CyberWire Daily

In this conversation, Chris Porter, the Chief Information Security Officer at Fannie Mae, shares insights on cultivating a strong cybersecurity culture and talent pipeline. He discusses the evolving landscape of cyber threats, particularly the impact of foreign espionage on democratic processes. Chris also highlights the importance of education in cybersecurity, addressing the skills gap and the need for innovative training initiatives. With a personal twist, he recounts his unique journey from pre-med to cybersecurity, underlining the diverse career paths in the field.

Grant Geyer, Chief Strategy Officer at Claroty, shares his expertise on defending critical food infrastructure from increasing cyber threats. He discusses the alarming rise of ransomware and bioterrorism targeting the food supply chain. The urgency for stronger cybersecurity measures is emphasized, especially after an FBI symposium on agriculture threats. Geyer also highlights the importance of legislative efforts and collaboration across organizations to enhance overall resilience against these digital attacks.

Justin Daniels, a lawyer at Baker Donelson specializing in corporate M&A and blockchain, shares his insights on the dynamic intersection of cyber law and compliance. He discusses how cybersecurity impacts business resilience, particularly highlighted by recent challenges in the airline industry. The conversation delves into navigating liability in critical infrastructure, stressing the importance of both private and governmental accountability. Daniels offers valuable strategies for tech leaders aiming to turn compliance challenges into competitive advantages.

Pete Newell, Founder and CEO of BMNT, dives into the challenges of tech adoption in the Department of Defense. He argues that innovation is more about addressing human factors than technology itself. Newell highlights the need for cultural shifts and better education to facilitate this change. The conversation also touches on the evolution of military education systems, contrasting U.S. and U.K. approaches. Additionally, he emphasizes maintaining a proactive attitude in technology adoption to avoid stagnation and enhance defense operations.

Join Stephen Hamilton, Army Cyber Institute's Technical Director and Chief of Staff Colonel, on a fascinating journey from a second-grade computer enthusiast to a military cyber leader. He discusses his West Point experience, where he chose signals over computing due to his love for ham radio. Stephen shares insights on his transition from programming to teaching, emphasizing the importance of understanding coding nuances. He reflects on the challenges of military tech roles, burnout, and staying mission-focused.

Mick Baccio, a Global Security Advisor for Splunk SURGe, shares valuable insights on the security vulnerabilities of Large Language Models (LLMs). He discusses the surprising complexity behind these AI systems and the critical need for robust cybersecurity measures. Key topics include the OWASP Top 10 vulnerabilities, focusing on issues like prompt injection and data poisoning. Baccio emphasizes the importance of input sanitization and offers practical strategies to enhance LLM security while highlighting engaging resources for cybersecurity awareness.

A massive data breach at UnitedHealth affects over 100 million patients, raising serious privacy concerns. Amazon clashes with APT29 over cybersecurity issues. Vulnerabilities in the AWS Cloud Development Kit could lead to account takeovers. The podcast features insights from Itzik Alvas on the risks of non-human identities, crucial for enhancing organizational security. Finally, Muni Metro is ditching floppy disks for safety improvements. Buckle up for a deep dive into modern cybersecurity challenges!

Eric Herzog, CMO of Infinidat, shares insights on the intersection of cybersecurity and storage resilience. He discusses the urgent need for businesses to adapt their data protection strategies in light of escalating cyber threats. Herzog highlights how traditional backup methods fall short and advocates for a collaborative approach to disaster preparedness. The conversation delves into the complexities of modern cybercriminal tactics and emphasizes innovative strategies to bolster defense mechanisms against both cyber attacks and natural disasters.

Jérôme Segura, Sr. Director of Research at Malwarebytes, shares insights on the alarming rise of NotLockBit, a new macOS malware mimicking LockBit tactics. He discusses how scammers are exploiting platforms like GitHub to advertise fake AppleCare+ services, highlighting vulnerabilities associated with mobile apps. The conversation sheds light on the accountability of tech firms in the face of increased privacy violations and examines the federal government’s push for better information sharing in cybersecurity. It's a must-listen for anyone concerned about modern digital threats!

Nathaniel Quist, Manager of Cloud Threat Intelligence at Cortex & Unit 42, dives into the evolving landscape of cyber threats. He explores the recent rise in cloud extortion operations and ransomware attacks, shedding light on the significant challenges businesses face in securing their public cloud environments. The discussion also touches on critical vulnerabilities affecting devices and platforms, as well as the implications of increasing cyber threats that can disrupt operations across industries.