))
A weekly discussion of new developments and the latest cybersecurity threats, including ransomware, malware, phishing schemes, DDoS attacks and more, facing the U.S. industrial sector.
…
continue reading
Kaspersky Lab’s security experts discuss recent news and give their advice on the topics of computer and smartphone protection.
…
continue reading
The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.
…
continue reading
Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practices.
…
continue reading
CyberSecurity Sense is LBMC Information Security's podcast that provides insight and updates on such information security topics as: IPS Monitoring and Managed IDS Services, Security Information Event Management, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Computer Security Incident Response, Penetration Testing, Risk Assessments, Security Program Planning, Web Application Security Assessments, ACAB LADMF Certification Assessments, CMS Information Security, FedRAM ...
…
continue reading
1
Legacy Mindsets Are Helping Hackers Weaponize Networks
41:49
41:49
Play later
Play later
Lists
Like
Liked
41:49
Send us a text So, my daughters like to give me a hard time about growing old. Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the prod…
…
continue reading
1
Taking the First Step Toward Your Career Dreams
30:15
30:15
Play later
Play later
Lists
Like
Liked
30:15
Summary: In this episode of The New CISO, host Steve Moore speaks with Nicola Sotira, Head of CERT at Poste Italiane, about his journey from technical expert to business leader, all while following his dreams. Nicola shares the importance of mentorship, the value of building strong teams, and how he applied a Viking mentality to overcome challenges…
…
continue reading
1
Using Force Multipliers to Protect Against Next-Gen Stuxnet
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
Send us a text While the justifications for additional cybersecurity spending is easy to explain, getting buy-in at the C-level can be difficult. However, some recent research might help you win over those controlling the purse strings. SonicWall’s Mid-Year Cyber Threat Report found that their firewalls were under attack 125 percent of the time dur…
…
continue reading
Episode 365 kicks off with discussion around Donald Trump’s recent courting of the crypto world. From there talk moves to Mozilla’s recent decision to enable Privacy Preserving Attribution (PPA) by default – and that’s got some in the EU worried. To wrap up the team discuss two stories related to A.I – first around Microsoft suggesting that omnipre…
…
continue reading
Send us a text One of the most common topics we explore here on Security Breach is the ongoing challenge of asset visibility in the OT landscape. It's frustrating because it would seem that the solution starts with basic inventory management approaches, i.e. the first step in developing frameworks and plans for everything from tool selection to att…
…
continue reading
Episode Summary: In this episode of The New CISO, host Steve Moore is joined by Nicola Sotira, head of CERT at Poste Italiane. Nicola shares his journey from working on cryptographic devices in the pre-internet era to leading security teams today. His early work with assembly language, hardware security, and cryptanalysis offered unique challenges,…
…
continue reading
Send us a text According to Veeam’s 2024 Ransomware Trends Report, cyber victims stated that they were unable to restore 43 percent of whatever data was affected by ransomware attacks. This reaffirms what a number of Security Breach guests have stated about trusting hackers after paying their extortion demands. Another finding shows that 63 percent…
…
continue reading
Episode 364 kicks off with a chat around the recent furore around Telegram’s problem with unsavoury content. Following that, the conversation moves to a story that might concern people who rely on TOR (The Onion Router), as it’s been disclosed that German police managed to de-anonymise data coming out of an exit node, in order to track and arrest o…
…
continue reading
Send us a text The ongoing theme in industrial cybersecurity centers on two competing dynamics – the desire to expand our implementation of automation and Industry 4.0 technologies with the goal of using more and faster connections, along with the decision-making data each generates to improve the efficiency and quality of production. However, thes…
…
continue reading
Episode 363 kicks off with a discussion around moderation on the popular messaging service, Telegram. From there the team move to discuss how one person managed to siphon off over $10 million from the likes of Spotify and Apple using bots to stream music. To wrap up the team discuss two stories, the first looking at how the Democrats in America are…
…
continue reading
1
Inside the Growing Complexity of Ransomware Hacking Groups
31:41
31:41
Play later
Play later
Lists
Like
Liked
31:41
Send us a text We’re back to discuss an all-too-familiar topic – ransomware. Ironically enough, it seems the topics we describe in this manner become so familiar because we can’t figure out viable, long-term solutions. I think part of the challenge for industrial organizations dealing with ransomware is that we have to divide our energy and resourc…
…
continue reading
1
Time to 'Rip off the Band-Aid' to Ensure Security
38:52
38:52
Play later
Play later
Lists
Like
Liked
38:52
Send us a text A smarter, well-funded hacker community means embracing basic, yet daunting cyber challenges. In manufacturing, regardless of your role, avoiding downtime is an obvious priority, and one of the motivating factors driving investments in cybersecurity. In working to mitigate potential DDoS attacks or malware drops, manufacturers are ta…
…
continue reading
1
What CISOs Get Wrong: Advice From a Cybersecurity Entrepreneur
26:21
26:21
Play later
Play later
Lists
Like
Liked
26:21
In this episode of The New CISO, host Steve Moore sits down with Larry Pfeifer, CEO and President of Metrics That Matter, for a deep dive into the evolving role of the CISO and the increasing importance of cybersecurity insurance. Larry offers valuable insights drawn from his unconventional career in cybersecurity, sharing advice for CISOs and entr…
…
continue reading
Episode 362 of the Kaspersky podcast kicks off with discussion around Brazil’s controversial decision to ban Elon Musk’s X platform. From there the team discuss a story from the BBC around the theft of a voice actors voice, which was used on an A.I platform. To wrap up the team discuss how scammers are looking to use sextortion tactics in order for…
…
continue reading
Episode 361 of the Transatlantic Cable podcast kicks off with news around the right to switch off in Australia. From there the team talk about privacy – specifically if you should have to pay to have online privacy. To wrap up, the team discuss how and why a popular game has attracted so much online attention. If you liked what you heard, please co…
…
continue reading
1
Combating the 20th Century Mafia with a Stronger Human Firewall
45:47
45:47
Play later
Play later
Lists
Like
Liked
45:47
Send us a text Sophos recently reported that 65 percent of manufacturing and production organizations were hit by ransomware last year, which, unlike other sectors, is an increase. Overall, these attacks have increased by 41 percent for manufacturing since 2020. Additionally, the cybersecurity firm found that 44 percent of computers used in manufac…
…
continue reading
1
Tearing Down the 'Set It and Forget It' Mindset
41:33
41:33
Play later
Play later
Lists
Like
Liked
41:33
Send us a text I recently watched an interesting documentary called Turning Point: The Bomb and the Cold War on Netflix. Great watch – I’d highly recommend it. Essentially it positioned nearly every prominent geo-political event since World War II as fallout from the U.S. dropping the nuclear bomb on Japan to end World War II. Similarly, we can loo…
…
continue reading
Episode 360 of the transatlantic cable podcast kicks off with news that Nvidia are on the receiving end of a class-action law-suit, alleging that they scraped YouTube videos without creators’ consent. From there, the team discuss news around Taylor Swift AI images being shared by Donald Trump and an additional story around how photography is quickl…
…
continue reading
Send us a text When I was a kid, we always looked forward to my dad’s work picnic. He was a tool and dye maker for a leading caster manufacturer that would rent out a local park, make a ton of food and put on various games and activities for the families. One of the highlights of this day was a softball game pitting the office versus the shop. The …
…
continue reading
In this episode of The New CISO, host Steve is joined by Larry Pfeifer, CEO and President of Metrics That Matter. Although Larry is not a CISO, he has worked in many adjacent fields, including the US military, university IT research, sales engineering, and more. As a result of his vast experience, Larry has a unique lens on cybersecurity. Listen to…
…
continue reading
Episode 359 kicks off with discussion around the recent riots in the U.K. and how the UK government is looking to leverage facial recognition to combat trouble makers. From there, the team discuss a strange story concerning how police forces in the U.S were able to locate a criminal via a lock-screen picture left at the scene of a crime. To wrap up…
…
continue reading
1
'There's No Bulletproof Vest' in Cybersecurity
51:08
51:08
Play later
Play later
Lists
Like
Liked
51:08
Send us a text An ethical cyber researcher breaks down the 'tsunami of exposed data' he continues to uncover. When it comes to solving industrial cybersecurity's biggest challenges, I think we have to continue to ask questions that simultaneously tackle basic blocking and tackling concerns, as well as those that lead to bad news. Both prevent us fr…
…
continue reading
Send us a text The landscape of industrial cybersecurity continues to change and evolve, and demands a vigilant monitoring of the next threat, vulnerability or potential soft spot in our defenses. That’s why we continue to produce Security Breach, and, by the way, continue to be so appreciative of the growth and support we’ve received from each of …
…
continue reading
Episode 358 of the Transatlantic Cable Podcast kicks off with news of American Cybersecurity firm KnowBe4 getting duped by a North Korean hacker who successfully when through their HR checks and secured employment! Deepfake bullying being used by children on Snapchat. X/Twitter’s AI bot Grok is now reading your tweets, however there is a fix and we…
…
continue reading
In this episode of The New CISO, Steve is again joined by guest Grant Lockwood, Comedian, DJ, and the Chief Information Security Officer at Virtus Health. Today, Grant returns to explain how his approach to effective communication has evolved since becoming a security leader. Listen to the episode to learn the difference between safety and security…
…
continue reading
1
The $25M 'Wake-Up Call' Supply Chain Hack
30:22
30:22
Play later
Play later
Lists
Like
Liked
30:22
Send us a text According to IBM’s Cost of a Data Breach Report, nearly 20 percent of the organizations surveyed stated that they have experienced a breach stemming from a compromise in their supply chain, or a vulnerability related to it. The average cost of these breaches was estimated at just under $4.5 million. Their data also found that attacks…
…
continue reading
Episode 357 of the Transatlantic Cable Podcast kicks off with news of the Telegram zero-day vulnerability that went unnoticed for 5 weeks, as well as further CrowdStrike woes with threat actors targeting companies with fake fixes. From there Ahmed & Jag go on to discuss a potential hacktivism hit on Disney in response to Disney’s embrace of AI, and…
…
continue reading
Send us a text Due to the rise in attacks on manufacturing and critical infrastructure, and the devasting impacts these attacks have on daily lives around the world, the World Economic Form recently unveiled a report entitled Building a Culture of Cyber Resilience in Manufacturing. This initiative not only identified the sector’s primary challenges…
…
continue reading
Episode 356 of the Transatlantic Cable Podcast kicks off with news around the AT&T ‘mega-breach’. From there the team discuss two stories related to AI – the first looks at how AI is being used to help doctors detect early-onset Alzheimer’s; the team then talk about how K-Pop are looking to use artificial intelligence to write songs and create artw…
…
continue reading
1
There's No 'Plant the Flag' Moment in Cybersecurity
32:47
32:47
Play later
Play later
Lists
Like
Liked
32:47
Send us a text When looking at industrial cybersecurity, more attention is being paid to how workers are logging in to access critical machinery, software or data. And according to Trustwave Threat Intelligence’s recent Manufacturing Threat Landscape report, 45 percent of attacks experienced by manufacturers stemmed from the bad guys accessing cred…
…
continue reading
Episode 355 of the Transatlantic Cable podcast begins with news that Ticketmaster’s recent data breach is creating more trouble for them than previously thought. Moving from Ticketmaster to TikTok, the next story covers a disturbing new trend on the social media platform, where a “mob attack led by middle schoolers” tormented teachers. To wrap up t…
…
continue reading
1
Is Security Funny - What Hobbies Can Teach a CISO
31:22
31:22
Play later
Play later
Lists
Like
Liked
31:22
In this episode of The New CISO, Steve is joined by guest Grant Lockwood, Chief Information Security Officer at Virtus Health. After starting his career in an administrative position, Grant found himself getting bored. After being urged by his wife, Grant turned things around and is now a DJ, comedian, and, of course, a successful CISO. Listen to t…
…
continue reading
Episode 353 of the Transatlantic Cable podcast kicks off with an ‘interesting’ story involving Microsoft, real-time software recording and sex-toy retailers. To go into more details would just be a spoiler. From there, the team talk about how Facebook are the next business to face EU’s DMA (Digital Market’s Act) legislation. To wrap up conversation…
…
continue reading
Send us a text As we’ve discussed numerous times on Security Breach, terms like change, evolution and constant are more than just buzz terms – they’re a simple reality of working in the industrial OT space. Whether we’re discussing threat actors from Stuxnet to Lockbit, tactics from social engineering to double-extortion ransomware, or vulnerabilit…
…
continue reading
Episode 353 of the Transatlantic Cable podcast kicks off with news around ransomware attacks, both in the UK and the US. From there, the team discuss updates around the EU’s new DMA (Digital Market’s Act) and how Apple could be a test case for record fines, if they’re found to have abused their market position. To wrap up, the team look at how some…
…
continue reading
1
The Protection and Productivity of Zero Trust
42:49
42:49
Play later
Play later
Lists
Like
Liked
42:49
Send us a text Over the last nearly 100 episodes of Security Breach we’ve discussed a wide range of strategies for protecting the manufacturing enterprise. But perhaps the most polarizing of these has been Zero Trust. While some unwaveringly champion the cause of this approach, others question the ways in which it is typically deployed. Perhaps thi…
…
continue reading
Episode 352 of the Transatlantic Cable podcast kicks off with a story concerning generative AI and hackers, with the hackers taking the side of artists (or so it would seem.) From there discussion turns to the US surgeon general calling for ‘warning labels’ on social media, mainly in part due to the worrying rise in young people’s mental health. To…
…
continue reading
In this episode of The New CISO, host Steve is joined by returning guest Sándor Incze, CISO at CM.com. In part two of his interview, Sándor shares his strategies for boosting team productivity. As a long-time security leader, Sándor understands how to get the best out of his team. Listen to the episode to learn more about the difference between ner…
…
continue reading
Send us a text One of the more common obstacles that we discuss here on Security Breach is how increased connectivity has combined with new Industry 4.0 technologies to constantly expand the OT attack surface. In the midst of all this expansion, it’s easy to either overlook cybersecurity concerns, or put too much trust in the embedded security feat…
…
continue reading
Episode 351 of the Transatlantic Cable podcast begins with discussion around Microsoft’s controversial ‘Recall’ feature. Following from there, news turns to discussion around Elon Musk’s frustration around Apple’s decision to include ChatGPT in the upcoming iOS 18. To wrap up, the team discuss two news stories. The first covers the arrest of 2 susp…
…
continue reading
Episode 350 of the Transatlantic Cable podcast kicks off with surprising news that whilst Generative AI tools such as ChatGPT and MidJourney are marketed aggressively, they’re not actually that popular with everyday folk – with just 2% of people in the UK saying they use Gen AI in their day. From there talk moves to news regarding two large data br…
…
continue reading
Send us a text Those of you with a military or law enforcement connection are probably, and unfortunately, familiar with the term collateral damage. While this phrase has a legacy in these environments, it’s also become an unwelcome addition to the realm of cybersecurity. Examples of this dynamic can be found in a number of hacktivist attacks that …
…
continue reading
1
The OT Threat Landscape's Infectious Nature
43:15
43:15
Play later
Play later
Lists
Like
Liked
43:15
Send us a text Viewing hacks as diseases to address evolving threats, vulnerabilities and tools like AI. Like many of you, I recently dove into Verizon’s 2024 Data Breach Investigations Report (DBIR). And while there’s a plethora of data housed in the report that could fuel conversations on a multitude of topics, I chose the following two pieces of…
…
continue reading
Episode 349 of the Transatlantic Cable podcast kicks off with a discussion on Microsoft's newly announced Copilot+ feature for personal computers. This feature, touted to give PCs a "photographic memory," raises significant privacy concerns as it can log everything a user does by taking screenshots every few seconds. Privacy advocates fear the pote…
…
continue reading
1
Perspectives on Security as a CISO and Police Officer
29:38
29:38
Play later
Play later
Lists
Like
Liked
29:38
In this episode of The New CISO, host Steve is joined by guest Sándor Incze, CISO at CM.com. Today, Sándor shares his untraditional path to a dual career in the Infosec and law enforcement industries. Through diligence, initiative, and automation, Sándor has been able to balance both of his life’s passions. Listen to the episode to learn more about…
…
continue reading
We kick off with news that Google plan to introduce a new AI tool to help detect if you’re being scammed in a phone call – a boon for those who fall prey to scams. From there the team discuss news that Scarlett Johansson isn’t best pleased about the likeness of ChatGPT’s new voice, which sounds eerily familiar to her own. To wrap up the team discus…
…
continue reading
1
PCI Monthly Update: Latest News and Updates to Requirement 12
39:37
39:37
Play later
Play later
Lists
Like
Liked
39:37
Join us for the latest episode of our PCI Monthly Update podcast, where we explore the latest developments in the world of payment card industry security. We begin with a news segment covering the impact of PCI v4.0 and how organizations are adjusting. In case you missed it - Andy Kerr joined PCI Practice Partner Stewart Fey for an interactive Q&A …
…
continue reading
Send us a text It starts with a dedication to enhanced visibility. One of the big conversations regarding OT security revolves around the use of tools. Some have too many, others not enough and everyone is searching for the funds to mange and obtain the right ones for a constantly evolving threat landscape. The key to understanding which tools are …
…
continue reading
Send us a text Many attacks on manufacturers are just the first step in going after even bigger targets. One of the inescapable truths about the industrial sector is that it is usually the ultimate proving ground for product performance. When we look at some of the technologies that have created seismic social shifts, tools like operational softwar…
…
continue reading
Episode 347 of the Transatlantic Cable podcast begins with news that Dell have been hit by a data breach, however details on the breach are scarce. Following that the team discuss another data breach, this time affecting Europol. To wrap up the team discuss two stories, the first around Spanish police pulling data on suspects from sources such as P…
…
continue reading
