Sign up to save your podcasts
Or
Share Move Over AI Discussions, Cybersecurity is Back in the Headlines
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Move Over AI Discussions, Cybersecurity is Back in the Headlines
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
View all episodes
By Dave Coriale, CAE
5
1515 ratings
In this episode of Reboot IT, host Dave Coriale, President of DelCor, is joined by Andrew Leggett, Director of Cybersecurity, and Chris Ecker, CTO, to explore the evolving cybersecurity landscape for associations and nonprofits. They discuss the shift toward phishing-resistant MFA, the impact of AI on cyberattacks, and the importance of layered security strategies. The conversation emphasizes how organizational culture, user training, and smart technology choices work together to protect sensitive data and systems.
Themes and Topics:
Phishing-Resistant MFA
- Traditional MFA tokens are vulnerable to interception during phishing attacks.
- Passkeys and QR codes offer encrypted, device-specific authentication.
- User experience improves with passwordless logins and fewer steps.
AI-Enabled Cyber Threats
- AI lowers the barrier to entry for attackers by automating phishing and scripting.
- Tools like Copilot can be used maliciously to locate sensitive data quickly.
- Organizations must train users to monitor prompt history and unusual activity.
Layered Security Strategy
- Effective cybersecurity requires training, monitoring, and prevention tools working together.
- Threat detection systems vary in effectiveness depending on configuration and attacker location.
- Layering includes phishing-resistant MFA, identity monitoring, and user education.
Cybersecurity Culture & Training
- A top-down approach is essential; executives must model secure behavior.
- Encouraging users to report suspicious activity without fear of blame is key.
- Training must be ongoing and integrated into organizational culture.
Copilot and Oversharing Risks
- Copilot indexes all tenant data and honors existing permissions, but overshared files are vulnerable.
- Organizations must audit and remediate permissions in SharePoint, OneDrive, and email.
- Misconfigured access can expose sensitive data like salary or ACH info.
Cyber Insurance & Compliance
- MFA is already a requirement for most cyber insurance policies.
- Phishing-resistant MFA may soon become a standard requirement.
- Organizations without it may face higher premiums or denial of coverage.
More shows like Reboot IT - Nonprofit and Association Technology Conversations for All
View all
You Are Not So Smart
1,700 Listeners
Pod Save America
87,550 Listeners
Pod Save the World
24,666 Listeners
Up First from NPR
56,437 Listeners
The Indicator from Planet Money
9,518 Listeners
Today, Explained
10,216 Listeners
Throughline
16,240 Listeners
The Journal.
5,980 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,634 Listeners
Consider This from NPR
6,407 Listeners
Hard Fork
5,505 Listeners
The Ezra Klein Show
16,002 Listeners
Some Of This Is Bad
35 Listeners
The Association Insights Podcast
14 Listeners
Good Hang with Amy Poehler
9,281 Listeners