In this engaging conversation, George Finney, CISO at The University of Texas System and author focused on cybersecurity habits, tackles pressing issues in the field. He discusses the need for a zero trust approach, particularly in the wake of malware evasion tactics. The episode sheds light on vulnerabilities in Chinese-made power inverters that threaten national security. Furthermore, Finney emphasizes the integration of cybersecurity in HR practices and the importance of enhancing cybersecurity training to combat insider threats and other evolving risks.
24:49
forum Ask episode
web_stories AI Snips
view_agenda Chapters
menu_book Books
auto_awesome Transcript
info_circle Episode notes
insights INSIGHT
Windows Defender Loophole Exploited
Microsoft Defender can be disabled by registering a fake antivirus using an undocumented Windows Security Center API.
This loophole highlights Windows disabling Defender automatically to avoid conflicts, which attackers may exploit.
insights INSIGHT
Chinese Power Inverters Security Risk
Chinese-made power inverters in US solar farms include hidden kill switches and cellular radios not in documentation.
This poses a national security risk allowing remote disabling of critical infrastructure during conflict.
volunteer_activism ADVICE
Cybersecurity Training for HR
Train HR teams specifically to understand cybersecurity threats, including vetting resumes and interviews.
Incorporate cybersecurity awareness early in hiring to prevent risks from fake accounts and deepfakes.
Get the Snipd Podcast app to discover more snips from this episode
In 'Rise of the Machines', Thomas Rid provides a thought-provoking portrait of our technology-enraptured era by delving into the history of cybernetics. The book explores how cybernetics transformed the post-war world, influencing both utopian visions and military strategies. It also examines the intersection of technology and society, highlighting the tension between digital privacy and security.
Project Zero Trust
Project Zero Trust
George Finney
In 'Project Zero Trust', George Finney offers a comprehensive guide to implementing Zero Trust security architecture. The book explores the fundamental principles of Zero Trust, emphasizing the importance of verifying every user and device before granting access. It provides practical steps for building a resilient security framework that minimizes the impact of breaches. Finney details how to segment networks, enforce least privilege access, and continuously monitor for threats. This book is essential for organizations looking to enhance their security posture and adopt a more proactive approach to cybersecurity.
Well Aware
Well Aware
George Finney
In 'Well Aware', George Finney promotes the idea of cybersecurity as a habit, integrating security practices into everyday routines. The book emphasizes the importance of human awareness and training to mitigate risks. It provides actionable strategies for creating a security-conscious culture within organizations. Finney details how to empower employees to recognize and respond to potential threats. This book is a valuable resource for enhancing overall security by focusing on the human element.
Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor’s AI doesn’t need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don’t maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com
All links and the video of this episode can be found on CISO Series.com
Cyber Security Headlines 