Should executives ever be exempt from security standards and practices, the answer rhymes with bell no. MGM got his with ransomware via a third party and some social engineering, but they spend hundreds of millions on security. So what should we learn from that? CISA wants to offer free scans for utilities, is that a good or bad thing? Congress wants to legislate around deepfakes for elections, how will that work? And a major university was found to be fudging their self certification for compliance, whoops! Those and more on this one!
