Advancing Cyber Blue Screens and Liability, Cyber and AI Regulation, and Disinformation Fails at the Olympics
Aug 16, 2024
Join Jason Kikta, CISO at Automox, Jen Ellis of NextJen Security, and attorney Jessica Herrera-Flanigan as they dissect the fallout from the CrowdStrike incident and its implications for software liability. They discuss the urgent need for AI regulations to catch up with rapid technological advancements. Delve into the complexities of accountability in cybersecurity and the interplay between major political events and data breaches. Plus, uncover the dangers of disinformation, highlighting the recent Olympic misinformation and the pressing call for improved critical thinking.
AI Snips
Chapters
Transcript
Episode notes
Risks of Kernel-Level EDR Updates
- CrowdStrike's EDR update caused kernel crashes due to a buffer overflow from unexpected inputs.
- Kernel-level drivers crash the entire OS, causing widespread blue screen boot loops in affected systems.
Tech Pressure Fuels Security Errors
- Technology companies operate under intense pressure to deliver quick security updates.
- Understaffing and chaos in tech increase the risk of errors like CrowdStrike's patch failure.
Enforce Stringent Software Processes
- Software with potential large impact requires stringent development and release processes.
- Policymakers must address outages caused by software flaws, not just malicious cyberattacks.