• Episode 3: Crowdstrike, North Korean Spies, and CISO Scapegoats

  • 2024/08/12
  • 再生時間: 1 時間 11 分
  • ポッドキャスト

Episode 3: Crowdstrike, North Korean Spies, and CISO Scapegoats

無料で聴く

ポッドキャストの詳細を見る

  • サマリー

  • Episode 3 of the Distilled Security Podcast is here!


    Join us this week as we jump into:


    • CrowdStrike Incident Analysis: A deep dive into a recent mishap by CrowdStrike that led to significant financial losses and operational disruptions, including 5.4 billion in estimated losses.
    • Vendor Accountability: Exploring the legal and financial repercussions of security vendor failures.
    • Business Continuity Planning: The importance of preparing for security vendor failures, including considering alternate vendors and the complexities of implementing such strategies.
    • Kernel-Level Security Risks: A discussion surrounding kernel-level operations in security software, focusing on the controversy between CrowdStrike and SentinelOne.
    • Manual Workarounds and Legacy Systems: The challenges of maintaining business operations during security incidents.
    • Ransomware Recovery vs. Vendor Failures: Comparing ransomware attacks' impact and recovery processes with security vendor-induced failures.
    • Password Management Vulnerabilities: The risks associated with dependency on password management systems like Thycotic/Delinea and LastPass, and the potential fallout if these systems experience downtime.
    • BSides Pittsburgh Recap: the biggest BSidesPGH event yet. Hear the notes and highlights from the conference.
    • North Korean Spy Hired By KnowBe4: Hear how a spy for N. Korea got by the defenses of KnowBe4, how they caught them, and steps they implemented to avoid this in the future.
    • CISOs as Scapegoats: Are CISOs being pegged as scapegoats unfairly?


    Links

    • Crowdstrike Incident - https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
    • SentinelOne Response to Crowdstrike - SentinalOne on Crowdstrike Outage - https://www.crn.com/news/security/2024/sentinelone-ceo-on-crowdstrike-outage-not-just-an-honest-mistake
    • BSidesPGH - https://www.bsidespgh.com/
    • TRISS - https://www.threeriversinfosec.com/
    • KnowBe4 // N. Korean Spy - https://blog.knowbe4.com/cyberheistnews-vol-14-31-how-the-whole-world-now-knows-about-fake-north-korean-it-workers
    • CISO as Scapegoats - https://www.thestack.technology/were-becoming-scapegoats-how-have-cisos-responded-to-sec-cyber-risk-disclosure-rules/


    Spirits

    • Rabbit Hole Cavehill // Four Grain Tripple Malt - https://www.rabbitholedistillery.com/pages/cavehill/


    Hosts

    • Justin Leapline - https://www.linkedin.com/in/justinleapline/
    • Joe Wynn - https://www.linkedin.com/in/wynnjoe/
    • Rick Yocum - https://www.linkedin.com/in/rickyocum/


    Connect with Us

    • Website: https://distilledsecuritypodcast.com
    • Twitter: @DisSecPod
    • Email: hello@distilledsecuritypodcast.com
    続きを読む 一部表示
activate_samplebutton_t1

あらすじ・解説

Episode 3 of the Distilled Security Podcast is here!


Join us this week as we jump into:


  • CrowdStrike Incident Analysis: A deep dive into a recent mishap by CrowdStrike that led to significant financial losses and operational disruptions, including 5.4 billion in estimated losses.
  • Vendor Accountability: Exploring the legal and financial repercussions of security vendor failures.
  • Business Continuity Planning: The importance of preparing for security vendor failures, including considering alternate vendors and the complexities of implementing such strategies.
  • Kernel-Level Security Risks: A discussion surrounding kernel-level operations in security software, focusing on the controversy between CrowdStrike and SentinelOne.
  • Manual Workarounds and Legacy Systems: The challenges of maintaining business operations during security incidents.
  • Ransomware Recovery vs. Vendor Failures: Comparing ransomware attacks' impact and recovery processes with security vendor-induced failures.
  • Password Management Vulnerabilities: The risks associated with dependency on password management systems like Thycotic/Delinea and LastPass, and the potential fallout if these systems experience downtime.
  • BSides Pittsburgh Recap: the biggest BSidesPGH event yet. Hear the notes and highlights from the conference.
  • North Korean Spy Hired By KnowBe4: Hear how a spy for N. Korea got by the defenses of KnowBe4, how they caught them, and steps they implemented to avoid this in the future.
  • CISOs as Scapegoats: Are CISOs being pegged as scapegoats unfairly?


Links

  • Crowdstrike Incident - https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
  • SentinelOne Response to Crowdstrike - SentinalOne on Crowdstrike Outage - https://www.crn.com/news/security/2024/sentinelone-ceo-on-crowdstrike-outage-not-just-an-honest-mistake
  • BSidesPGH - https://www.bsidespgh.com/
  • TRISS - https://www.threeriversinfosec.com/
  • KnowBe4 // N. Korean Spy - https://blog.knowbe4.com/cyberheistnews-vol-14-31-how-the-whole-world-now-knows-about-fake-north-korean-it-workers
  • CISO as Scapegoats - https://www.thestack.technology/were-becoming-scapegoats-how-have-cisos-responded-to-sec-cyber-risk-disclosure-rules/


Spirits

  • Rabbit Hole Cavehill // Four Grain Tripple Malt - https://www.rabbitholedistillery.com/pages/cavehill/


Hosts

  • Justin Leapline - https://www.linkedin.com/in/justinleapline/
  • Joe Wynn - https://www.linkedin.com/in/wynnjoe/
  • Rick Yocum - https://www.linkedin.com/in/rickyocum/


Connect with Us

  • Website: https://distilledsecuritypodcast.com
  • Twitter: @DisSecPod
  • Email: hello@distilledsecuritypodcast.com
経済学
続きを読む 一部表示

Episode 3: Crowdstrike, North Korean Spies, and CISO Scapegoatsに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。