Cybersecurity Headlines Department of Know: Brightspeed investigates breach, Prompt injection woes
7 snips
Jan 12, 2026 Join Johna Till Johnson, CEO of Nemertes, a leading research firm, and Jason Shockey, CISO at Cenlar FSB, as they dive into critical cybersecurity concerns. They discuss the implications of the Brightspeed breach, emphasizing the importance of containment and communication. They also tackle the urgency of MFA enforcement for Microsoft 365 admins, and the rising risks associated with phishing tactics and AI vulnerabilities. Their insights into incident response strategies and securing agent communication are must-hears for cybersecurity leaders.
AI Snips
Chapters
Transcript
Episode notes
Treat Widely Used Libraries As Binary Risks
- Widely used components like MongoDB require immediate attention when proof-of-concept exploit code appears.
- The criticality is binary: if you use it, patch urgently; if not, monitor broadly.
Microsoft Finally Requires Admin MFA
- Microsoft is enabling admin MFA starting February to avoid mass lockouts.
- Johna notes Microsoft should have enforced this years ago but the change is welcome and necessary.
Harden Email Authentication Now
- Set DMARC, SPF, and DKIM to reject to reduce credential-phishing success.
- Monitor phishing lures claiming voicemails, shared docs, HR notices, and password resets closely.