Tue, 8 October 2019
All links and images for this episode can be found on CISO Series (https://cisoseries.com/cybercrimes-solved-in-an-hour-or-your-next-ones-free/)
In the real world, cybercrimes just don't get solved as fast as they do on CSI. So we're offering a guarantee. If we don't catch the cyber-perpetrator in an hour (including commercial breaks) we'll make sure you're attacked again.
This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our sponsored guest this week is Jason Hill (@chillisec), lead researcher at CyberInt Research Lab.
Thanks to this week's podcast sponsor, Cyberint.
The high ROI is what makes spear phishing campaigns so attractive to threat actors. Read our breakdown of TA505’s latest series of attacks. CyberInt has been tracking various activities surrounding this and other similar attacks where legit means were used to hack international companies in the retail & financial industries.
On this week's episode
What annoys a security professional
Question on Quora asks, "What does everybody get wrong about working in the field of forensics?" There were a handful of answers from looking to TV and film dramas to that it's only a post mortem analysis. What are the biggest misconception of digital forensics?
Why is everybody talking about this now?
Tip of the hat to Stu Hirst of Just Eat who posted this Dilbert cartoon that got a flurry of response. Read for yourself, but in essence, it's a boss that thought technology would solve all his problems. Not realizing that people and process are also part of the equation.
All too familiar. The "I've been hearing a lot about __________" phenomenon. What causes this behavior and how do you manage it?
How much flexibility to you require in your security team and the business?
Please, Enough. No, More.
How far can AI go? Where does the human element need to exist? What are the claims of the far reaching capabilities of AI? We discuss what we'd like to hear regarding the realistic capabilities and limitations of AI.
Every year, the Fall season sees billions of dollars being spent on home-based IoT devices. The back-to-school sales are the starting point, Cyber Monday is the clubhouse turn and the year-end holiday season is the finish line.
As usual, these devices – printers, DVRs, IP cameras, smart home assistants, are relatively inexpensive and provide plug and play convenience, to satisfy an impatient customer base.
For the rest of the cloud tip, head to CISO Series.
Check out lots more cloud security tips sponsored by OpenVPN, provider of next-gen secure and scalable communication software. OpenVPN Access Server keeps your company’s data safe with end-to-end encryption, secure remote access, and extension for your centralized UTM.
We don't have much time. What's your decision?
What are the best models for crowdsourcing security? There are entire businesses, such as bug bounty firms, that are dedicated to creating crowdsourced security environments. Our guest this week is passionate about investigative work. We asked him and Mike what elements they've found that inspire and simplify the community to participate in a crowdsourced security effort.