Sign up to save your podcasts
Or
Share Move Over AI Discussions, Cybersecurity is Back in the Headlines
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Move Over AI Discussions, Cybersecurity is Back in the Headlines
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
View all episodes
By Dave Coriale, CAE
5
1515 ratings
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
More shows like Reboot IT - Nonprofit and Association Technology Conversations for All
View all
Build a Better Agency Podcast
286 Listeners
Pod Save America
87,394 Listeners
The Daily
112,484 Listeners
Associations Thrive
37 Listeners