In this week’s episode (#135): we continue our series on the future of Passwords as we are joined by Guemmy Kim, a group product manager at Google in charge of that company’s account security initiatives.
Vijay Balasubramaniyan of Pindrop joins us to talk about it. And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month’s hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components.
The arrival of functional quantum computers may be closer than you think. I’m joined by Avesta Hojjati, Head of DigiCert Labs and Brian LaMacchia, Distinguished Engineer and Head of the Security and Cryptography Group at Microsoft Research to talk about coming quantum revolution and what it means for security.
Podcast: Play in new window | Download (Duration: 28:27 — 32.6MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode of the podcast (#132): in the wake of news of the biggest fine yet for violations of the NERC Critical Infrastructure Protection (CIP) standard, we talk with Willy Leichter and Saurabh Sharma of the firm Virsec about whether the industry’s main security standard even matters in an age of sophisticated, nation-backed hackers. As we reported last week, NERC – the North American Electric Reliability Corporation – issued a $10 million fine and a 250 page report (PDF) detailing the failure by one of its member companies to abide by the organization’s main cyber security regulation the Critical Infrastructure Protection or CIP standards. Thirteen of the violations listed were rated as a “serious risk” to the operation of the Bulk Power System and 62 were rated a “moderate risk.” […]
Podcast: Play in new window | Download (Duration: 33:24 — 38.2MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#131): a shareholder lawsuit targeting Yahoo! executives was settled quietly. But it could have big implications for the C-Suite at breached firms. Also: as the US pursues criminal charges against Huawei for corporate espionage, we look at one of the federal government’s most potent tools to stop the transfer of sensitive IP: the Committee on Foreign Investment in the US. The C-Suite’s Bitter Pill This week, U.S. District Court judge Lucy Koh slapped down a proposed settlement of a class action lawsuit filed against Yahoo! (now part of Verizon Media) over a 2013 hack that exposed data on billions of its users. It’s just the latest twist in the saga of the once great search giant, who fell victim to hackers and then – astoundingly – conspired to […]