Cyber Security Headlines Department of Know: President signs defense bill, time flies at NIST, Italian ferry malware
16 snips
Dec 23, 2025 This week features Jason Taule, CISO at Luminis Health, and Chris Ray, Field CTO at GigaOm. They dive into the implications of a DXS breach and explore the complexities of third-party SaaS risks in healthcare. The duo discusses an Italian ferry malware incident, revealing vulnerabilities from crew-installed software. They also analyze the recent defense bill regarding private cyber operations and the ripple effects of the NIST atomic clock event on network time protocols. Their key takeaway? Resilience is crucial; always expect the unexpected.
AI Snips
Chapters
Transcript
Episode notes
Prioritize Vigilance Over Holidays
- Remain vigilant during holidays because staffing drops increase attacker opportunities.
- Monitor logs and telemetry even when teams are lightly staffed.
Patching Isn't A Complete Defense
- Patching alone is insufficient because attackers move fast after initial access.
- Review telemetry actively to catch rapid post-exploit activity.
Third-Party Breaches Scale Healthcare Risk
- Breaches of third-party health vendors amplify risk across the healthcare ecosystem.
- Map critical dependencies and data sensitivity before trusting SaaS providers.