Digital Podcast

Insider Threat Risk Mitigation, Cyber Insurance-backed Certification, Fisticuffs Vulnerability Disclosure


Join Now to Share


InfoSec ICU show

Summary: Steve and Gerry discuss an insider threat issue that resulted in $700K worth of damage to a company in retaliation for termination. The obvious involuntary terminations activities were performed, but what issues led to a compromise? They spend time covering the advancement on cyber insurance driving security technology adoption. The finish the topics with a case study in vulnerability disclosure being done wrong.<br> As always they end with One Cool Thing.<br> <a href="https://podcast.musc.edu/podcast/infosec/e69-infosecicu/" target="_blank" rel="noopener noreferrer">Show Notes</a><br> <br> Resources:<br> <br> Insider threats and departing employees.<br> <a href="https://nakedsecurity.sophos.com/2019/03/22/sacked-it-guy-annihilates-23-of-his-ex-employers-aws-servers/" target="_blank" rel="noopener noreferrer">https://nakedsecurity.sophos.com/2019/03/22/sacked-it-guy-annihilates-23-of-his-ex-employers-aws-servers/</a><br> Cyber risk ratings from insurance companies. Do we need yet another measure?<br> <a href="https://www.scmagazine.com/home/security-news/cybercrime/a-collaborative-effort-by-some-of-the-worlds-largest-insurers-has-set-out-to-create-a-consumer-ratings-service-for-the-cybersecurity-industry" target="_blank" rel="noopener noreferrer">https://www.scmagazine.com/home/security-news/cybercrime/a-collaborative-effort-by-some-of-the-worlds-largest-insurers-has-set-out-to-create-a-consumer-ratings-service-for-the-cybersecurity-industry</a><br> Bug reporting gets nasty<br> <a href="https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/" target="_blank" rel="noopener noreferrer">https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/</a><br>  <br> One Cool Thing<br> Is there a doctor in the house?<br> Auto-pilot tricks to kill your friends.<br> https://arstechnica.com/information-technology/2019/04/researchers-trick-tesla-autopilot-into-steering-into-oncoming-traffic/<br> <br> <br> Contact<br> Email <a href="mailto:infosecicu@musc.edu">infosecicu@musc.edu</a><br> Twitter:<br> <br> * <a href="https://twitter.com/Gerald_Auger" target="_blank" rel="noopener noreferrer">Gerry Auger (@Gerald_Auger)</a><br> * <a href="https://twitter.com/sgcardinal" target="_blank" rel="noopener noreferrer">Steven Cardinal (@sgcardinal)</a><br> <br>