#1 - Secure Controls Framework, Introduction

Title: Cybersecurity Growth #1 — Secure Controls Framework (Part 1)OpeningWhen You Arrived (by Spartan Valley) theme song  - introductions & pleasantries (5 minutes) Welcome to Cybersecurity Growth. A show for aspiring and existing cybersecurity leaders. I’m your host Shawn Valle, Exec Director and CISO of Cybersecurity Growth Former Chief Security Officer of Rapid7 and former CISO of Tricentis Musician here on Twitch and elsewhere, MusicBySV (more on that later)Top News Storieshttps://www.csoonline.com/article/3685368/study-shows-attackers-can-use-chatgpt-to-significantly-enhance-phishing-and-bec-scams.html Lucian Constantin at CSO Online from Jan 11.Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scamsResearchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.https://www.csoonline.com/article/3684771/twitters-mushrooming-data-breach-crisis-could-prove-costly.html Cynthia Brumfield at CSO Online from Jan 6Twitter's mushrooming data breach crisis could prove costlyAn apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.the picture surrounding Twitter's data breach is murky. This latest headache for the company began in July when an actor known as "devil" put up for sale on a breached data forum a database of phone numbers and email addresses belonging to 5.4 million Twitter accounts. Devil demanded payment of $30,000 for the data and claimed to have swiped it via a vulnerability disclosed to Twitter on January 1, 2022. Twitter fixed the flaw on January 13, 2022.vulnerability affected Android users and allowed anyone without authentication to obtain a Twitter ID for any user by submitting a phone number or email handle, even if the user prohibited this action in the privacy setting. About a month after devil's posting, Twitter confirmed that a bad actor had taken advantage of the vulnerability and said it would send out notices to account owners affected by the breach.The data containing the 5.4 million users' data was released for free on November 27, 2022. However, another database allegedly containing details on 17 million users was also circulating privately in November.in late December, Alon Gal, the co-founder and CTO of Israeli cybercrime intelligence company Hudson Rock spotted on a criminal data breach forum a posting by a user called "Ryushi" offering to sell the emails and phone numbers of 400 million Twitter users.Troy Hunt, who runs the data breach reporting site HaveIBeenPwned, says he found 211.5 million unique email addresses in the leaked database.User...