Sign up to save your podcasts
Or
Share DtSR Episode 253 - Defending the Small-to-Medium Enterprise
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DtSR Episode 253 - Defending the Small-to-Medium Enterprise
On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.
- Blue Cross Blue Shield of Alabama sends out USB sticks
- Security elitists up in arms
- We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
- To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
- So what do we suggest?
- More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
- https://www.theregister.co.uk/2017/07/12/blue_cross_usb_card_mailers/
- MySpace has a major account password reset flaw, allowing account take-over
- Wait ... MySpace is still around?
- But seriously, to exploit this last ditch feature for those who've forgotten everything else all you need is the listed name, date of birth, and username
- How many of our sites have this problem, or worse?
- https://www.wired.com/story/myspace-security-account-takeover/
This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:
- SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
- How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
- SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
- Other challenges - including how to achieve scale
Guest:
- Shon Gerber
- Current
- CISO for multinational chemical company with approximately 10K employees
- Recent Past
- Security O
- Current
Have something to say? Let's hear it.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
View all episodes
By Rafal (Wh1t3Rabbit) Los
4.3
9696 ratings
On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.
- Blue Cross Blue Shield of Alabama sends out USB sticks
- Security elitists up in arms
- We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
- To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
- So what do we suggest?
- More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
- https://www.theregister.co.uk/2017/07/12/blue_cross_usb_card_mailers/
- MySpace has a major account password reset flaw, allowing account take-over
- Wait ... MySpace is still around?
- But seriously, to exploit this last ditch feature for those who've forgotten everything else all you need is the listed name, date of birth, and username
- How many of our sites have this problem, or worse?
- https://www.wired.com/story/myspace-security-account-takeover/
This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:
- SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
- How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
- SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
- Other challenges - including how to achieve scale
Guest:
- Shon Gerber
- Current
- CISO for multinational chemical company with approximately 10K employees
- Recent Past
- Security O
- Current
Have something to say? Let's hear it.
Support the show
>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast
More shows like Down the Security Rabbithole Podcast (DtSR)
View all
Hacked
181 Listeners
Security Now (Audio)
2,003 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
370 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
322 Listeners
Click Here
415 Listeners
Darknet Diaries
8,001 Listeners
Hacking Humans
313 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
169 Listeners