Unmasked

Unlock the secrets to navigating the ever-evolving world of cybersecurity and commercial insurance with expert insights from Alan Delahunty of McGriff Insurance. Discover how the complexity of cyber threats is reshaping insurance policies and learn why multi-factor authentication and other security measures are now industry standards. We promise you'll walk away with a deeper understanding of data breaches, identity theft, and the critical need for continuous risk assessment in today's digital landscape.
Peek behind the curtain of cyber insurance policies and uncover the customizable solutions tailored to your industry's specific vulnerabilities. Alan breaks down the nuanced differences between cyber insurance and more straightforward policies like workers' compensation, shedding light on the importance of proactive cyber hygiene and the storytelling required to secure favorable terms from insurance companies. Learn the initial steps businesses should take to ensure they are adequately covered, and why understanding your unique challenges and future outlooks is crucial.
Finally, explore the practical steps involved in implementing robust cybersecurity policies within your organization. From the evolution of multi-factor authentication to the financial considerations of proactive measures versus the staggering costs of ransomware attacks, we cover it all. Alan shares his expertise on balancing costs and security needs, emphasizing the necessity of ongoing education and vigilance against ever-changing cyber threats like QR code manipulation and sophisticated phishing scams. Don't miss this essential guide to staying ahead in the relentless battle against cybercrime.

Curious about how a 23-year Air Force veteran transitions into a leading role in network security? Join us as we chat with Dave Mizell, the Managing Director of Defensive Cybersecurity at Assura, Inc. Cybersecurity. Dave opens up about his initial experiences in a Security Operations Center (SOC) and the rapid learning curve he faced. You'll hear firsthand about the day-to-day operations and challenges his lean, yet highly effective team encounters while ensuring 24/7 security coverage. Plus, get the inside scoop on how advancements in Security Incident and Event Monitoring (SIEM) systems have transformed threat detection and analysis.
Ever wondered how sophisticated phishing attacks have become and the best strategies to combat them? Dave breaks it down, revealing how AI tools like ChatGPT are making fraudulent emails harder to spot and why multi-factor authentication is more crucial than ever. We also discuss the role of human awareness and training in cybersecurity, while acknowledging the limitations posed by human error. Dave offers practical advice on what to do if your organization gets hacked, stressing the importance of network segmentation, protecting critical assets both on-premises and in the cloud, and the immediate steps to take post-breach.
For those looking to enter the cybersecurity field or enhance their skills, this episode is packed with invaluable insights. Dave shares effective training models, emphasizing hands-on exercises like tabletop and disaster recovery training for real-world readiness. He also offers career advice, highlighting the significance of curiosity and investigative skills over mere experience. To wrap things up, we take a nostalgic trip back to the early days of computer gaming, discussing how those experiences can ignite a passion for technology and cybersecurity. Plus, we pay tribute to the amazing skill of Navy pilots and the challenges they face, rounding off with a heartfelt thank you to Dave for his incredible insights and time.

Unlock the secrets to revolutionizing your cybersecurity strategy with insights from Bill McInnis of Nucleus Security. Journey through Bill’s extensive career, spanning over two decades and multiple sectors including email security and threat intelligence, and learn how he spearheaded groundbreaking changes since joining Nucleus in 2021. Discover the innovative model Nucleus employs to shift vulnerability management focus from triage to fixing issues, and get acquainted with Bill’s triangle model—"What do you got? What do you know? How do you touch it?"—which emphasizes a deep understanding of one's environment for effective mitigation.
Navigate through the complexities of cybersecurity challenges and solutions with us as we dissect the 1-4-95 rule that categorizes teams based on their cybersecurity readiness. Bill shares his invaluable advice on fostering a functionally inquisitive mindset that can drastically improve how vulnerabilities are identified and addressed. Hear firsthand how Nucleus integrates various data sets and automates processes to save time and make up for the lack of manpower, and gain insights into addressing the unique vulnerabilities faced by educational institutions.
Finally, explore the strategic growth of Nucleus Security, a company that emerged from the Department of Defense intelligence community. Bill delves into how Nucleus helps organizations manage vulnerabilities efficiently during critical events like the Log4J vulnerability and underscores the significance of building strong customer relationships. From fostering practical solutions to creating efficiencies, this episode provides a comprehensive look at how Nucleus is setting industry standards with its Fed-ramped, multi-tenant solution, and how it continues to evolve while maintaining a focus on competency and customer engagement.

In the latest Unmasked episode, we're taking a deep dive into August headlines, unpacking all the threats and vulnerabilities that lurk in our digital realm. We're covering some major ground, from the Burger King data breach to unsettling cyber attacks on hospital EMR systems.

Join us as we also get into the nitty-gritty of credential-stuffing attacks, exploring the quirky world of threat group naming, and delving into the intriguing realm of side channel attacks – it's like something out of a spy movie!

Cybersecurity is like a never-ending puzzle, always evolving. So, keep your eyes peeled, stay informed, and remember that things are rarely straightforward in the world of cybersecurity!

You can subscribe to Unmasked wherever you get your podcasts.

Show notes

Headlines for beginning of August

• Emergency Rooms in 5 states shut down due to cyber attack
  • WhatA- cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted
  • The “data security incident” began Thursday at facilities operated by Prospect Medical Holdings, which is based in California
    • Then spread to Texas, Connecticut, Rhode Island and Pennsylvania.
  • Ransomware Attack Disrupts Health Care in at Least Three States - The New York Times (nytimes.com)
• Burger King's Data Breach Exposes Sensitive Credentials
  • Experienced a serious data breach that made private login information public
  • Security Affairs was first to note the vulnerability
  • Exposed credentials could be exploited be malicious actors to access additional systems, perpetrate identity theft or launch targeted attacks on induvial and organizations to the breached data
  • Burger King has reportedly taken immediate steps to rectify the situation
    Additional: Burger King Serves Up Sensitive Data, No Mayo (darkreading.com)
• Retail chain Hot Topic discloses wave of credential-stuffing attacks (bleepingcomputer.com)
  • Sub topic: What is "Credential Stuffing"?
• Microsoft shifts to a new threat actor naming taxonomy | Microsoft Security Blog
  • New naming conventions
  • Weather related names (Blizzard, Sleet, Typhoon)
  • Does this help or hurt?
  • Need we ask, does this "water down the threats?" "Downpour of confusion?"
  • Table with APT names: How Microsoft names threat actors | Microsoft Learn
• Acoustic attack

New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy (thehackernews.com)

• This is one of those things people love to make sound magic.
• Sensitive compartmented information facility - Wikipedia

Welcome to the latest episode of Unmasked. In this episode, we dive into the end of July headlines, covering a class action lawsuit against John Hopkins following a major data breach, emphasizing the need for better data handling and security practices. We also explore the complexities of IoT device regulation, questioning the absence of tech giants like Apple and Microsoft in this area. The episode educates listeners on online scams and provides essential tips to avoid falling victim to phishing tactics. Additionally, it stresses the importance of timely software updates and informed decision-making to enhance cybersecurity in the digital realm. All this and the building anticipation of the upcoming DEFCON.
Episode 3 show notes:
Headlines for the end of July

• John Hopkins- Hit with Class Action Lawsuit connected to data breach
  • Filed by the patient named Pamela Hunter, alleges that Hopkins "failed to properly secure and safeguard" patients' personal and medical information.
  • If based on original MoveIT breach- not their fault/ hard to prove
  • If plaintiff can prove negligence, then potential cancelation of cybersecurity insurance policy etc.
• Biden Administration is tackling smart devices with a new label
  • US Cyber Trust Mark- would require smart products to meet certain thresholds, including ongoing software security support, to qualify for the program
  • FCC says the mark will signify that the devices meet/ and maintain certain standards
  • Main devices would be smart home appliances, TV's, climate controllers, but also list smart fitness tracker
  • Mark would be a shield – indicating that that device is meeting the standards
  • Participating manufactures and retailers are: Amazon, Google, Samsung, Logitech, Best Buy
• Back to School Scams- Amazon Releases Scam warning email to all customers
  • Unexpected calls, texts, emails that refer to costly membership fees going up if you do not act now...
  • Issues with your membership- asking for bank account/ payment info
  • Amazon issues warnings:
    • Trust Amazon –owned channels
    • Beware of false urgency
    • Never pay over the phone
    • Verify links first
• Apple fixes new Zero Day threat
  • Apple is aware of a report that this issue may have been actively exploited," the company said in an advisory describing a WebKit flaw tracked as CVE-2023-37450 that was addressed in a new round of Rapid Security Response (RSR) updates earlier this month.
  • The other zero-day patched today is a new Kernel flaw tracked as CVE-2023-38606 that was exploited in attacks targeting devices running older iOS releases.
  • exploited against versions of iOS released before iOS 15.7.1
• DEFCON – Mark to interview industry folks while out in Las Vegas this week