Sign up to save your podcasts
Or
Share DtSR Episode 253 - Defending the Small-to-Medium Enterprise
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DtSR Episode 253 - Defending the Small-to-Medium Enterprise
Send the hosts a message - try it now!
On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.
- Blue Cross Blue Shield of Alabama sends out USB sticks
- Security elitists up in arms
- We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
- To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
- So what do we suggest?
- More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
- https://www.theregister.co.uk/2017/07/12/blue_cross_usb_card_mailers/
- MySpace has a major account password reset flaw, allowing account take-over
- Wait ... MySpace is still around?
- But seriously, to exploit this last ditch feature for those who've forgotten everything else all you need is the listed name, date of birth, and username
- How many of our sites have this problem, or worse?
- https://www.wired.com/story/myspace-security-account-takeover/
This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:
- SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
- How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
- SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
- Other challenges - including how to achieve scale
Guest:
- Shon Gerber
- Current
- CISO for multinational chemical company with approximately 10K employees
- Recent Past
- Security Oper
- Current
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
View all episodes
By Rafal (Wh1t3Rabbit) Los
4.3
9696 ratings
Send the hosts a message - try it now!
On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.
- Blue Cross Blue Shield of Alabama sends out USB sticks
- Security elitists up in arms
- We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
- To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
- So what do we suggest?
- More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
- https://www.theregister.co.uk/2017/07/12/blue_cross_usb_card_mailers/
- MySpace has a major account password reset flaw, allowing account take-over
- Wait ... MySpace is still around?
- But seriously, to exploit this last ditch feature for those who've forgotten everything else all you need is the listed name, date of birth, and username
- How many of our sites have this problem, or worse?
- https://www.wired.com/story/myspace-security-account-takeover/
This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:
- SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
- How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
- SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
- Other challenges - including how to achieve scale
Guest:
- Shon Gerber
- Current
- CISO for multinational chemical company with approximately 10K employees
- Recent Past
- Security Oper
- Current
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
More shows like Down the Security Rabbithole Podcast (DtSR)
View all
Security Now (Audio)
1,965 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Hacked
178 Listeners
CyberWire Daily
1,014 Listeners
Smashing Security
314 Listeners
Click Here
388 Listeners
Darknet Diaries
7,845 Listeners
CISO Series Podcast
186 Listeners
Hacking Humans
312 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners
Hacker And The Fed
158 Listeners