Best Hitrust podcasts we could find (Updated January 2019)
Related podcasts: Pci Tech Compliance Encryption Patrick Townsend Key Management Pgp Aes Sarbanes-oxley Hipaa Data Security Sox Tokenization Transfer File Managed Dss Database Key Security  
Hitrust public [search 0]
×
Join millions of Player FM users today to get Hitrust news and insights whenever you like, even when you're offline. Podcast smarter with the podcast app that refuses to compromise … it's free and easy.
Podcast smarter! Player FM is free and easy.
show episodes
 
I
InfoSec ICU
Weekly
 
The Health Information Security podcast from the Medical University of South Carolina
 
Security Insider is your resource for information on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.
 
Security Insider is your resource for information on the latest developments in data security, regulatory compliance issues, technology, and trends affecting the industry.
 
AWS re:Invent 2017 Conference
 
Loading …
show series
 
Steve and Gerry discuss The Dark Overlords 9/11 related doxware activity with law firms and “extortionware” in general. Steve interviews CISO and CPO for UChicago Medical Erik Decker. Finally the guys discuss recent news of misuse and privacy violations of Amazon Ring video feeds. Show Notes Resources: 9/11 Ransomware https://motherboard.vice.c ...…
 
Steve and Gerry unpack the newest report from the Department of Health and Human Services and detail the practicality of it for helping organizations of various sizes. The share research out of UC Berkley showing how AI can re-identify HIPAA compliant de-identified data. They finish by discussing the NSA disassembler tool that will be released ...…
 
Steve and Gerry reflect on a very busy 2018 in the cyber security industry. They discuss the big stories and the lessons learned from them including SamSam’s effective attacks and Facebook’s data practices. They also cover some overblown stories from the year. They put their soothsaying abilities to the test, each submitting two predictions for ...…
 
Steve and Gerry dive head first into the Equifax Breach Report. There is much to learn from and parallels for many businesses to self-identify. They cover a recent IG report of US Missile Defense facilities and their poor security postures. Finally they touch on an oft overlooked element of information security, properly destroying paper record ...…
 
Gerry and Brandon are back in the studio discussing the Marriott Starwood breach. Steve interviews an RFID/NFC bio-hacked individual, and Gerry and Brandon discuss the ramifications and privacy legislation around RFID for personal identification. Show Notes Resources: Marriott / Starwood Breach https://www.washingtonpost.com/business/2018/11/30 ...…
 
Gerry and Brandon discuss a recent web application vulnerability that has caused a business to respond with what appears to be breach notifications. They discuss social engineers attacking Google results to trick victims into trusting contact information. Finally, they cover several hot IoT items this holiday season and the privacy implications ...…
 
Gerry and Steve celebrate their 1-year anniversary of InfosecICU. They discuss an Ohio medical center struck with ransomware and how attacking during a holiday weekend is more likely for bad guys. They discuss SIM swapping attacks against high net-value individuals. The finish with a discussion of social science research that looks at how much ...…
 
Brandon and Steve discuss another incident involving insecurity in text messaging as an authentication mechanism. They discuss criminals success in compromising credit card security controls. They finish with the interesting and somewhat science fiction approach to authentication via microchipping humans. Show Notes Resources: Vovox Text Messag ...…
 
Gerry and Steve are fresh from BSides Charleston. The two share their favorite talks and the overall thoughts on the conference. They discuss the slippery slope of privacy concerns using Amazon Echo recordings in a court case. They finish up discussing the utility of the “Hack the Air Force” competition being executed. Show Notes Resources: Cha ...…
 
The guys discuss how the CIA’s continued usage and organic growth of a communication system that was used well past its intention led to a catastrophic impact to CIA agents in Iran and China in 2013. Steve interviews Jack Rhysider, the creator of the hot podcast “Darknet Diaries”. They wrap the show revisiting election hacking and why attacking ...…
 
The guys discuss the FDA’s new guidance, currently out for comment, on premarket submissions for management of cybersecurity in medical devices. They turn to the SOC and explore a published opinion of using AI to lighten the load on Analyst 1’s in the SOC and help with burn out. The wrap up by discussing recently discovered starter kits found o ...…
 
The guys discuss two dramatic stories of ABC filming reality shows in Boston and New York hospitals and the privacy infractions that followed. They shift to discussing the legislation that will go into effect January 2019 around insurance data cyber security and the recent Healthcare.gov breach. They round out the show theorizing on motives rel ...…
 
The guys discuss Medtronic’s recall of their cardiac device programmer system due to security vulnerabilities and how this is a good trend for the medical device industry. Next they discuss cyber lexicon and since words have meaning the nuances of each and how journalists may mistakenly say one thing when they mean another. They finish with new ...…
 
The guys dive into the hotly debated Bloomberg report about hardware compromised motherboards and the two sides of the story. They discuss the Apollo data service analytics publicly exposed database. They finish discussing Google’s decision to not disclose a data leak of their Google+ platform for political reasons and how they shuddered Google ...…
 
The guys discuss 5 recent Senate approved Cybersecurity bills and their potential impact if passed into legislation. They introduce the Department of Commerce of NTIA’s Request for Comments (RFC) regarding a US Consumer Privacy Data effort. They finish with the technical details regarding the recent Facebook breach and what the impact is to aff ...…
 
This episode is on the move! InfoSecICU focuses on mobile device security taking a look at mobile OS cyber arms dealers NSO Group and Lucy Gang, diving into their business model and the evolution of cyber criminal enterprises. The guys pivot to mobile healthcare, discussing Apples continued move into the healthcare space and the risks that come ...…
 
VMware virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained within a traditional IT data center world. With vSphere version 6.5 and vSAN version 6.6 VMware customers now have the ability to encrypt VMware managed virtual machines and ...…
 
VMware virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained within a traditional IT data center world. With vSphere version 6.5 and vSAN version 6.6 VMware customers now have the ability to encrypt VMware managed virtual machines and ...…
 
Happy Anniversary to InfoSecICU! They guys celebrated the 52nd week of shows by discussing the HITRUST CSF framework for standardizing security certifications for healthcare-related vendors. They introduce a creepy story of Airbnb hosts using IoT devices to spy on guests. Finally, they discuss research that dives into the long term impact to a ...…
 
Steve and Gerry cover Health and Human Services Office of Civil Rights (HHS OCR) briefing presented to MUSC recently and discuss the clarification it brought with it. They cover the details of the recent British Airways hacked that compromised 380,000 individuals credit card information. Given the impending Hurricane Florence, the guys refresh ...…
 
Steve and Gerry discuss the privacy ramifications of the Google MasterCard deal that recently came to light. They discuss Instagram’s decision to support two-factor authenticator apps and the issues with SMS as a 2nd factor. They finish up discussing the dependence and concerns of using your phone number as your identity and authenticator. Show ...…
 
Steve is fresh from Gartner Catalyst and shares his experience and lessons learned. The guys discuss a follow up story from election officials that tells the other side of the story from the recent voting village hacks at DEF CON 26. They finish up with a discussion around the damages of NotPetya a year later with a case study of Maersk. Show N ...…
 
Gerry and Brandon discuss the long term effect of the recently published Augusta University Medical Center Breach. They cover behavior based analysis for malicious activity on the network and utilizing RITA, a security tool from Black Hills Security Group to assist. Finally they touch on the recently enacted NIST Small Business Cybersecurity Ac ...…
 
Gerry is back from BlackHat and he’s ready to tackle the oft-ignored member of the Confidentiality-Integrity-Availability triad as he digs into a new attack that tampers with medical device data to disastrous effect. While in Vegas, Gerry also had the opportunity to interview Jeremiah Grossman, CEO of BitDiscovery, to talk about the unique way ...…
 
Brandon is back in the co-pilot’s chair as we talk about the recent GAO report that HHS is failing to protect PHI. We also share our intrigue surrounding the PHI breach at Iowa Health Group that was actually a Business Email Compromise attack. There’s also good news for Boston Childrens’ Hospital, as the hacktivist charged with disrupting their ...…
 
Gerry and Steve cover the recently released practical guidance from NIST on securely integrating mobile devices into clinical practices. They discuss then poke holes in a recent, widely distributed report discussing America’s most cyber insecure airports, and with Blackhat on the horizon they provide a preview of things to expect from the event ...…
 
Gerry and Steve discuss organizations challenge of securing their supply chain, citing a recent robotics company that lost IP from major car vendors. They provide an update on the Healthcare Sector Coordinating Councils efforts on executing on the 2017 Healthcare Cybersecurity Taskforce report. They dive into Emotet malware and how it has evolv ...…
 
Gerry and Steve have read the indictment of Russian nationals APT28 aka “Fancy Bear” aka Unit 26165 released by the DOJ. The techniques and extent of the attacks are covered and discussed. They turn their attention to an NPR investigation into techniques health insurers are employing to determine policy premiums. Thirdly, they touch on a ‘hot’ ...…
 
Gerry and Brandon dig into a recent lawsuit of a cyber insurance company suing a security provider for gross negligence of protecting the insurer’s client systems and what this may mean for the industry going forward. They investigate Californias new privacy law and how it relates to individuals and the healthcare industry. They finish up discu ...…
 
Gerry’s on holiday and Security Architect Matt Jones joins the podcast to discuss the recent Magic Unicorn revelation that has forensics experts in a tizzy. We also dive into an interview with Elizabeth Snead, an expert on phishing campaigns, as she gives us insight into interesting types of phishes and what you can do to defend yourself. And s ...…
 
It’s all HIPAA this week, and you’d be surprised at the meat on this bone! Steve and Gerry discuss the recent massive OCR fine to a Texas healthcare provider and how the poor understanding of HIPAA requirements and policies are leading to individuals violating HIPAA with the best of intentions. Finally, the guys cover the challenges individuals ...…
 
Gerry and Steve discuss a recently released security research showing geo-location data leakage from unexpected sources. They provide a list of tried and true defense-in-depth techniques for non-corporate networks. They wrap-up with a discussion on the practical application of security in corporate settings to get end-user buy-in. Show Notes Re ...…
 
Gerry and Steve discuss Microsofts Red Team and how its mission to beat the bad guys to finding vulnerabilities in Windows OS. They give their thoughts on a recently released research paper on the seven properties of highly secure devices and what the impact for IoT devices in general could be. They wrap up discussing Azure Sphere, Microsofts a ...…
 
In a special edition of InfoSecICU, its tool time! Brandon and Gerry discuss their experiences and lessons learned with a bevy of security related software tools that you may utilize in your organization. NSM as a philosophy is covered, followed by SysMon. The guys round out discussing approaches and appropriateness of malware analysis tool set ...…
 
Brandon and Gerry discuss the recent NH-ISAC Summit in Sawgrass and a keynote talk regarding cyberwar and civilian collateral damages. They discuss, technically, the recently published research on VPNFilter and finish discussing some additional Amazon Alexa mishaps. Show Notes Resources: NH-ISAC Summit https://nhisac.org/summits/2018-spring-sum ...…
 
Steve and Gerry discuss recently published research of two attacks that can be use to compromise the Amazon Echo digital assistant device, and the implications for digital assistants in general going forward. Multi-factor authentication (MFA) is great, but not bulletproof. Steve and Gerry discuss attack vectors and what organizations should be ...…
 
Steve and Gerry discuss the use cases and privacy implications of a new website that provides aggregated access to the Internet’s live streaming web cams. A major attack on email encryption and the argument security professionals are having about it is covered. They finish with thoughts on the recently released trove of published evidence from ...…
 
Steve and Gerry discuss a serious, but often overlooked issue of children identity theft and fraud. They shed light on how organized crimes are making substantial financial investments to improve phishing attacks. They round out discussing privacy concerns with individuals DNA and how it can be used to solve cold cases. Show Notes Resources: Ch ...…
 
Its all about information sharing in this episode of Infosec ICU. Steve and Gerry interview Chris Bennett, sector chief for healthcare and public health for South Carolina’s InfraGard. They discuss the plethora of ISACs available to US based companies and what values you can realize. Finally they discuss the privacy and security concerns of the ...…
 
Steve and Gerry discuss the 34 tech company Cybersecurity Accord announced at RSA 2018, the new plan the FDA has published with respect to medical device cybersecurity. Show Notes Resources: Cybersecurity Accord https://www.scmagazine.com/tech-giants-combine-to-protect-civilians-from-cyberattack/article/759201/ https://cybertechaccord.org/ FDA ...…
 
Steve and Gerry discuss recent research that demonstrates data breaches are linked to higher patient mortality rates. IoTs in the enterprise and the impending future of them are discussed, introduced by a recent casino breach that started with a thermometer. Finally they socialize recent HHS guidance on acceptable privacy disclosure. Show Notes ...…
 
Steve and Gerry drill into the Verizon PHI Data Breach Report and discuss a few surprising findings. They offer their opinion on the recent attacks on Russian and Iranian Cisco devices and the value of Hacktivism. They close out with a scam that attacks a little known feature of all GMail email addresses. Show Notes Resources: Verizon PHI Data ...…
 
Breach, breach, breach! Steve and Gerry talk the Good, the Bad, the Ugly of recent breaches, showcasing a comparison between organizations that handle breaches well and those that fail miserably. Cloudflare’s new DNS resolver and its privacy approach are discussed followed by the Ponemon report on the cost of a data breach. Show Notes Resources ...…
 
The European General Data Protection Regulation (GDPR) is radically transforming the information technology space. Organizations of all sizes and types, and cloud service providers large and small, must adjust to the notion that people now fully own information about themselves. Join Patrick Townsend, Founder and CEO of Townsend Security, as he ...…
 
The European General Data Protection Regulation (GDPR) is radically transforming the information technology space. Organizations of all sizes and types, and cloud service providers large and small, must adjust to the notion that people now fully own information about themselves. Join Patrick Townsend, Founder and CEO of Townsend Security, as he ...…
 
Steve and Gerry dive headfirst into a recent indictment against 9 Iranian nationals accused of hacking universities worldwide (a majority in the US) for research capital; showing the value of academic research, they discuss a recently published paper from China outlining a technique for tricking facial recognition biometric information. Finally ...…
 
With Gerry in South Dakota presenting his proposal for his dissertation, guest-host Brandon Stephens steps up to the plate to discuss how Sun Tzu’s The Art of War is helpful in preparing for a cyber attack. He and Steve also discuss why Identity and Access Management is so important, as well as the challenges in getting it right. And, of course ...…
 
We all think it, but now we know it. The guys discuss statistical evidence that supports employees are a weak link in healthcare cybersecurity defenses. Also attackers have discovered that they can unleash unprecedented Distributed Denial of Service (DDoS) attacks using open memcached servers. The guys cover both these topics and dive into how ...…
 
Last year HHS executed their HIPAA Phase 2 audits across covered entities and business associates, but why have things been quiet at HHS? The guys provide insights regarding the findings and suggest ideas on why HHS’s focus may have changed. The guys look at the bigger picture of the effects breaches have had on public trust, and a 21st century ...…
 
Steve and Gerry discuss healthcare employee termination when they violate privacy and ‘snoop’ on patients’ medical records, a topic Steve was interviewed for in a recent Post and Courier article. Also the guys interview and discuss a former senior leader in information security at Anthem, and his experience of being on the front lines of a mega ...…
 
Google login Twitter login Classic login