Defensive Security Podcast Episode 273

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec - A podcast by Jerry Bell and Andrew Kalat

Categories:

The Joe Sullivan Verdict – Unfair? – Which Part? (cybertheory.io) Fujitsu Details Non-Ransomware Cyberattack (webpronews.com) 5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy (thehackernews.com) Sizable Chunk of SEC Charges Vs. SolarWinds Dismissed (darkreading.com) CrowdStrike CEO apologizes for crashing IT systems around the world, details fix | CSO Online Summary: Cybersecurity Updates: Uber’s Legal Trouble, SolarWinds SEC Outcome, and CrowdStrike Outage In Episode 273 of the Defensive Security Podcast, Jerry Bell and Andrew Kalat discuss recent quiet weeks in cybersecurity and correct the record on Uber’s CISO conviction. They delve into essential questions CISOs should consider about their cybersecurity strategies, including budget justification and risk reporting. The episode highlights the significant impact of CrowdStrike’s recent updates causing massive system crashes and explores the court’s decision to dismiss several SEC charges against SolarWinds. The hosts provide insights into navigating cybersecurity complexities and emphasize the importance of effective communication and collaboration within organizations. 00:00 Introduction and Banter 01:52 Correction on Uber’s CISO Conviction 04:07 Recommendations for CISOs 09:28 Fujitsu’s Non-Ransomware Cyber Attack 12:13 Key Questions for CISOs 32:47 Corporate Puffery and SEC Charges 33:15 Internal vs External Communications 33:52 SolarWinds Security Assessment 36:36 CrowdStrike CEO Apologizes 37:16 Global IT Systems Crash 37:57 CrowdStrike’s Kernel-Level Issues 40:55 Industry Reactions and Lessons 42:58 Balancing Security and Risk 49:26 CrowdStrike’s Future and Market Impact 01:03:46 Conclusion and Final Thoughts   Transcript: defensive_security_podcast_episode_273 === jerry: [00:00:00] All right, here we go. Today is Sunday, July 21st, 2024, and this is episode 273 of the Defensive Security Podcast. My name is Jerry Bell, and joining me tonight as always is Mr. Andrew Kalat. Andy: Good evening, Jerry. I’m not sure why we’re bothering to do a show. Nothing’s happened in the past couple of weeks. Andy: It’s been really quiet. jerry: Last week was very quiet. Andy: Yeah, sometimes You just need a couple quiet weeks. jerry: Yeah. Yeah, nothing going on so before we get into the stories a reminder that the thoughts and opinions We express on this podcast do not represent andrew’s employers Andy: Or your potential future employers jerry: or my potential future employers Andy: as you’re currently quote enjoying more time with family end quote jerry: Yes, which by the way Is highly recommended if you can do it. Andy: You’re big thumbs up of being an unemployed bum. jerry: It’s been amazing. Absolutely [00:01:00] amazing. I I forgot what living was like. jerry: I’ll say it that way. Andy: Having watched your career from next door ish, not a far, but not too close. I think you earned it. I think you absolutely earned some downtime. My friend, you’ve worked your ass off. jerry: Thank you. Thank you. It’s been fun. Andy: And I’ve seen your many floral picks. I don’t,