Sign up to save your podcasts
Or
Share Hoot - Episode 24 - How Daniel Card uses Humio at CV19 to protect healthcare systems
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Hoot - Episode 24 - How Daniel Card uses Humio at CV19 to protect healthcare systems
Daniel Card, founder of Xservus and Pwndefend.com joins John to talk about how he uses Humio in Cyber Volunteers 19 (CV19), an all-volunteer task force he co-founded to protect the cybersecurity of data used by healthcare workers in the face of the COVID-19 outbreak. CV19 is sharing vulnerability information with intelligence agencies who in turn share it with compromised health organizations so they can take steps to protect themselves
Follow the LinkedIn group to find out how you can help support the mission of CV19: Cyber Volunteers 19.
In the podcast, before we start talking about the cloak-and-dagger work, Daniel starts by telling about how he got his start in tech as a consultant. From there he worked his way up to managing IT infrastructure and automation, and eventually was responsible for 25,000 machines before leaving and starting his own security consulting company, Xservus.
As we turn toward a security focus, he warns of the rampant vulnerabilities he sees existing in internet-facing security from mismanagement of technology. He provides a straightforward means of addressing those gaps in security, pointing out that each use case is different and must be addressed stepwise to systematically identify assets, threats to those assets, and ways to add protection. He notes that most common compromises in a system come from simple credentials leak or an unsecured gateway.
“So hang on a minute. You run a business that makes that much money and you left the door open?!”
Daniel next talks about the start of the CV19 volunteer program and the real dangers he saw where cyber vulnerability intersected with health care.
“I was like, ‘this could really kill people!’ This could be a cyber incident that has massive amounts of lives against it. Can you imagine ransomwaring 25 hospitals in the UK at once while they’re stretched from every other angle?”
He explains how the CV19 team is using Humio to create a top-level view of countrywide data sets. From there, they can measure levels of protection and quantify their success. Also it provides a means of focusing on specific logs.
“We took Humio and made it into a decision-making tool. That means we can look and slice and dice to the point at which we have something that gives us a broad view that we can zoom into.”
Daniel explains CV19’s work as a passive monitoring operation that passes data along rather than engaging with threats actively. Along the way, he attempts to clear up some misconceptions of cybersecurity. For users looking to protect themselves, he points to a handful of ways users can harden their systems and prevent the most opportunistic types of attacks.
“There are 20 massive key things you can look at and harden pretty easily. Even then, you’re not completely covered; this is about getting rid of massive ramps to start an attack vector.”
Hear all of Daniel’s non-redacted tips for upgrading cybersecurity and learn how Humio transformed empowered CV19’s response by listening to the full podcast.
View all episodes
By Humio.com
5
11 ratings
Daniel Card, founder of Xservus and Pwndefend.com joins John to talk about how he uses Humio in Cyber Volunteers 19 (CV19), an all-volunteer task force he co-founded to protect the cybersecurity of data used by healthcare workers in the face of the COVID-19 outbreak. CV19 is sharing vulnerability information with intelligence agencies who in turn share it with compromised health organizations so they can take steps to protect themselves
Follow the LinkedIn group to find out how you can help support the mission of CV19: Cyber Volunteers 19.
In the podcast, before we start talking about the cloak-and-dagger work, Daniel starts by telling about how he got his start in tech as a consultant. From there he worked his way up to managing IT infrastructure and automation, and eventually was responsible for 25,000 machines before leaving and starting his own security consulting company, Xservus.
As we turn toward a security focus, he warns of the rampant vulnerabilities he sees existing in internet-facing security from mismanagement of technology. He provides a straightforward means of addressing those gaps in security, pointing out that each use case is different and must be addressed stepwise to systematically identify assets, threats to those assets, and ways to add protection. He notes that most common compromises in a system come from simple credentials leak or an unsecured gateway.
“So hang on a minute. You run a business that makes that much money and you left the door open?!”
Daniel next talks about the start of the CV19 volunteer program and the real dangers he saw where cyber vulnerability intersected with health care.
“I was like, ‘this could really kill people!’ This could be a cyber incident that has massive amounts of lives against it. Can you imagine ransomwaring 25 hospitals in the UK at once while they’re stretched from every other angle?”
He explains how the CV19 team is using Humio to create a top-level view of countrywide data sets. From there, they can measure levels of protection and quantify their success. Also it provides a means of focusing on specific logs.
“We took Humio and made it into a decision-making tool. That means we can look and slice and dice to the point at which we have something that gives us a broad view that we can zoom into.”
Daniel explains CV19’s work as a passive monitoring operation that passes data along rather than engaging with threats actively. Along the way, he attempts to clear up some misconceptions of cybersecurity. For users looking to protect themselves, he points to a handful of ways users can harden their systems and prevent the most opportunistic types of attacks.
“There are 20 massive key things you can look at and harden pretty easily. Even then, you’re not completely covered; this is about getting rid of massive ramps to start an attack vector.”
Hear all of Daniel’s non-redacted tips for upgrading cybersecurity and learn how Humio transformed empowered CV19’s response by listening to the full podcast.