Sign up to save your podcasts
Or
Share Move Over AI Discussions, Cybersecurity is Back in the Headlines
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Move Over AI Discussions, Cybersecurity is Back in the Headlines
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
View all episodes
By Dave Coriale, CAE
5
1515 ratings
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
More shows like Reboot IT - Nonprofit and Association Technology Conversations for All
View all
Planet Money
30,692 Listeners
Pod Save America
87,758 Listeners
The Daily
112,904 Listeners
Pod Save the World
24,664 Listeners
Lovett or Leave It
25,125 Listeners
Up First from NPR
56,561 Listeners
The Indicator from Planet Money
9,533 Listeners
Today, Explained
10,296 Listeners
Life Kit
4,488 Listeners
The Journal.
6,067 Listeners
The Bald and the Beautiful with Trixie and Katya
11,319 Listeners
The Ezra Klein Show
16,088 Listeners
Offline with Jon Favreau
2,307 Listeners
Some Of This Is Bad
39 Listeners
Associations Thrive
36 Listeners