to improve employee retention. Additionally, the limited role of remote work in the industry suggests that MSPs must compete on factors beyond salary, such as workplace environment and benefits.Furthermore, the episode touches on the financial performance of Enable, a key player in the MSP software market. Despite reporting a year-over-year revenue growth of 7% and transitioning a significant portion of its revenue to annual contracts, Enable's stock price plummeted by over 25% following its earnings call. Analysts have adjusted their price targets downward, indicating a lack of confidence in the market for MSP-focused software companies. This trend suggests that the dream of an IPO resurgence for such companies may be fading, with a shift towards private equity consolidation becoming more prevalent.Finally, the podcast emphasizes the importance of resilience, vendor risk management, and strategic alignment for MSPs in light of these market dynamics. As the landscape evolves, providers are encouraged to focus on enhancing their cybersecurity offerings and adapting to regulatory changes. The episode concludes with a reminder for MSPs to be proactive in their approach to business, as the days of passive compliance are over, and security and regulation are becoming critical factors in the IT services industry. Three things to know today 00:00 U.S. Cyber Policy Shifts—Providers May Need to Step Up as Government Focus Changes05:27 IT Service Providers Are Hiring—But Can They Keep Their New Talent?08:25 MSP IPOs? The Market Says No—N-able's Stock Drop Tells the Story Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/  Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

The Shared Security Show
Cybersecurity Impact of DOGE, Apple’s Stand Against Encryption Backdoors

The Shared Security Show

Play Episode Listen Later Mar 3, 2025 23:55


In this episode, Kevin and Tom discuss current events including the latest developments with DOGE and the significant changes happening at the Cybersecurity and Infrastructure Security Agency (CISA). They also touch on Apple's decision to refuse creating backdoors for encryption, setting a new precedent in digital security. Tune in for an insightful discussion on the […] The post Cybersecurity Impact of DOGE, Apple's Stand Against Encryption Backdoors appeared first on Shared Security Podcast.

Business of Tech
AI's Role in Cybersecurity: Insider Threats, Phishing Scams, and Deepfake Risks with Bryant G. Tow

Business of Tech

Play Episode Listen Later Feb 22, 2025 35:35


The episode delves into the impact of artificial intelligence (AI) on cybersecurity, particularly focusing on the rise of AI-driven phishing attacks. Bryant G. Tow, Chief Security Officer at LeapFrog Services, discusses how cybercriminals are leveraging generative AI to create more convincing phishing schemes, which can lead to identity theft. Despite the advancements in attack methods, Tao emphasizes that the fundamental defenses against these threats remain unchanged. He highlights the importance of understanding the evolving landscape of cyber threats and the necessity for organizations to adapt their security measures accordingly. Tow elaborates on the concept of an "arms race" in cybersecurity, where defenders must continuously improve their strategies to keep pace with increasingly sophisticated attacks. He points out that while phishing remains a common entry point for cyber threats, the use of AI is transforming these attacks into more personalized and effective schemes. The conversation shifts to the implications of deepfake technology, which can create realistic impersonations of individuals, further complicating the security landscape. Tao warns that the ability to produce convincing deepfake videos and audio can lead to significant risks for organizations. The discussion also touches on the challenges of insider threats, particularly when employees intentionally disregard security policies. Tao stresses the importance of establishing clear acceptable use policies and implementing a zero-trust framework to mitigate these risks. He notes that most insider threats are accidental, but organizations must be prepared to address malicious actions as well. Effective governance, training, and monitoring are essential components in managing insider threats and ensuring compliance with security protocols. Finally, the episode highlights the evolving role of government agencies like the Cybersecurity and Infrastructure Security Agency (CISA) in addressing cybersecurity challenges. Tow reflects on recent changes in leadership and the potential for new perspectives on cybersecurity governance. He expresses hope that the shift in focus will lead to more accessible resources and support for organizations navigating the complex landscape of cyber threats. The conversation underscores the need for continuous adaptation and vigilance in the face of emerging technologies and evolving attack methods. All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Virtual Sentiments
Kris Rose on Deliberative Democracy and Meta's Community Forums

Virtual Sentiments

Play Episode Listen Later Jan 29, 2025 72:33


Season 3 is here!On this episode of Virtual Sentiments, host Kristen Collins interview Kris Rose on deliberative democracy and Meta's community forums. Kris discusses Meta's efforts to incorporate public input into decision-making through the Oversight Board and Community Forums. The Oversight Board, an independent body with binding authority over content moderation decisions, provides external accountability, while Community Forums proactively engage users on emerging technologies and policies. In particular, they focus on Meta's Generative AI Community Forum, held in the US, Germany, Spain, and Brazil, which aimed to gather diverse perspectives on the principles that should guide AI development and use. Kristen also raises several concerns including selection biases, lacking transparency, and the potential influence of political pressures on corporate decision-making.**This conversation was recorded in August 2024Kris Rose is a Governance Director at Meta, where he works across the company to drive thought on emerging trends at the intersection of technology, society, and governance. He also leads the team's community governance work, including community forums and other pilots focused on empowering user voice in the company's decision making. Prior to this role, Kris helped launch the company's Oversight Board, served as a geopolitical analyst at the Central Intelligence Agency for a decade—to include a secondment as the President's Daily Brief (PDB) briefer to then US Vice President Mike Pence—and most recently served as a Senior Advisor at the Cybersecurity & Infrastructure Security Agency (CISA) during the Biden administration. Kris holds a Master's in Public Policy from Georgetown University and is a Term Member with the Council on Foreign Relations.Read more work from Kristen Collins.Notes: Stanford University's Deliberative Democracy Lab's Deliberative Polling MethodologyMeta's 2023 Community Forum on Generative AI, conducted in collaboration with Stanford University's Deliberative Democracy Lab and the Behavioral Insights TeamMeta's January 7, 2025 Policy AnnouncementMeta's Transparency ReportsIf you like the show, please subscribe, leave a 5-star review, and tell others about the show! We're available on Apple Podcasts, Spotify, Amazon Music, and wherever you get your podcasts.Follow the Hayek Program on Twitter: @HayekProgramLearn more about Academic & Student ProgramsFollow the Mercatus Center on Twitter: @mercatus

Insights Into Things
Insights Into Technology: Episode 16 "AI, Lies and Cyber Spies" (AUDIO)

Insights Into Things

Play Episode Listen Later Jan 24, 2025 61:38 Transcription Available


In episode 16 of Insights into Technology, host Joseph Whelan dives into the week's top tech news, uncovering the complexities and controversies surrounding cybersecurity and AI developments. In a rapidly evolving digital landscape, the episode explores the implications of political decisions, such as Kristi Noem's stance on disinformation and the administration's impact on the Cybersecurity and Infrastructure Security Agency (CISA). The discussion also delves into the world of cyber threats, as Hewlett Packard Enterprise investigates a potential data breach and Zendesk faces vulnerabilities exploited for phishing attacks. With a focus on enterprise security, the episode examines how businesses can adapt to changing cybersecurity challenges. Finally, the episode touches on groundbreaking innovations and regulatory dynamics, highlighting the tension between innovation and regulation in AI development. From AI-powered pricing scrutiny by the FTC to massive private sector investments in AI infrastructure under Trump's administration, the podcast navigates the critical intersections of technology, policy, and enterprise risk.

Insights Into Things
Insights Into Technology: Episode 16 "AI, Lies and Cyber Spies" (VIDEO)

Insights Into Things

Play Episode Listen Later Jan 24, 2025 65:18


In episode 16 of Insights into Technology, host Joseph Whelan dives into the week's top tech news, uncovering the complexities and controversies surrounding cybersecurity and AI developments. In a rapidly evolving digital landscape, the episode explores the implications of political decisions, such as Kristi Noem's stance on disinformation and the administration's impact on the Cybersecurity and Infrastructure Security Agency (CISA). The discussion also delves into the world of cyber threats, as Hewlett Packard Enterprise investigates a potential data breach and Zendesk faces vulnerabilities exploited for phishing attacks. With a focus on enterprise security, the episode examines how businesses can adapt to changing cybersecurity challenges. Finally, the episode touches on groundbreaking innovations and regulatory dynamics, highlighting the tension between innovation and regulation in AI development. From AI-powered pricing scrutiny by the FTC to massive private sector investments in AI infrastructure under Trump's administration, the podcast navigates the critical intersections of technology, policy, and enterprise risk.

RIMScast
Cyberrisk Trends in 2025 with Tod Eberle of Shadowserver

RIMScast

Play Episode Listen Later Jan 21, 2025 35:23


Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware.   Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers.  [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Tod Eberle, Shadowserver Foundation   Production and engineering provided by Podfly.  

Aperture: A Claroty Podcast
CISA's Matthew Rogers on Secure by Demand for OT

Aperture: A Claroty Podcast

Play Episode Listen Later Jan 19, 2025 39:23


Matthew Rogers, ICS Cybersecurity Strategy & R&D Lead at the Cybersecurity & Infrastructure Security Agency (CISA) joins the Nexus Podcast to discuss the agency's latest publication: “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products.” This guide features 12 cybersecurity recommendations that OT owners and operators should be looking for during procurement cycles with automation and control system vendors. Read Claroty's blog on the guide.Listen to every episode of the Nexus Podcast here. 

@BEERISAC: CPS/ICS Security Podcast Playlist
CISA's Matthew Rogers on Secure by Demand for OT

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jan 19, 2025 39:23


Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: CISA's Matthew Rogers on Secure by Demand for OTPub date: 2025-01-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMatthew Rogers, ICS Cybersecurity Strategy & R&D Lead at the Cybersecurity & Infrastructure Security Agency (CISA) joins the Nexus Podcast to discuss the agency's latest publication: “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products.” This guide features 12 cybersecurity recommendations that OT owners and operators should be looking for during procurement cycles with automation and control system vendors. Read Claroty's blog on the guide.Listen to every episode of the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Business of Tech
FBI Strikes Back: The Takedown of PlugX Malware and LockBit's Struggles

Business of Tech

Play Episode Listen Later Jan 15, 2025 12:29


The FBI successfully hacked approximately 4,200 computers across the U.S. to eliminate the PlugX malware, which has been a tool for state-sponsored hackers in China since 2012. This operation, conducted in collaboration with French law enforcement, marks a proactive approach to combating cyber threats and underscores the importance of government intervention in mitigating advanced persistent threats.Sobel also discusses the ongoing struggles of the LockBit cybercriminal organization following a major takedown last year. The U.S. Justice Department's efforts to dismantle LockBit's infrastructure have left the group reeling, with a significant reduction in their operational capacity. This case serves as a powerful example of how coordinated law enforcement actions can disrupt ransomware-as-a-service operations, providing IT providers with a narrative to educate clients on effective ransomware defense strategies.The episode further explores the dual pressures faced by Chief Information Security Officers (CISOs) regarding the adoption of generative artificial intelligence (AI). While a majority of C-suite executives recognize the potential benefits of generative AI, they also express deep concerns about the associated security risks. The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new initiative aimed at addressing these vulnerabilities, emphasizing the need for effective risk management strategies as companies increasingly integrate AI technologies into their operations.Finally, Sobel highlights the recent developments from Gradient MSP and Citricom, both of which are addressing critical pain points for managed service providers (MSPs). Gradient MSP has launched a Managed Billing Reconciliation Service to streamline billing processes, while Citricom's acquisition of Televi aims to enhance its cybersecurity offerings. These initiatives reflect the evolving landscape of MSP services, where operational efficiency and robust security measures are paramount for success in a competitive market. Three things to know today00:00 Good News Alert: FBI Crushes PlugX Malware, LockBit Stumbles, and Cybersecurity Gains Momentum06:15 Billing, Breaches, and Bots: How MSPs and AI Security Are Tackling 2025's Biggest Challenges08:58 From Billing to Cybersecurity: Gradient MSP and Cytracom Address Critical MSP Pain Points  Supported by:  https://getnerdio.com/nerdio-manager-for-msp/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Flux Capacitor
Episode 106: Talking about the weather with Chief Meteorologist Sunny Wescott

Flux Capacitor

Play Episode Listen Later Jan 13, 2025 41:40


Chief Meteorologist with the Cybersecurity and Infrastructure Security Agency (CISA), a federal agency of the U.S. Department of Homeland Security (DHS), Sunny Wescott, in conversation with Francis Bradley about extreme weather, the impacts on infrastructure, the cyclical worsening of events, and the challenge of stabilizing the climate. They also discuss what customers should be thinking about in emergencies and opportunities for creative solutions to greater resilience. They close the conversation with a recommendation for a book to add to the Flux Capacitor Book Club. Links: Cybersecurity and Infrastructure Security Agency (CISA) Sunny Wescott on LinkedIn Book recommendations:· The Secret World of Weather: How to Read Signs in Every Cloud, Breeze, Hill, Street, Plant, Animal, and Dewdrop, by Tristan Gooley

Cybercrime Magazine Podcast
Security Nudge. Use Encrypted Messaging & Calling Apps. Sponsored By CybSafe.

Cybercrime Magazine Podcast

Play Episode Listen Later Jan 2, 2025 1:30


Chinese hacker group Salt Typhoon's breach of telecommunications networks has given it unprecedented access to networks across the US and around the world – but there is something you can do about it. If your work involves confidential and sensitive information – or if records of who you are communicating with could be valuable information for outsiders – the Verge reports that the FBI and Cybersecurity and Infrastructure Security Agency (CISA) are recommending that you use encrypted messaging and calling apps where possible. That means using services like Signal and WhatsApp to make sensitive calls instead of regular phone services. These services bypass cell phone networks and use the Internet instead, encrypting all data sent between your phone and that of the person you're calling – meaning that even if the hackers wanted to listen to your call, they wouldn't be able to. If you're not sure how to use them, whether your company policies prevent their use, or whether your company prefers that you use a different system, check with your IT department. The 60-second "Security Nudge" is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

RIMScast
Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle

RIMScast

Play Episode Listen Later Dec 24, 2024 48:47


Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine for the Q4 Edition Risk Year in Review. They discuss the biggest risk events we've seen in 2024, including natural disasters following climate change and even the recent murder of the UHC CEO. They give their forecasts for 2025, with cybersecurity being an expanding area of risk, combined with AI, and regulatory changes likely under the new administration.   Listen for categories of risk your organization is sure to face in the coming year. Key Takeaways: [:01] About RIMS. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to engage today and embrace tomorrow in Chicago from May 4th through May 7th! Register at RIMS.org/RISKWORLD and the link in this episode's notes. [:30] About this episode, coming to you from RIMS headquarters in New York. This episode is our special 2024 finale! Hilary Tuttle and Morgan O'Rourke of RIMS Risk Management Magazine will join us to discuss the top trends and stories from 2024 and what to expect in 2025. [:58] RIMS-CRMP Virtual Workshops On February 19th and 20th, there is a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:20] The next RIMS-CRMP-FED Exam Course will be held from February 4th through the 6th, 2025. Links to these courses can be found on the Certification page of RIMS.org and through this episode's show notes. [1:36] RIMS Virtual Workshops! Gail Kiyomura of The ART of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:50] We've got ERM on our minds. On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. The “Managing Data for ERM” course will be hosted by Pat Saporito, starting on March 12th, 2025. [2:12] A link to the full schedule of virtual workshops can be found through the RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:25] Interview! The Q4 edition of RIMS Risk Management Magazine is my favorite of the year! It is The Year in Risk edition. We'll have a chance to revisit all the risk highlights from 2024. [2:42] Here to discuss what made the cut and trends we need to look out for in 2025 are RIMS Director of Publications and Risk Management Magazine Editor in Chief, Morgan O'Rourke and Risk Management Magazine Managing Editor, Hilary Tuttle. [3:01] There is so much to discuss from cyber security to executive safety. As a show of appreciation to the RIMScast audience and subscribers worldwide, we've got so much great content in one huge episode, as opposed to spreading it out over two episodes. [3:18] You don't have to wait, it's all here for you at once! Let's get to it! [3:30] Morgan O'Rourke and Hilary Tuttle, Welcome back to RIMScast! [3:39] Morgan and Hilary are here to discuss The Year in Risk, which is the title of the Q4 edition of RIMS Risk Management Magazine. How does 2024 stand out from other years? [4:04] Morgan starts looking back at the year's events in October. He recalls the bridge collapse in Baltimore in March. There are always going to be hurricanes and natural disasters. There are always going to be cyber attacks. It's just a matter of what flavor they are this year. [5:15] Morgan categorizes big risk events. There are accidents, like the bridge in Baltimore that affect shipping, and natural disasters, including storms, earthquakes, and record heat. 2024 is the hottest year on record, with the hottest day in recorded history, July 22. [6:38] The AXA Future Risks Report lists climate change as the number one risk. Climate change brings natural disasters to places that don't normally see them, like wildfires in the Northeast. [7:55] Hilary says there were a few hundred fires in New York City this year. The NYFD had to put together its first brush fire task force. In the first two weeks of November, they had 271 fires. Canada has had a terrible year for fires, continuing from its 2023 fire season. [9:25] Climate change puts everybody at risk. The risk landscape expands so that everybody's in the game. Paraphrasing Flannery O'Connor, Hilary says 2024 was a disaster in truth everywhere. Disasters are not new but they are occurring in different places and times than before. [10:22] There were 11,000 fires in the Northeast this year, largely in October and November. It's a different season and in a different region. The traditional risk models are thrown out the window. [10:49] Morgan comments that this year we saw the earliest category 5 hurricane formed: Beryl in June. We're starting to throw out more of the parameters for when you need to be prepared for something. [11:21] We are seeing more geopolitical conflict, supply chain issues, and risks that didn't seem impactful in regions that seemed stable and reliable. Thirty percent of shipping goes through the Red Sea. Shipping is 90% of the supply chain. [11:55] Hilary says in the last year and a half, shipping through the Red Sea has become an untenable and sometimes uninsurable risk. Our standard expectations for doing business are going out the window or being upended. This has become more of a problem this year. [12:42] There are risks we itemize as the things that are causing problems. Then there are bigger-picture risks you don't necessarily identify when you're thinking about your problems. [13:01] You're thinking about supply chain disruption and natural catastrophes and business interruption, but not about the climate change that may cause them. [13:42] Morgan says people have to focus on the problem that's in front of them. You have to deal with the acute issues before you can deal with the systematic ones. It's hard to solve systematic problems. [14:28] Morgan sees polycrisis as interconnected risks. Hilary sees the word as an easy way to allude to something that has been happening for a long time. She can't think of a time in which you truly faced only one risk without having to think of multiple interconnected risks. [17:35] Morgan edited the new RIMS Executive Report, “Understanding Interconnected Risks” authored by RIMS Strategic and Enterprise Risk Management Council members Michael Zuraw and Tom Easthope. [17:48] The paper is available only for members until February 12th, 2025. Then it will be publicly accessible. [18:16] Morgan says the key for the paper is in its practicality about how you should go about prioritizing risks and understanding where they connect within your operations to communicate with departments and executives and implement risk mitigation. It's actionable. [19:30] Morgan considers that the value of RIMS membership and Risk Management Magazine is in learning what to do about risks. [20:02] Hillary objects to the term polycrisis. It over-intellectualizes a problem to the detriment of focusing on how to solve it or what to do about it. [20:58] Plug Time! RIMS Webinars! Hub International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [21:23] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [21:34] RIMS is now accepting nominations for all awards other than Risk Manager of the Year 2025. The submission deadline is Monday, January 6th, 2025. To receive a RIMS award, all winners must be active members and in good standing. [21:54] These awards are the Diversity, Equity, and Inclusion Chapter Leadership Award, the Harry and Dorothy Goodell Award, the Volunteer of the Year “Heart of RIMS” Award, the Richard W. Bland Memorial Award, the Chapter of the Year Award, the Rising Risk Professional Award, the Risk Management Hall of Fame, and the Cristy Award. [22:32] You can find more information about the awards through the About Us page of RIMS.org or the link in this interview's show notes. [22:40] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [22:51] Back to our Year in Risk Interview with Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine!  [23:16] Justin brings up the recent shooting and killing of the UHC CEO. Morgan was at the same hotel but didn't hear about it until he had walked to the office. [23:46] If RIMS Risk Management Magazine had been a print publication, this event would not have been included. Being a digital publication, Risk Management Magazine was able to cover it. [23:59] Hilary starts with executive safety and employee safety. She speaks of reputation risk and monitoring social media discussion. For most who commented on social media, this murder was no surprise. UHC had a tremendous failure of reputation risk and public listening. [25:28] Hilary was saddened but not surprised by the incident. She calls privatized health insurance in the United States a horror show. You can't let cashing those executive incentive checks blind you to public response. [26:27] Morgan says it's amazing to see that public sentiment was decidedly unsympathetic, but it's not unexpected. Hilary mentions the rates of medical debt in the U.S. Hilary saw an outpouring of approval of the murder, which is an awful response to have. [27:15] If you're in a position where that is the public sentiment around your organization, you need to fire your PR firm and think very seriously, not only about how you're conducting business but about how you're communicating with the public. That is a huge reputation failure. [27:47] Some health insurance companies have trimmed down or removed their executive team pages to make them less identifiable in public. It's a safety issue. You want to be very careful about how much you post about individual people. [28:43] From a cyber security perspective, nothing you put on the internet is private or innocuous. If you are an insurance executive who likes to go hiking at Mount Whatever, maybe that's not information you want to put on the internet.  [29:31] Hilary sees this situation as reminiscent of Big Tobacco as an industry. She believes there is an awareness that there is a certain amount of evil being done among executives in this industry. She says perhaps there is a social reckoning to be had in that. [30:06] Plug for The Spencer Educational Foundation! Spencer's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [30:24] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [30:48] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the programs tab of SpencerEd.org. [30:59] Let's Return to the Conclusion of my Interview with RIMS Risk Management Magazine's Morgan O'Rourke and Hilary Tuttle!  [31:11] Justin asks about AI and cyber security in 2025. The Cybersecurity and Infrastructure Security Agency (CISA) has noted that there will be an increase in breaches and the creativity of attacks. [31:38] They have a revised Revised National Cyber Incident Response Plan that is available for public comment. Hilary agrees that there will be more AI embedded in cyber attacks in 2025. It is already being used to power attacks and in the detection of attacks. [32:01] AI is also being used effectively in different forms of exploiting humans with ChatGPT and better phishing emails. It is being used to write better malware that is harder to detect. [32:25] Moody's Outlook expects a significant intensification of cyber risk in 2025, from the number of cyber incidents that are occurring and the sophistication and impact of cyber risk. Companies are getting better at detecting cyber attacks and doing basic cyber security. [33:19] Cyber criminals are getting better, too. The attacks will be harder to detect or more severe in scope. Hilary calls social engineering an interesting art. Like journalism, you have to find the approach that successfully gets the information you are looking for out of humans. [34:38] Morgan describes an old social engineering attack with a recording of a baby crying in the background, and a “harried mom” trying to get into an account without her password, trying to craft a persuasive argument. Gen AI might do all this in one step and be relatively successful. [36:01] Hilary mentions that at the DEF CON hacker's conference, there is a social engineering village. Their “Capture the Flag” is a contest to do just what Morgan described. There are bulleted lists of the types of information you are trying to get in an allotted time. [37:02] Morgan says it's not like the fast-typing hackers seen in the movies. You get the information through conversation. [38:05] Hilary says one of the downsides of automation is the tremendous proliferation in the number of attacks that are being launched. Ransomware attacks grew 70% last year and are on track to double their 2022 levels by the end of 2024. [38:29] Moody's and QB Canada both came out with reports anticipating 5,200 ransomware attacks around the world in 2025, from 2,500 in 2022. It's easier to launch attacks at scale against multiple organizations at once. The attacks are more sophisticated and damaging. [39:01] The ransomware attacks are asking for significantly more money. Fewer companies are paying ransoms because they have backups and plans in place. Average ransomware payments are going up. Last year, ransomware payments passed $1.1 billion for the first time. [39:26] The companies that pay ransom are feeling more compelled and are in a tougher spot so they are paying larger ransoms. [39:48] Morgan points out that paying the ransom doesn't solve the problem. Change Healthcare had the largest healthcare data breach in U.S. history. They paid $22 million in ransom but didn't get the data back. Some attackers will keep extorting you or just take your money and run. [40:36] The FBI has said don't pay ransomware. You can't trust criminals. [40:43] Hilary mentions three ransomware threats: holding a network captive, holding data captive, and holding sensitive information captive. This is triple extortion. If you are the victim of a ransomware attack, go in with the expectation that that is the situation. [41:55] Hilary forecasts that 2025 will be a colorful year. There is a tremendous amount of uncertainty in pretty much everything. It will be an interesting year, politically. It will be a very interesting four years, from a regulatory perspective. [42:22] In terms of severe weather, disasters, and cyber, it feels like there will be more, and more, and more events. [42:51] Morgan thinks the biggest thing is the change in administration and the priorities. ESG has been downscaled. A lot of companies are moving off of DEI initiatives, based on the shift in administration and the feeling that DEI will not be as popular. [43:16] The regulations concerning a lot of ESG may no longer be in play. The federal guidelines are not going to be what they were in any aspect. [43:39] President Biden in 2023 issued an Executive Order with guidelines and restrictions on AI. Donald Trump has said he'll probably rescind that. Donald Trump seems to be aligned with a lot of the tech companies for less regulation of AI. Fingers crossed it doesn't make things worse! [44:33] Hilary knows several organizations are particularly concerned about some of the potential risk impacts of taking away many of the consumer protections and other regulations that do a tremendous amount to curb risk. That could increase the risk landscape for many. [44:55] CISA has cautioned that this could have a disastrous impact on cyber security. A lot of regulations that keep organizations safer are potentially on the chopping block under the new administration. Hilary thinks that's probably true in some other industries. It will get risky. [45:30] It has been a pleasure to see you both! I appreciate your time. The RIMS Risk Management Magazine Year in Review is now available at RMMagazine.com. Quick Plug! We're looking for submissions from the risk profession. See the contribution guidelines. [46:01] Reach out to Hilary and Morgan. Especially if you're a risk professional, we want to hear your ideas. Morgan says we're only as strong as our contributors in the risk management community. Give us what you've got! [46:21] Special thanks again, as always, to Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine for joining us here on RIMScast! The Risk Management Year in Review Edition is now live at RMMagazine.com. A link is in this episode's show notes. [46:41] We look forward to checking back with Morgan and Hilary for the mid-year update in 2025. [46:48] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [47:35] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [47:52] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [48:09] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [48:23] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [48:30] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management Magazine RIMS DEI CouncilNominations open for RIMS 2025 Awards! (Through Jan. 6, 2025) Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates Contribute to RIMS Risk Management Magazine / Submission Guidelines “RIMS Executive Report: Understanding Interconnected Risks” RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS Webinars: RIMS.org/Webinars “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Stay Competitive with the RIMS-CRMP” | Presented by the RIMS Greater Bluegrass Chapter February 19‒20, 2025 | Instructor: Chris Mandel “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 “Fundamentals of Insurance” | Feb. 19‒20, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Related RIMScast Episodes: “Big Shifts with John Hagel, RIMS ERM Conference Keynote” “2024 Mid-Year Risk Update with Morgan O'Rourke and Hilary Tuttle” “2023 Risk Year In Review with Morgan O'Rourke and Hilary Tuttle” “Live from the ERM Conference 2024 in Boston!”“Maintaining an Award-Winning ERM Program with Michael Zuraw” “Applying ERM Theory with Elise Farnham” “On Risk Appetite and Tolerance”   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor (New!) “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Morgan O'Rourke, RIMS Director of Publications and Risk Management Magazine Editor in Chief Hilary Tuttle, Managing Editor, Risk Management Magazine   Social Shareables (Edited For Social Media Use): There were 11,000 fires in the Northeast this year, largely in October and November. It's a different season and in a different region. The traditional risk models are thrown out the window. — Hilary Tuttle   There are always going to be hurricanes and natural disasters. There are always going to be cyber attacks. It's just a matter of what flavor they are this year. — Morgan O'Rourke   In the last year and a half, shipping through the Red Sea has become an untenable and sometimes uninsurable risk. Our standard expectations for doing business are going out the window or being upended. — Hilary Tuttle   People have to focus on the problem that's in front of them. You have to deal with the acute issues before you can deal with the systematic ones. — Morgan O'Rourke   For most who commented on social media, the murder of the UHC CEO was no surprise. UHC had a tremendous failure of reputation risk and public listening. — Hilary Tuttle   Phishing is not like the fast-typing hackers seen in the movies. They get the information through conversation. — Morgan O'Rourke   Nothing you put on the internet is private or innocuous. If you are an insurance executive who likes to go hiking at Mount Whatever, maybe that's not information you want to put on the internet. — Hilary Tuttle

AURN News
FBI Urges Smartphone Users to Prioritize Encrypted Messaging Amid Cybersecurity Threats

AURN News

Play Episode Listen Later Dec 10, 2024 1:45


If you're a smartphone user, you may want to listen up. The Federal Bureau of Investigation (FBI) is urging smartphone users to rethink how they communicate, warning iPhone and Android users against texting and recommending encrypted messaging platforms like WhatsApp, Signal, and Facebook Messenger. However, the Bureau also raises concerns about these apps, stressing the need for responsible, managed encryption. This comes amid revelations of a cyber espionage campaign linked to China's Ministry of State Security known as "Salt Typhoon." The hackers have breached U.S. telecommunications networks comprised of sensitive metadata and private communications, including those of government officials. While China denies involvement, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) confirmed the attacks are part of a broader pattern targeting U.S. infrastructure. The FBI and CISA are urging organizations to bolster defenses and report suspected breaches. Learn more about your ad choices. Visit megaphone.fm/adchoices

IT Privacy and Security Weekly update.
Episode 218.5 Deep Dive: The IT Privacy and Security Weekly Update serves up some Pi for the Week Ending November 26th., 2024

IT Privacy and Security Weekly update.

Play Episode Listen Later Nov 28, 2024 17:21


FAQ: 1. What measures are US senators proposing to enhance cybersecurity in healthcare? A bipartisan group of US senators has introduced the Health Care Cybersecurity and Resiliency Act of 2024. This act mandates healthcare organizations adopt basic cybersecurity standards like multi-factor authentication (MFA), improved coordination between the Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA), and a more transparent breach reporting process, including details about the number of individuals affected and corrective actions taken. 2. What is Australia doing to combat the rise of ransomware attacks? Australia has enacted its first Cyber Security Act, requiring organizations exceeding a certain size (likely those with a turnover above AUD $3 million) to report any ransomware payments made to cybercriminals. The act also establishes a framework for the voluntary reporting of cyber incidents to encourage information sharing and enhance collective cybersecurity. 3. What is the extent of the alleged Chinese hacking of US telecom infrastructure? Reports suggest that Chinese government-backed hackers, known as Salt Typhoon, have infiltrated US telecommunications networks, potentially gaining access to phone calls and text messages. This breach reportedly exploited vulnerabilities in the system used by US authorities for lawful wiretaps. The incident, labeled as potentially the "worst telecom hack in our nation's history", raises serious concerns about national security and data privacy. 4. What advice is the Japanese government giving its citizens regarding their digital legacies? The Japanese National Consumer Affairs Center recommends that citizens engage in "digital end-of-life planning" to prevent difficulties in managing their online accounts after their death. They advise ensuring family members can access their devices, maintaining a list of subscriptions and login credentials, possibly including this information in end-of-life documents, and considering services that allow designated individuals to manage accounts posthumously. 5. What privacy concerns have arisen with Microsoft's Copilot tool? Microsoft's Copilot, designed to streamline tasks by accessing internal company information, has inadvertently exposed sensitive data, including CEO emails and HR documents. This occurred due to lax permission settings in some companies, allowing Copilot to access and retrieve documents beyond intended access levels. 6. How is Microsoft enhancing Windows security following the CrowdStrike incident? In response to the CrowdStrike incident that impacted millions of Windows devices, Microsoft is introducing the Windows Resiliency Initiative. This initiative includes Quick Machine Recovery, enabling remote repair of unbootable systems, stricter testing and deployment protocols for security vendors, and a framework to move antivirus processing outside the Windows kernel for improved security and stability. 7. What was the outcome of Interpol's Operation Serengeti in Africa? Interpol's Operation Serengeti, conducted in collaboration with Afripol, resulted in the arrest of over 1,000 suspects across 19 African countries. The operation targeted cybercriminals involved in activities like ransomware, business email compromise, digital extortion, and online scams. Notably, the operation dismantled networks involved in credit card fraud, Ponzi schemes, human trafficking, illegal gambling, and cryptocurrency scams. 8. Why are undersea data cables becoming an increasing security concern? Undersea fiber-optic cables, responsible for transmitting vast amounts of global internet traffic, are increasingly vulnerable to damage and sabotage. Recent incidents, such as damage to cables in the Baltic Sea suspected to be linked to a Chinese cargo vessel, highlight these risks.

Minimum Competence
Legal News for Tues 11/26 - Biden Wishes to Expand Medicare for Weight-loss Drugs, Trump's Cybersecurity Challenges, Disney $43m Pay Equity Settlement, Legality of Military Deportation Plans

Minimum Competence

Play Episode Listen Later Nov 26, 2024 7:26


This Day in Legal History: Squeaky Fromme ConvictedOn this day in 1975, Lynette “Squeaky” Fromme, a devoted follower of cult leader Charles Manson, was found guilty by a federal jury in Sacramento, California, for attempting to assassinate President Gerald Ford. The incident occurred on September 5, 1975, in Sacramento's Capitol Park, where Fromme aimed a Colt .45 handgun at Ford as he greeted the public. Though the weapon did not discharge—later found to lack a bullet in the firing chamber—the act was a chilling reminder of the volatile political atmosphere of the 1970s. Fromme claimed she wanted to draw attention to environmental issues and the plight of California redwoods, framing her actions as a desperate bid to make her concerns heard.The trial was marked by Fromme's erratic behavior, including disruptions and self-represented courtroom antics that reflected her unwavering loyalty to Manson and his apocalyptic worldview. Prosecutors argued that Fromme's actions posed a genuine threat to the president's life, even though the gun had not fired. The jury deliberated for just over a day before convicting her of attempted assassination under federal law, a crime that carried a potential life sentence.The case underscored the rising threats to public officials during a turbulent era in American history, following closely on the heels of other high-profile political attacks. Sentenced to life imprisonment, Fromme served 34 years before being paroled in 2009. Her conviction remains a stark reminder of the enduring dangers posed by extremist ideologies and the individuals who act upon them.The Biden administration has proposed a rule to expand Medicare and Medicaid coverage to include weight-loss drugs, potentially providing access to millions of Americans with obesity while significantly increasing government healthcare costs. Medicare currently covers related medications like Ozempic and Mounjaro for diabetes but excludes obesity drugs such as Wegovy and Zepbound. Only 13 state Medicaid programs cover these high-cost treatments, which can exceed $1,000 monthly. The proposed rule could reduce patient out-of-pocket costs by up to 95% and offset expenses through lowered rates of obesity-linked diseases, including diabetes and heart conditions.The Congressional Budget Office estimates the expanded Medicare coverage could cost $35 billion over nine years. However, these costs might decrease after 2025 when semaglutide, the active ingredient in several weight-loss drugs, becomes subject to government price negotiations under the Inflation Reduction Act. Drugmakers Novo Nordisk and Eli Lilly stand to benefit from this policy, as the global market for obesity drugs is projected to reach $130 billion by 2030.The proposal is seen as a win for patients and physicians advocating for broader access, but it also poses challenges to efforts to reduce government spending. Some, including Robert F. Kennedy Jr., argue that healthier food initiatives could address obesity more affordably. Novo and Lilly have been working to demonstrate additional health benefits of these medications, aiming to expand insurance coverage and increase acceptance among policymakers. The proposed rule must undergo a formal review process before implementation.Biden Proposes Medicare, Medicaid Coverage of Obesity Drugs (1)Donald Trump's incoming administration faces a rapidly evolving cybersecurity landscape with increased cyber threats, growing system vulnerabilities, and challenges from generative AI. Balancing national security with deregulation goals adds uncertainty to its approach, particularly as it inherits initiatives from the Biden era. The Cybersecurity and Infrastructure Security Agency (CISA), established during Trump's first term, remains pivotal for safeguarding critical infrastructure but faces scrutiny from Republicans over its efforts to counter election misinformation. Proposed rule changes under the 2022 Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which require entities to report cyber incidents, await finalization amid industry pushback.The Biden administration emphasized industry-specific cybersecurity rules, such as water system safeguards, aviation security standards, and transportation cyber risk requirements, but these have faced challenges, including legal and political opposition. Trump's administration may prioritize oversight while easing regulatory burdens, potentially reducing the influence of agencies like the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) in cybersecurity enforcement.CISA's future is uncertain, with calls to shift it under the Transportation Security Administration, which could impact its authority. Jen Easterly, CISA's current director, will step down on Inauguration Day, leaving leadership decisions to Trump. A possible reduction in enforcement, especially targeting executives, may be welcomed by companies in the cybersecurity space, which have faced intense scrutiny in recent years. The administration's ultimate stance on these policies remains unclear, signaling a potential shift away from the Biden administration's regulatory approach.Trump's Cybersecurity Faces Biden's Legacy, Rising Threats AheadDisney has agreed to pay $43.3 million to settle a lawsuit alleging that its female employees in California earned significantly less than male colleagues over an eight-year span. Filed in 2019 by LaRonda Rasmussen, the lawsuit claimed disparities of up to $20,000 annually for women holding the same job titles as men, including those with less experience. The case eventually grew to represent 9,000 current and former female employees.As part of the settlement, Disney will employ a labor economist for three years to assess and address pay equity among full-time, non-union California employees below the vice president level. An analysis of Disney's HR data, conducted by a University of California professor, found that women were paid approximately 2% less than men during the analyzed period.Although Disney denied wrongdoing, a spokesperson emphasized the company's commitment to fair pay. The settlement agreement, filed in California state court, awaits judicial approval.Disney settles suit over women's pay for $43 million | ReutersPresident-elect Donald Trump's plan to use the military in deportation efforts breaks with U.S. norms against deploying troops domestically but may avoid legal challenges if confined to support roles, such as building detention camps or transporting migrants. The 1878 Posse Comitatus Act bars the military from law enforcement activities, but exceptions, such as the Insurrection Act and National Guard deployments under state control, create legal ambiguity. Trump's proposal to increase deportation capacity by 20 times would require extensive use of these exceptions and could lead to conflicts with state governors.Critics argue that this approach undermines constitutional norms, with legal scholars highlighting the potential for overreach. Governors refusing to deploy their National Guard could force Trump to invoke the Insurrection Act, historically used for civil rights and law enforcement emergencies, though courts typically defer to presidential authority in national security matters. Experts warn that expanded military roles could open avenues for legal challenges, especially if funding or state jurisdiction issues arise.This plan raises significant concerns about its impact on democratic principles. Using the military for mass deportations would set a troubling precedent for civilian governance and law enforcement. While legally feasible in limited roles, the proposal's broad ambitions risk undermining constitutional traditions and provoking legal and political pushback.Trump plan to use military in deportations should stand up in court | Reuters This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit www.minimumcomp.com/subscribe

Security Visionaries
2025 Predictions

Security Visionaries

Play Episode Listen Later Nov 14, 2024 20:27


In this episode of Security Visionaries, we're joined by Kiersten Todt, President at Wondros and former Chief of Staff for the Cybersecurity and Infrastructure Security Agency (CISA) to discuss predictions for 2025 and beyond.Topics include  the role of artificial intelligence in security, the potential for an AI bubble burst, and reclassifying the cloud as critical infrastructure. Kiersten also predicts an increase in detections of  cyber intrusions from nation-state actors, especially China, underscoring the need for readiness and global cooperation. The discussion concludes with Kiersten's resolution for 2025, emphasizing the role of individuals in demanding more safety and security measures.

Federal Drive with Tom Temin
CISA deepens coordination with agencies on ‘systemic' risks

Federal Drive with Tom Temin

Play Episode Listen Later Nov 7, 2024 7:59


The Cyber Security and Infrastructure Security Agency (CISA) has been in the news for its work on election security. CISA this month, though, is also highlighting the need for security and resilience across the rest of the nation's critical infrastructure, you know, power grids, water utilities. CISA is drafting a list of organizations that are considered what it calls systemically important. For more Federal News Network's Justin Doubleday spoke with the executive assistant director of CISA's Infrastructure Security division, David Mussington. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Federal Drive with Tom Temin
CISA deepens coordination with agencies on ‘systemic' risks

Federal Drive with Tom Temin

Play Episode Listen Later Nov 7, 2024 8:44


The Cyber Security and Infrastructure Security Agency (CISA) has been in the news for its work on election security. CISA this month, though, is also highlighting the need for security and resilience across the rest of the nation's critical infrastructure, you know, power grids, water utilities. CISA is drafting a list of organizations that are considered what it calls systemically important. For more Federal News Network's Justin Doubleday spoke with the executive assistant director of CISA's Infrastructure Security division, David Mussington. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Business of Tech
AI Adoption Challenges, Cybersecurity Threats, Kaseya on Automation, and Windows Server 2025 Launch

Business of Tech

Play Episode Listen Later Nov 5, 2024 12:38


The findings of a recent report highlight the challenges faced by C-suite executives regarding aging IT systems amidst a surge in AI adoption. While 90% of executives believe their technology is top-notch, nearly two-thirds acknowledge that outdated infrastructure poses significant issues, with many critical IT systems nearing the end of their life cycle. The report also reveals that although 75% of organizations are investing in AI and machine learning, less than half report a positive return on investment, raising concerns about cyber attack preparedness among executives.The episode also delves into a growing trend of cloud repatriation, as organizations grapple with unexpected costs and performance issues in cloud environments. A recent IDC report indicates that 50% of companies spent more on cloud services than anticipated, prompting some to transition specific workloads back in-house. The case of SaaS company 37Signals, which plans to save $10 million over five years by moving away from cloud services, exemplifies this trend. Sobel emphasizes the importance of differentiating between various levels of AI adoption, noting that many organizations may only be conducting small-scale experiments rather than full-scale implementations.Host Dave Sobel highlights the rising threat of voice-based AI scams, referencing a study from the University of Illinois that demonstrates how OpenAI's ChatGPT-4 can be exploited for financial scams with success rates between 20% to 60%. Additionally, he discusses a new threat campaign where hackers impersonate IT support on Microsoft Teams, urging organizations to implement training programs to raise awareness of evolving social engineering threats. The Cybersecurity and Infrastructure Security Agency (CISA) has also issued warnings about a large-scale spear-phishing campaign targeting federal executives, emphasizing the need for protective measures.Finally, the episode covers significant developments in automation and AI within the managed services sector, particularly at DattoCon, where Kaseya projected that up to 70% of repetitive tasks performed by managed service providers will be automated by 2026. Sobel also discusses Runway's innovative AI tool that customizes outreach to potential clients, reflecting a broader trend of leveraging AI to optimize sales processes. The episode concludes with a discussion on the general availability of Windows Server 2025, which introduces significant advancements and is positioned as a robust solution for on-premises and hybrid cloud deployments. Four things to know today00:00 Kyndryl Report Reveals Struggle with Aging IT as AI Adoption Soars but ROI Falls Short, Fueling Demand for Service Support04:18 Voice-Based AI Scams Rise as Study Shows ChatGPT Vulnerability; New Tactics on Microsoft Teams and Spear Phishing Surge06:20 At DattoCon, Kaseya Emphasizes Automation as Core to MSP Efficiency, Parallel to Runway's AI-Enhanced Sales Tactics08:50 Microsoft Launches Windows Server 2025 with Hybrid Enhancements as KnowBe4 Unveils New Security Training Post-Breach  Supported by:  https://www.huntress.com/mspradio/https://mspradio.com/engage/    All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

Lock and Code
Why your vote can't be “hacked,” with Cait Conley of CISA

Lock and Code

Play Episode Listen Later Nov 3, 2024 39:34


The US presidential election is upon the American public, and with it come fears of “election interference.”But “election interference” is a broad term. It can mean the now-regular and expected foreign disinformation campaigns that are launched to sow political discord or to erode trust in American democracy. It can include domestic campaigns to disenfranchise voters in battleground states. And it can include the upsetting and increasing threats made to election officials and volunteers across the country.But there's an even broader category of election interference that is of particular importance to this podcast, and that's cybersecurity.Elections in the United States rely on a dizzying number of technologies. There are the voting machines themselves, there are electronic pollbooks that check voters in, there are optical scanners that tabulate the votes that the American public actually make when filling in an oval bubble with pen, or connecting an arrow with a solid line. And none of that is to mention the infrastructure that campaigns rely on every day to get information out—across websites, through emails, in text messages, and more.That interlocking complexity is only multiplied when you remember that each, individual state has its own way of complying with the Federal government's rules and standards for running an election. As Cait Conley, Senior Advisor to the Director of the US Cybersecurity and Infrastructure Security Agency (CISA) explains in today's episode:“There's a common saying in the election space: If you've seen one state's election, you've seen one state's election.”How, then, are elections secured in the United States, and what threats does CISA defend against?Today, on the Lock and Code podcast with host David Ruiz, we speak with Conley about how CISA prepares and trains election officials and volunteers before the big day, whether or not an American's vote can be “hacked,” and what the country is facing in the final days before an election, particularly from foreign adversaries that want to destabilize American trust.”There's a pretty good chance that you're going to see Russia, Iran, or China try to claim that a distributed denial of service attack or a ransomware attack against a county is somehow going to impact the security or integrity of your vote. And it's not true.”Tune in today.You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.For all our cybersecurity coverage, visit Malwarebytes Labs at malwarebytes.com/blog.Show notes and credits:Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)Licensed under Creative Commons: By Attribution 4.0 Licensehttp://creativecommons.org/licenses/by/4.0/Outro Music: “Good God” by Wowa (unminus.com)Listen up—Malwarebytes doesn't just talk cybersecurity, we provide it.Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and

GZero World with Ian Bremmer
US election security and the threats of foreign interference: CISA Director Jen Easterly discusses

GZero World with Ian Bremmer

Play Episode Listen Later Nov 2, 2024 39:00


On the GZERO World podcast, Ian Bremmer sits down with Jen Easterly, the top US official behind America's election security infrastructure. As Director of Homeland Security's Center for Cybersecurity and Infrastructure Security Agency (CISA), she is on the frontlines of safeguarding the voting process. In their conversation, Easterly talks about the massive improvements to the nation's voting systems and emphasizes “with great confidence that election infrastructure has never been more secure.” Yet what worries Easterly is the potential for election meddling and disinformation after voting ends and before certification is complete.Easterly discusses how the "firehose of disinformation" can have serious consequences on the country. She calls out Trump and other political leaders who have peddled false narratives pushed by foreign actors—a move that risks eroding public trust in our democracy. Again, though, her main concern is for that volatile period after the votes are cast and before they're certified. She argues that "between November 5th and January 6th—when the Congress is going to certify the vote—our foreign adversaries are going to go hog wild.” In particular, threats coming from Russia, China, and Iran. So as voters head to the polls, Easterly and her agency are making it a priority to rebuild trust and confidence with American voters.Host: Ian BremmerGuest: Jen Easterly Subscribe to the GZERO World with Ian Bremmer Podcast on Apple Podcasts, Spotify, or your preferred podcast platform, to receive new episodes as soon as they're published.

GZERO World with Ian Bremmer
US election security and the threats of foreign interference: CISA Director Jen Easterly discusses

GZERO World with Ian Bremmer

Play Episode Listen Later Nov 2, 2024 39:00


On the GZERO World podcast, Ian Bremmer sits down with Jen Easterly, the top US official behind America's election security infrastructure. As Director of Homeland Security's Center for Cybersecurity and Infrastructure Security Agency (CISA), she is on the frontlines of safeguarding the voting process. In their conversation, Easterly talks about the massive improvements to the nation's voting systems and emphasizes “with great confidence that election infrastructure has never been more secure.” Yet what worries Easterly is the potential for election meddling and disinformation after voting ends and before certification is complete.Easterly discusses how the "firehose of disinformation" can have serious consequences on the country. She calls out Trump and other political leaders who have peddled false narratives pushed by foreign actors—a move that risks eroding public trust in our democracy. Again, though, her main concern is for that volatile period after the votes are cast and before they're certified. She argues that "between November 5th and January 6th—when the Congress is going to certify the vote—our foreign adversaries are going to go hog wild.” In particular, threats coming from Russia, China, and Iran. So as voters head to the polls, Easterly and her agency are making it a priority to rebuild trust and confidence with American voters.Host: Ian BremmerGuest: Jen Easterly Subscribe to the GZERO World with Ian Bremmer Podcast on Apple Podcasts, Spotify, or your preferred podcast platform, to receive new episodes as soon as they're published.

The Lawfare Podcast
Lawfare Daily: How CISA Is Working to Protect the Election

The Lawfare Podcast

Play Episode Listen Later Oct 30, 2024 47:21


The Cybersecurity and Infrastructure Security Agency (CISA) has taken a leading role in coordinating efforts to secure the 2024 election—from ensuring the physical security of election workers, to protecting election systems from cyber threats, to identifying foreign influence campaigns and preparing for deepfakes. With a week until Election Day, Senior Editors Quinta Jurecic and Eugenia Lostri spoke with CISA's Cait Conley, Senior Advisor to the agency's director, about how CISA is working to protect the vote. To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/c/trumptrials.Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.

The Cybersecurity Defenders Podcast
#166 - Intel Chat: Microsoft logs, USDoD, SolarWinds WHD, & CISA KEV

The Cybersecurity Defenders Podcast

Play Episode Listen Later Oct 24, 2024 29:58


In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Microsoft has recently confirmed that a software bug caused the loss of more than two weeks' worth of critical security logs from several of its cloud services.Brazil's Federal Police have arrested a hacker suspected to be "USDoD," a notorious cybercriminal involved in several high-profile data breaches.A critical vulnerability has been discovered in SolarWinds' Web Help Desk (WHD) software, involving hardcoded credentials that could be exploited by attackers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling that these flaws are being actively used in cyberattacks.

The Gate 15 Podcast Channel
Weekly Security Sprint EP 86. Election security, arrests, and exercises

The Gate 15 Podcast Channel

Play Episode Listen Later Oct 23, 2024 21:33


In this week's Security Sprint, Dave and Andy covered the following topics: Election 2024: Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are issuing this public service announcement (PSA) to raise awareness of the efforts posed by foreign threat actors to spread disinformation in the lead up to, and likely in the days following, the 2024 U.S. general election. Just So You Know: Foreign Threat Actors Likely to Use a Variety of Tactics to Develop and Spread Disinformation During 2024 U.S. General Election Cycle CISA: A Message to Election Officials from CISA Director Jen Easterly ISIS-K behind foiled Election Day terrorism plot, U.S. officials say ‘You are next': online posts show Islamic State interest in attacks on US ahead of election New cases of political violence roil US ahead of contentious election   DOJ: Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World. U.S. charges Sudanese men with running powerful cyberattack-for-hire gang Risky Biz News: Anonymous Sudan's Russia Links Are (Still) Obvious Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals U.S. Indicts 2 Linked to Oct. 7 Cyberattack on Israeli Warning System USGS: (Some) Assembly Required. How to sign your organization up for the Great ShakeOut.   Quick Hits Germany: police arrest man over Israeli Embassy attack plot Digging into Salt Typhoon Brazil Arrests ‘USDoD,' Hacker in FBI Infragard Breach Check Point: A Closer Look at Q3 2024: 75% Surge in Cyber Attacks Worldwide

Great Power Podcast
World on the Brink

Great Power Podcast

Play Episode Listen Later Oct 22, 2024 64:05


In this episode of GREAT POWER PODCAST, host Michael Sobolik interviews Dmitri Alperovitch about his book World on the Brink, how Russia's war in Ukraine impacts Taiwan's political future, and how America should compete to win "Cold War II" with the Chinese Communist Party. Guest biography Dmitri Alperovitch is currently serving as the Co-Founder and Executive Chairman of Silverado Policy Accelerator, a non-profit think tank focused on advancing American prosperity and global leadership in the 21st century and beyond. Alperovitch is the author of a new book World on the Brink: How America Can Beat China in the Race for the Twenty-First Century about the grand strategy for victory in the Cold War II with China. In 2022, he was appointed to both the prestigious Homeland Security Advisory Council (HSAC) of the Department of Homeland Security (DHS) and as a founding board member of the new Cyber Safety Review Board (CSRB) of the Cybersecurity and Infrastructure Security Agency (CISA).  He has previously served as a Special Advisor to the Department of Defense (DoD). Prior to founding Silverado, Alperovitch co-founded and served as the Chief Technology Officer of CrowdStrike, Inc., one of the world's largest cybersecurity companies. Resources from the conversation Follow Dmitri on X Read World on the Brink Follow Michael on X Read Countering China's Great Game

Local Officials: Stronger, Together Podcast
Episode 9F: October is Cybersecurity Awareness Month – The Pool's Cyber Squad Can Help You Avoid an Attack!

Local Officials: Stronger, Together Podcast

Play Episode Listen Later Sep 27, 2024 15:54


This year marks the 21st annual Cybersecurity Awareness Month and the federal Cybersecurity and Infrastructure Security Agency (CISA) encourages every American to take steps to “Secure Our World.”  In this episode, host Scott Houston – and the Risk Pool's Cyber Squad – discuss ways to help you avoid being the victim of a cyberattack. The squad consists of Cyber Risk Services Manager Ryan Burns and Senior Cybersecurity Advisor Mike Bell. Ryan and Mike are an experienced team that offers Pool Members no-cost preventative services like: (1) cybersecurity best practices; (2) information security policy review/development; (3) incident response plan review; and much more.  The Cyber Squad's YouTube Video Log provides up-to-date information you need to know. We'll drop a new vlog each week of Cybersecurity Awareness Month, starting with “The Current Cybersecurity Threat Landscape” on October 1.  Is your world secure? Find out now by scheduling an on-site or virtual Cyber Squad visit today through your Risk Management Advisor, by calling 512-491-2300, or by emailing cybersquad@tmlirp.org.  Further InformationTML Risk Pool's Cyber Squad YouTube Channel (Video Logs)CISA Cybersecurity Awareness Month WebpageTML Risk Pool's Cyber Liability WebpageTML Risk Pool's Cyber Squad Information Sheet

Business of Tech
AI Regulations, New, Unusual Cybersecurity Threats, and Intel's Foundry Challenges

Business of Tech

Play Episode Listen Later Sep 18, 2024 12:07


The episode opens with a report on a series of explosions involving handheld pagers in Lebanon and Syria, which injured multiple individuals, including members of Hezbollah. This incident is believed to be a sophisticated attack attributed to Israel, highlighting the ongoing tensions in the region. Sobel also covers a new covert attack method, PIX-L, which can exploit air-gapped networks using sound waves, emphasizing the need for organizations to bolster their defenses against such unconventional threats.The episode shifts focus to cybersecurity measures being implemented in the U.S. ahead of the presidential election. The Cybersecurity and Infrastructure Security Agency (CISA) has released new checklists aimed at enhancing the security of election systems, recommending practices such as multi-factor authentication and encrypted backups. Additionally, Sobel discusses the rollout of the Cybersecurity Maturity Model Certification (CMMC) by the Pentagon, which aims to improve the protection of controlled unclassified information (CUI) among contractors. This phased rollout is expected to take three years and underscores the importance of cybersecurity in the defense sector.Sobel then delves into the regulatory landscape surrounding artificial intelligence, particularly in California, where Governor Gavin Newsom is considering the implications of AI Bill SB 1047. This bill seeks to hold AI vendors accountable and prevent AI-related disasters. While Newsom has signed several other AI-related bills into law, he remains cautious about the potential impact of SB 1047 on the industry. The episode also highlights an upcoming global AI safety summit hosted by the Biden administration, aimed at fostering international cooperation on AI development and addressing concerns about generative AI.Finally, the episode addresses Intel's ongoing challenges in the semiconductor market, including its decision to separate its foundry business into an independent subsidiary to attract external capital. Sobel discusses Intel's recent partnership with Amazon to develop an AI fabric chip and the significant funding it has received under the CHIPS Act. However, the company faces setbacks, such as losing a major contract to AMD for the PlayStation 6 chip, which could have generated substantial revenue. Sobel emphasizes the fragility of Intel's turnaround efforts and the importance of securing key clients to ensure future growth in a competitive landscape. Three things to know today 00:00 Rogue Pagers, Pixhell Exploits, and CMMC Rollout04:41 Governor Newsom Signs AI Regulations on Deepfakes and Political Ads, While SB 1047 Awaits Final Decision07:23 Intel's Foundry Gamble: Balancing External Capital and Contract Losses to Drive Semiconductor Growth  Supported by:  https://www.huntress.com/mspradio/http://blumira.com/radio/  CoreView Sept 19 Webinar: https://okt.to/CLa4Uf   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

ITSPmagazine | Technology. Cybersecurity. Society
The Missing Link: How We Collect and Leverage SBOMs | An OWASP 2024 Global AppSec San Francisco Conversation with Cassie Crossley | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Sep 14, 2024 21:25


Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]On LinkedIn | https://www.linkedin.com/in/cassiecrossley/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, hosts Sean Martin and Marco Ciappelli head to San Francisco to attend the OWASP Global AppSec conference. They kick off their journey with a light-hearted conversation about their destination, quickly segueing into the substantive core of the episode. The dialogue provides a rich backdrop to the conference's key focus: securing applications and the crucial role of Software Bill of Materials (SBOMs) in this context.Special guest Cassie Crossley joins the hosts to delve deeper into the significance of SBOMs. Cassie introduces herself and highlights her previous engagements with the podcast, touching on her upcoming session titled "The Missing Link: How We Collect and Leverage SBOMs." She explains the essential function of SBOMs in tracking open-source and commercial software components, noting the importance of transparency and risk evaluation in modern software development.Cassie explains that understanding the software components in use, including transitive dependencies, is crucial for managing risks. She discusses how her company, Schneider Electric, implements SBOMs within their varied product lines, ranging from firmware to cloud-based applications. By collecting and analyzing SBOMs, they can quickly assess vulnerabilities, much like how organizations scrambled to evaluate their exposure in the wake of the Log4J vulnerability.Sean and Marco steer the conversation towards the practical aspects of SBOM implementation for smaller companies. Cassie reassures that even startups and smaller enterprises can benefit from SBOMs without extensive resources, using free tools like Dependency-Track to manage their software inventories. She emphasizes that having an SBOM—even in a simplified form—provides a critical layer of visibility, enabling better risk management even with limited means.The discussion touches on the broader impact of SBOMs beyond individual corporations. Cassie notes the importance of regulatory developments and collective efforts, such as those by the Cybersecurity and Infrastructure Security Agency (CISA), to advocate for wider adoption of SBOM standards across industries.To wrap up, the hosts and Cassie discuss the value of conferences like OWASP Global AppSec for fostering community dialogues, sharing insights, and staying abreast of new developments in application security. They encourage listeners to attend these events to gain valuable knowledge and networking opportunities. Finally, in their closing remarks, Sean and Marco tease future episodes in the On Location series, hinting at more exciting content from their travels and guest interviews.____________________________This Episode's SponsorsHITRUST: https://itspm.ag/itsphitweb____________________________Follow our OWASP 2024 Global AppSec San Francisco coverage: https://www.itspmagazine.com/owasp-2024-global-appsec-san-francisco-cybersecurity-and-application-security-event-coverageOn YouTube:

The FEMA Podcast
Episode 140: A Fireside Chat about Cybersecurity and Emergency Management

The FEMA Podcast

Play Episode Listen Later Sep 5, 2024 62:02


On today's episode, we have a really exciting conversation that we'd like to highlight for you. FEMA was thrilled to recently host a joint FEMA virtual town Hall with our colleagues at the Cybersecurity and Infrastructure Security Agency - CISA. FEMA Administrator Deanne Criswell joined CISA director Jen Easterly for a special fireside chat where they discuss the crossover in our two mission spaces and our shared commitment to resilience and unity. FEMA and CISA often work hand-in-hand to keep communities across our nation safe. An issue surrounding cybersecurity and infrastructure security continue to be increasingly important areas of focus for all emergency managers. So, to that end, we wanted to represent their conversation for you here on today's episode. I hope you enjoy this fantastic conversation.

Harvard Data Science Review Podcast
I Can't Believe I Got Hacked! What Can We Do About Cybersecurity?

Harvard Data Science Review Podcast

Play Episode Listen Later Aug 29, 2024 40:26


In July 2024, we witnessed one of the most significant internet disruptions in history when CrowdStrike released a faulty update to its security servers. This update impacted approximately 8.5 million systems, triggering outages across various sectors, including airlines, banks, stock markets, and even government emergency services. Even once activity was restored, threat actors sought to take advantage of the situation through phishing schemes and other cyberattacks.  Though caused by an internal error rather than malicious intent, incidents like CrowdStrike's outage underscore the growing importance of reliable security measures on technologies that impact daily life. On this month's podcast, we explore the ins and outs of cybersecurity, how cyberattacks occur, and what steps you can take to protect your data. Our guests: Milena Rodban, independent geopolitical risk consultant and former senior advisor at the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency (CISA). Arun Seelagan, Senior Data Scientist at the Cybersecurity and Infrastructure Security Agency (CISA)

Travelers Institute Risk & Resilience
Cyber: Prepare, Prevent, Mitigate, Restore®

Travelers Institute Risk & Resilience

Play Episode Listen Later Aug 27, 2024 54:32


Ever wonder what it's like to attend one of the Travelers Institute's in-person cybersecurity symposia?Check out this conversation from our April cyber symposium in San Antonio, Texas. Listen as Joan Woodward, President of the Travelers Institute®; Ernesto Ballesteros, Cybersecurity State Coordinator at the Cybersecurity and Infrastructure Security Agency (CISA); Rehman Khan, AVP of Cyber Risk Management at Travelers; and Jennifer Coughlin, Partner at Mullen Coughlin, share strategies to prepare for and respond to a cyber incident.Visit the Travelers Institute® cyber readiness hub to learn more and to find a cyber event near you: https://www.travelers.com/travelers-institute/cyber-security/cyber-readiness Access more resources on CISA's website: https://www.cisa.gov/ ---Visit the Travelers Institute® website: http://travelersinstitute.org/Join the Travelers Institute® email list: https://travl.rs/488XJZM Connect with Travelers Institute® President Joan Woodward on LinkedIn: https://www.linkedin.com/in/joan-kois-woodward/

Psych in Business
Building a People-First Culture in High-Stress Environments with Dr. Elizabeth Kolmstetter

Psych in Business

Play Episode Listen Later Aug 27, 2024 26:38


In this episode of the Psych in Business podcast, Dr. Ernest Wayde sits down with Dr. Elizabeth Kolmstetter, the Chief People Officer at the Cybersecurity and Infrastructure Security Agency (CISA). Dr. Kolmstetter offers insights into her role and the importance of a people-first culture in organizational success.Dr. Elizabeth Kolmstetter is an industrial and organizational psychologist with over 30 years of public service. As CISA's Chief People Officer, she leads initiatives to enhance workforce strategy, leadership, and employee well-being.Dr. Kolmstetter discusses the unique responsibilities of a Chief People Officer, focusing on the importance of holistic employee support, data-driven leadership, and fostering a collaborative culture at CISA.Key Takeaways:Holistic Employee Support: CISA prioritizes employee well-being through coaching and support programs.Data-Driven Leadership: Leveraging data to enhance leadership decisions and organizational culture.Collaborative Culture: Training employees to adopt a partnership mindset for mission success.Intentional Leadership: Embedding core values into daily practices to build a healthy culture.To learn more about Dr. Elizabeth Kolmstetter and connect with her, visit her LinkedIn profile: https://www.linkedin.com/in/elizabeth-kolmstetter-8217289/

The Langley Files: CIA's Podcast
FILE 017 - CIA Cyber Safety 101

The Langley Files: CIA's Podcast

Play Episode Listen Later Aug 22, 2024 38:03


CIA's digital systems need to process some of the most sensitive data in the world—intelligence that is vital to keeping Americans safe and must be kept from falling into the wrong hands. But who is responsible for ensuring the security of those systems? And do they have any best practices that you could incorporate into your own tech life? On this episode of The Langley Files, you'll find out. Dee and Walter are sitting down with Jennifer Link, CIA's Chief Information Security Officer, to discuss her background and responsibilities, and how she goes about keeping herself cyber-safe in everyday life. So, from mystery phone calls and online pop ups to the increasing world of cyber-enabled home appliances—this is an episode chock full of CIA cyber safety news you can use. Look Inside FILE 017Want to dive deeper into today's episode? Here's a look into more of Langley's (unclassified) files:Interested in cyber security and want to take your skills to the next level? Put them to the test defending CIA—and the nation—from cyber threats. Check out career opportunities as a CIA Cyber Security Officer here.   Looking for handy factsheets on keeping yourself, your family, or your business safe online? The US Government's Cybersecurity and Infrastructure Security Agency (CISA) has you covered.  Did you know that Morocco borders both the Atlantic Ocean and the Mediterranean Sea? Learn incredible facts about places near and far with CIA's World Factbook.