Podcast: Play in new window | Download (Duration: 39:54 — 45.7MB)Subscribe: Android | Email | Google Podcasts | RSS In this week’s episode (#112): top bug hunters can earn more than $1 million a year from “bounties” paid for information on exploitable software holes in common platforms and applications. What does it take to be among the best? We talk with Jason Haddix of the firm Bug Crowd to find out. Also: The Internet Society’s Jeff Wilbur talks about the new #GetIoTSmart campaign to educate device makers and the public about Internet of Things security.
Spotlight Podcast: Flashpoint’s Allison Nixon on SIM Swapping and the Looming Online Identity Crisis
Podcast: Play in new window | Download (Duration: 19:08 — 21.9MB)Subscribe: Android | Email | Google Podcasts | RSSYour smart phone does double and triple duty: letting you do banking, buy a cup of coffee, board a plane or access a sensitive online account. But that doesn’t mean that your phone number is equally as trustworthy. In this Spotlight Podcast, we speak with Flashpoint* head of research Allison Nixon about how a recent rash of SIM swapping attacks highlights a looming crisis in online identity.
Podcast: Play in new window | Download (Duration: 59:10 — 67.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast (episode #111), sponsored by CyberSN: what happens when the Internet gets physical? Noted author and IBM security guru Bruce Schneier joins us to talk about his new book on Internet of Things risk: Click Here to Kill Everybody. Also: everyone knows that cyber security talent is hard to come by, and even harder to keep. But why does precious cyber talent walk? In our second segment, we’re joined by Deidre Diamond of cyber security placement firm CyberSN, who has all the answers.
Podcast: Play in new window | Download (Duration: 33:38 — 38.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#110): the second major flaw in Apache Struts 2 in as many years and has put the information security community on alert. But is this vulnerability as serious as the last, which resulted in the hack of the firm Equifax? We talk with an expert from the firm Synopsys. And: we’ve heard a lot about the risk of cyber attacks on the critical infrastructure used to generate and distribute electricity. But what would happen if someone figured out to how to hack electricity demand? The Internet of Things just might make that possible. We talk to a Princeton University researcher behind a paper that discusses how even small changes in demand can have big consequences for the grid.
Podcast: Play in new window | Download (Duration: 25:17 — 28.9MB)Subscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Podcast, sponsored by Arctic Wolf Networks: sessions at this month’s Black Hat Briefings on PTSD and substance abuse among security workers are proof that the high pressure, high stakes world of information security can take its toll. So what does it take to find, train and nurture information security pros? Sam McLane, the Chief Technology Services Officer at the firm Arctic Wolf Networks joins us to talk about how his company holds on to top security talent.