DrZeroTrust

Should we be concerned that our leaders (and former leaders) are posting deepfakes onto social media? What can we learn from the Uber case and the final decision by the lawmakers? What did the general counsel do in that case, what about the CEO? How should we plan for a ransomware attack? Can we learn from the lessons that a CISO has been through and be better prepared (hint: yes). When is the best time to learn when to fight, before the event or during? And was I wrong about my thoughts on executive punishment for breaches, probably...

Are K-12 organizations and universities prepared for the onslaught of cyber threats? How long does it take me to find a vulnerable school district, it ain't long? An appeals court has upheld Merck's claim in the the NotPetya case. What does that mean for cyber insurance, and why does this make me so happy? Iran is moving quickly into the realm of influence operations, are they mirroring the Russian operations and how will this affect the upcoming election cycle? ChatGPT had a breach issue, how much of a threat or problem is this? Should we have expected anything less? Phishing is getting worse, statistically speaking, but how is this possible with all of the training we get? Is there a technical alternative that works? Those questions and more on this episode!

How hard is it to use "ai" to clone your own voice? I did it and you can hear the sample on this podcast. What should we learn about the recent Pentagon leaker? Was it a technical failure, insider threat, of failure of leadership? What does MIT say about privacy for ChatGPT and "ai" and are there violations taking place? Are MAC's a viable target for ransomware, seems like that is a reality now. Those questions, points, and a line up of some of my schedule at RSA if you happen to be around!

Can ChatGPT make me a less crappy programmer? That isn't hard to be honest, but there are implications to consider. Can you use AI (I really hate using that term but you can't beat the market I guess) to be an artist? Does that impact other talented people's future earning potential? How hard is it to use StableDiffusion to create bogus images? How bad was FTX's cybersecurity? Hint: It rhymes with pepto-bismol. What else should we know about cyber insurance and who do insurers actually "take care of?" What about the leaks from the DoD? How does this keep happening? Those points and more on this episode!

How many vulnerable systems out there are connected to the internet with a ten year old vulnerability, with RCE, and have no authentication? Surely the answer is 0? Operation Cookie Monster took down a dark marketplace, so what? Should there be a victory lap? KnowBe4 published some research on state and local security and BEC statistics, what should we learn from that document? Fake ransomware attacks are taking place, what the hell is that? Crowdstrike and others are publishing on threat groups, but the nomenclature is all over the place. How do we know what attackers are doing what if we can't align on the naming conventions? More insights on the Silicon Valley Bank fiasco (the executives did some "questionable" things). What does that mean for the cybersecurity market at large? Those questions and more on this episode.

Did the Pope wear a puffy jacket? So what? How might applied deepfakes be used to manipulate the collective narrative? What about our political system? Cofense published their annual report on the state of email security. What can we learn from that? Cymulate also published their analysis of more than 1 million security assessments. What's in there for us to learn? Lloyds CEO said they might take a hit on their cyber insurance offering due to their policies around the "war clause. Ok, what's the big deal? Ivanti published a report on government cyber security status. Surely all is well if the government is involved (and this is a global analysis, not just the US y'all.) Those points and more on this episode!

Not Blockchain...Or, kinda...But not really?  Anyway listen to smarter folks than me (lots of those) talk about how we can innovate around the use of distributed ledgers as part of a security strategy.  And how is this approach being accepted internationally, especially in Australia?  Cool new methods of enabling security with the folks from Tide (not the soap, the security guys).  Some solid conversation on this one y'all!

Did I spread misinformation about the SVB fiasco? Uh oh.  Did Ring get hit with ransomware, and are they secure?  What weird ports do Ring cameras use?  Rubrik has some issues going on, but did they handle it well?  Is it smart to market your organization or brand as Zero Trust?  Oh crap I am in trouble.  SpaceX may have been hit via a third party, ouch.  Why does third party risk continue to lead to compromise?  A recent report states that you can make up to 250k as a developer for the dark web.  Might be time for a career change.  Those points and more on this episode!

30% of dark web operators are women, according to TrendMicro.  That means more women are operating in the criminal side of cyber than on the defender side, wow.  The TSA is pushing new requirements for airports and airlines, but how secure are they and the FAA?  Layoffs are showing up in cyber, even though companies are doubling or even tripling their profits in the only market that has negative unemployment.  Why?  What does that tell us about those companies and their strategic execution?  Some tips on what to do if you are a business user of Lastpass.  And more on this episode!

US SOCOM had emails exposed to the internet for weeks thanks to a cloud misconfiguration.  Surely it's not still messed up?  Is the US Treasury as secure as it should be in regards to cyber?  What about using ChatGPT to send emails to students when a mass casualty event occurs?  Good or bad idea?  Does the Supreme Court understand the technology they are enforcing and drafting laws about?  What about section 230 and the big tech providers?  50% of CISO's say they are burnt out and it's only February, how can we help one another?  Those questions, my dog goes bonkers, and more on this episode!