Cyber Security Headlines Department of Know: Promoting passphrases, questioning international security conferences, gift card hackers
Oct 27, 2025
Sasha Pereira, CISO at WASH and expert in phishing resilience, joins Bil Harmer, CISO at Craft Ventures with a focus on security automation. They discuss the urgent need to rethink security practices in light of generative AI and share insights into the importance of passphrases over traditional passwords. The conversation also highlights the dangers posed by the Jingle Thief group targeting cloud environments and examines the implications of AI advancements in cybersecurity, emphasizing that human oversight remains essential.
AI Snips
Chapters
Transcript
Episode notes
Plan For Cloud Outages And Security Tool Redundancy
- Treat cloud provider outages as a resiliency exercise and plan for DNS and retry storms.
- Maintain backups for critical security services like email filtering to avoid blind spots during outages.
Human Factors Drive Persistent Phishing Success
- Social engineering remains effective because many employees prioritize job tasks over security vigilance.
- Generational familiarity with online scams will slowly improve resilience but the problem persists now.
Move Toward Passphrases And Passwordless
- Use passphrases and layered protections rather than relying on simple password rules.
- Plan a roadmap to move toward passwordless methods like biometrics and passkeys while keeping MFA in place.