Securing Health, Creating Phishing-Resistant Users & Rising Ransomware Stakes – Jim Broome, John Shier, Christopher Harrell – ESW #364
The interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive incident response plan, outlining strategies for containment, restoration, and ongoing security operations, and how an MSSP can help.
Segment Resources: Tales from the Road Blog: An External Pen Test at a Healthcare Organization Reveals the Dangers of the Dark Web - https://www.directdefense.com/tales-from-the-road-an-external-pen-test-reveals-the-dangers-of-the-dark-web/
2023 Security Operations Threat Report: https://go.directdefense.com/2023-Security-Operations-Threat-Report
This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them!
In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials – resulting from attacks such as phishing which has been exacerbated by the rise in use of Artificial Intelligence (AI). The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. Christopher Harrell, Yubico’s Chief Technology Officer, shares how organizations can achieve passwordless authentication at scale with high assurance phishing-resistant multi-factor authentication (MFA) to elevate their security posture against phishing attacks while creating phishing-resistant users.
Segment Resources: https://www.yubico.com/blog/empowering-enterprise-security-at-scale-with-new-product-innovations-yubikey-5-7-and-yubico-authenticator-7/
This segment is sponsored by Yubico. Visit https://securityweekly.com/yubicorsac to learn more about them!
In this podcast segment, we delve into Sophos' fifth annual State of Ransomware report, exploring significant findings and trends in the evolving ransomware landscape. We'll discuss the sharp increase in recovery costs, the strategic targeting of backups by hackers, and the evolving role of cyber insurance in ransom payments. Our discussion will provide insights into how organizations can adapt their cybersecurity measures to mitigate these heightened threats and recover more effectively from attacks.
Segment Resources: Blog: The State of Ransomware 2024 Report: https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf Press release: Ransomware Payments Increase 500% In the Last Year, Finds Sophos State of Ransomware Report
This segment is sponsored by Sophos. Visit https://www.securityweekly.com/sophosrsac to learn more about them!
Sponsored By
Guests
Jim Broome is a seasoned IT/IS veteran with more than 20 years of information security experience in both consultative and operational roles. Jim leads DirectDefense, where he is responsible for the day-to-day management of the company, as well as providing guidance and direction for our service offerings.
Previously, Jim was a Director with AccuvantLABS where he managed, developed, and performed information security assessments for organizations across multiple industries. Prior to AccuvantLABS, Jim was a Principal Security Consultant with Internet Security Systems (ISS) and their X-Force penetration testing team.
John Shier is a Field CTO, Threat Intelligence at Sophos with more than two decades of cybersecurity experience. He’s passionate about protecting consumers and organizations from advanced threats, and has researched everything from costly ransomware to illicit dark web activity, uncovering insights needed to strengthen proactive cybersecurity defenses.
John is often consulted by press, and has been quoted in publications like Reuters, WIRED, Fortune, CNN, The Hill, Fast Co, Yahoo, and more. He’s also a frequent speaker at industry events like RSA Conference, Infosec, Cebit, Gitex, and more.
Based in Toronto, John is available on Twitter (@john_shier) and can be reached via email at [email protected].
Christopher Harrell is the Chief Technology Officer at Yubico where he is responsible for driving innovative authentication and security products to market. He has more than 20 years of security engineering and architecture expertise along with extensive experience managing and leading teams.
Previously, Christopher served as Director of Security Engineering at Yahoo, and as Information Security Manager at Apple. Together, in these roles, Christopher had the opportunity to secure hundreds of thousands of computers, impacting billions of users worldwide. Christopher is passionate about the potential for technology to improve lives. He believes that security and usability can co-exist, and enjoys the engineering challenge of proving it.
Hosts
