With Gerry in South Dakota presenting his proposal for his dissertation, guest-host Brandon Stephens steps up to the plate to discuss how Sun Tzu’s The Art of War is helpful in preparing for a cyber attack. He and Steve also discuss why Identity and Access Management is so important, as well as the challenges in […]
The post The Art of (cyber) War, Identity Management, and the Cambridge Analytica and Facebook Debacle appeared first on MUSC Podcasts.
We all think it, but now we know it. The guys discuss statistical evidence that supports employees are a weak link in healthcare cybersecurity defenses. Also attackers have discovered that they can unleash unprecedented Distributed Denial of Service (DDoS) attacks using open memcached servers. The guys cover both these topics and dive into how the […]
The post The Cybersecurity Culture War, Memcache, and Deputizing the Geek Squad appeared first on MUSC Podcasts.
Last year HHS executed their HIPAA Phase 2 audits across covered entities and business associates, but why have things been quiet at HHS? The guys provide insights regarding the findings and suggest ideas on why HHS’s focus may have changed. The guys look at the bigger picture of the effects breaches have had on public […]
The post What Happened with the HHS OCR Phase 2 Audits, Breaches Eroding Public Trust, and New Twists to Old Cons appeared first on MUSC Podcasts.
Steve and Gerry discuss healthcare employee termination when they violate privacy and ‘snoop’ on patients’ medical records, a topic Steve was interviewed for in a recent Post and Courier article. Also the guys interview and discuss a former senior leader in information security at Anthem, and his experience of being on the front lines of […]
The post Unauthorized Access of Patient Record Sanctions and Interview with Former Anthem Information Security Leader appeared first on MUSC Podcasts.
The guys discuss a diversity of topics this week! An intern at Apple abused access resulting in the release of sensitive intellectual property. Discussion around the Executive Branch report “The Cost of Malicious Cyber Activity to the U.S. Economy” and what the challenges are around improving information security at a national level. Finally, MFA sounds […]
The post Insider Threats at Apple, The Cost of Malicious Cyber Activity, and When MFA Goes Bad appeared first on MUSC Podcasts.
Steve and Gerry discuss the value and utility of the recently published SANS 2018 Cyber Threat Intelligence (CTI) report. Reflections on the debate around encryption from the Charleston School of Law Cybersecurity Summit are shared and government sites serving up more than information to visitors. Show Notes Resources: Information Sharing and Analysis Centers (ISACs): https://www.nationalisacs.org/ Charleston […]
The post Cyber Threat Intelligence, Cybersecurity Summit, and More Monero...
Would the creation of a National Cybersecurity Safety Board (NCSB), akin to the National Transportation Safety Board (NTSB), be a reasonable and effective mechanism to increase overall cybersecurity for all industries in the United States? Academics propose it, Gerry and Steve discuss it! Also, how smart data is giving away sensitive personnel locations and the […]
The post National Cybersecurity Safety Board, “Smart” Data, and Cyber Insurance appeared first on MUSC Podcasts.
Women in technology and cybersecurity is an important topic. We engage with two female cybersecurity professionals to provide first hand accounts of their experiences and thoughts on women in technology and discuss several initiatives that are supporting female opportunity to learn and have a successful career in the technology and cybersecurity space. Steve and Gerry […]
The post Women in Technology and Cyber Risk Reduction Low Hanging Fruit appeared first on MUSC Podcasts.
If it isn’t broke, don’t fix it! SamSam, an old standby ransomware-focused malware, returns for an encore performance. Steve and Gerry cover the (macro-level) Global Risk Report from World Economic Forum, shining a light on cyberattacks escalation to the “magic quadrant”, and a 15 year old hacktivist manages to social engineer his way into “pwning” […]
The post SamSam and Zyklon, Global Risk Report, and Social Engineering the CIA Director appeared first on MUSC Podcasts.
Do you believe in a money machine? Gerry and Steve discuss the current trends in cryptomining, which seems to makes money from electricity. They also give an overview of the EU’s new privacy regulations, the General Data Protection Regulation (GDPR) and they dig into the concept of technical debt, especially as it concerns medical devices. […]
The post Cryptomining, GDPR, and Medical Device Technical Debt appeared first on MUSC Podcasts.
Gerry and Steve talk about the recently released vulnerabilities Meltdown and Spectre. They covered what they are, how disclosure was handled as an industry and what you need to know as system admin or end-user. They briefly introduce Cryptomining and tease next weeks episode. Much like an audible dessert, they wrap it all up with […]
The post Meltdown and Spectre, Cryptomining Teaser appeared first on MUSC Podcasts.
Gerry and Steve talk about the recent revelation that the CTO of Bitcoin mining company NiceHash did jail time for running the Darkode cybercrime forum and the need to perform background checks to better understand risk. They also dive into a recent finding out of Princeton that identified websites using hidden form fields to grab […]
The post NiceHash CTO is Darkode Founder, Websites Stealing Browser Autofill Data, and New Years Cyber-Resolutions appeared first on MUSC Podcasts.
The guys look toward 2018, helping with your cyber New Year’s resolutions! They discuss cyber jobs and the demand for a cybersecurity workforce in the United States and how you can pivot into the industry or charge your career if you are already working in information security. They also drill into industry specific certifications and […]
The post Cyber Jobs in High Demand, Industry Certifications, and Security Conferences appeared first on MUSC Podcasts.
Steve gets a bank fraud alert on his credit card and he passes along some tips to protect yourself during the holiday shopping season. Gerry talks about some attackers who went shopping through a California voter database and wins big. They both share their experience with this year’s SANS Holiday Hack Challenge. Please excuse the […]
The post Holiday Fraud Protection, California Voter Data Breach, and the SANS Holiday Hack Challenge appeared first on MUSC Podcasts.
If you discover an internal data breach do you, a. Report it to the affected Individuals, or b. Fix it quickly and say nothing? One official at Stanford University chose poorly. The U.S. House Energy and Commerce Commission asked some great questions of Health and Human Services (HHS), including requiring medical device managers to report […]
The post Stanford Chief Digital Officer Resigns over Breach Coverup, House Energy and Commerce Commission Seeks to Improve Medical Device Security,...
Gerry and Steve give you an Apple security update on the recent Mac High Sierra bug, discuss a recent testimonial given to Congress about identity verification in a post-breach world, and some advice from the IRS to avoid tax fraud with the tax season coming up. The guys also present their One Cool Thing. Get […]
The post Apple’s root Problem, Congressional Testimony on Identity Verification, and National Tax Security Awareness Week appeared first on MUSC Podcasts.
Show Notes Introducing the InfoSec ICU Podcast, in which hosts Gerry Auger and Steven Cardinal discuss Information Security topics of interest to those working within the healthcare field. You’ll get the latest cyber news, tips and tricks for keeping yourself safe online, and a glimpse at the cool tech and scary threats coming down the […]
The post E00 – Introduction to InfoSec ICU appeared first on MUSC Podcasts.