Insider Threat Risk Mitigation, Cyber Insurance-backed Certification, Fisticuffs Vulnerability Disclosure

45:02
 
Share
 

Manage episode 230590253 series 1946765
By Information Security at the Medical University of South Carolina. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Steve and Gerry discuss an insider threat issue that resulted in $700K worth of damage to a company in retaliation for termination. The obvious involuntary terminations activities were performed, but what issues led to a compromise? They spend time covering the advancement on cyber insurance driving security technology adoption. The finish the topics with a case study in vulnerability disclosure being done wrong.

As always they end with One Cool Thing.

Show Notes

Resources:


Insider threats and departing employees.
https://nakedsecurity.sophos.com/2019/03/22/sacked-it-guy-annihilates-23-of-his-ex-employers-aws-servers/

Cyber risk ratings from insurance companies. Do we need yet another measure?
https://www.scmagazine.com/home/security-news/cybercrime/a-collaborative-effort-by-some-of-the-worlds-largest-insurers-has-set-out-to-create-a-consumer-ratings-service-for-the-cybersecurity-industry

Bug reporting gets nasty
https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/

One Cool Thing
Is there a doctor in the house?

Auto-pilot tricks to kill your friends.
https://arstechnica.com/information-technology/2019/04/researchers-trick-tesla-autopilot-into-steering-into-oncoming-traffic/

Contact

Email infosecicu@musc.edu

Twitter:

The post Insider Threat Risk Mitigation, Cyber Insurance-backed Certification, Fisticuffs Vulnerability Disclosure appeared first on MUSC Podcasts.

104 episodes