Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains.
supply chain
Episode 227: What’s Fueling Cyber Attacks on Agriculture ?
In this episode of the podcast (#227) we speak with Allan Liska, the head of the CSIRT at the firm Recorded Future. about the spate of attacks in recent months targeting food processing plants, grain cooperatives and other agriculture sector targets. Allan and I talk about the how these attacks are playing out and why, all of a sudden, the agriculture supply chain is under attack.
Episode 223: CISA Looks To Erase The Security Poverty Line
In this week’s episode of the podcast (#223), we are joined by Josh Corman and Lisa Young of the COVID task force at CISA to talk about the agency’s work to improve the security of critical sectors of the U.S. economy. Job #1: erase the so-called security “poverty line” that keeps small, poorly resourced firms from obtaining the skills and talents they need to protect their networks, data and IT assets.
DEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk
A demonstration at DEF CON of glaring flaws in software by agricultural equipment giants John Deere and Case IH raise the specter of remote, software-based attacks that could cripple farms and impact US food production.
What SolarWinds Tells Us About Securing the Software Development Supply Chain
The recent SolarWinds attack highlights an Achilles heel for enterprises: software updates for critical enterprise applications. Digital signing of code is one solution, but organizations need to modernize their code signing processes to prioritize security and integrity and align with DevOps best practices, writes Brian Trzupek the Senior Vice President of Products at DigiCert in this thought leadership article.