40 min listen
Unavailable
Currently unavailable
DtSR Episode 183 - NewsCast for March 1st 2016
Currently unavailable
DtSR Episode 183 - NewsCast for March 1st 2016
ratings:
Length:
41 minutes
Released:
Mar 1, 2016
Format:
Podcast episode
Description
This is RSA Conference week, so while Rafal is out in San Francisco trying to make it through another one, James and Michael break down the news events that you may have missed.
300,000 Homes affected by security alarm bug
http://www.forbes.com/sites/thomasbrewster/2016/02/17/simplisafe-alarm-attacks/#3202d4e679a3
According to Spokesperson, Alarm still alerts users' smart device when the alarm is armed or disarmed.
Device is an alerting mechanism, not a lock
Technically, we’d consider this… wait for it… a ‘detective’ control.
Appears to only intercept when pin is entered into the device.. does this effect if user arms/disarms via their device?
82 Percent of company boards are concerned about security
http://betanews.com/2016/02/29/82-percent-of-company-boards-are-concerned-about-cyber-security/
Suggests that since CISOs don’t report to the CEO/Board, they companies aren’t serious. Ridiculous.
This is myopic…
Boards care. Executives care.
In security - are you perceived as a leader? Or a technical resource?
This is an opportunity.
See something suspicious online, Homeland Security wants to know about it
http://m.nextgov.com/cybersecurity/2016/02/homeland-security-wants-see-something-say-something-campaign-internet/126008/
We think this is rather unintelligent.
That said, it’s the sign of the only part of an ‘awareness’ program that counts: people are comfortable reporting something that seems amiss
What’s amiss? And that’s what’s missing.
We pretend it works at airports and in big cities. Does it? And what, exactly, are people reporting. And why?
What’s the experience?
Antivirus update breaks Internet browsing due to glitch
http://www.theregister.co.uk/2016/02/29/eset_antivirus_false_positive/
Apparently, update blocks getting to many internet sites due to flagging javascript as virus
We have seen this many times before.
What to consider:
Do you have a plan to handle this type of situation in your business?
Do you understand your model to identify the potential risks to then consider response plans?
Hospital pays $17,000 ransom after crooks hold data hostage
No matter what your take on this, this put real people's lives at risk
http://sanfrancisco.cbslocal.com/2016/02/18/california-hospital-ransomware-attack-hackers/
Additional insights: http://www.csoonline.com/article/3037018/leadership-management/are-you-prepared-to-respond-to-ransomware-the-right-way.html
Do you have current backups to protect agains this?
Does this set a precedent for criminals?
300,000 Homes affected by security alarm bug
http://www.forbes.com/sites/thomasbrewster/2016/02/17/simplisafe-alarm-attacks/#3202d4e679a3
According to Spokesperson, Alarm still alerts users' smart device when the alarm is armed or disarmed.
Device is an alerting mechanism, not a lock
Technically, we’d consider this… wait for it… a ‘detective’ control.
Appears to only intercept when pin is entered into the device.. does this effect if user arms/disarms via their device?
82 Percent of company boards are concerned about security
http://betanews.com/2016/02/29/82-percent-of-company-boards-are-concerned-about-cyber-security/
Suggests that since CISOs don’t report to the CEO/Board, they companies aren’t serious. Ridiculous.
This is myopic…
Boards care. Executives care.
In security - are you perceived as a leader? Or a technical resource?
This is an opportunity.
See something suspicious online, Homeland Security wants to know about it
http://m.nextgov.com/cybersecurity/2016/02/homeland-security-wants-see-something-say-something-campaign-internet/126008/
We think this is rather unintelligent.
That said, it’s the sign of the only part of an ‘awareness’ program that counts: people are comfortable reporting something that seems amiss
What’s amiss? And that’s what’s missing.
We pretend it works at airports and in big cities. Does it? And what, exactly, are people reporting. And why?
What’s the experience?
Antivirus update breaks Internet browsing due to glitch
http://www.theregister.co.uk/2016/02/29/eset_antivirus_false_positive/
Apparently, update blocks getting to many internet sites due to flagging javascript as virus
We have seen this many times before.
What to consider:
Do you have a plan to handle this type of situation in your business?
Do you understand your model to identify the potential risks to then consider response plans?
Hospital pays $17,000 ransom after crooks hold data hostage
No matter what your take on this, this put real people's lives at risk
http://sanfrancisco.cbslocal.com/2016/02/18/california-hospital-ransomware-attack-hackers/
Additional insights: http://www.csoonline.com/article/3037018/leadership-management/are-you-prepared-to-respond-to-ransomware-the-right-way.html
Do you have current backups to protect agains this?
Does this set a precedent for criminals?
Released:
Mar 1, 2016
Format:
Podcast episode
Titles in the series (100)
DtSR Episode 349 - Verizon 2019 DBIR Double-Live Part 2: Guest: Gabriel Bassett by Backpacking Light Magazine Podcasts