Steve and Gerry discuss an insider threat issue that resulted in $700K worth of damage to a company in retaliation for termination. The obvious involuntary terminations activities were performed, but what issues led to a compromise? They spend time covering the advancement on cyber insurance driving security technology adoption. The finish the topics with a case study in vulnerability disclosure being done wrong.

As always they end with One Cool Thing.

Show Notes

Resources:


Insider threats and departing employees.
https://nakedsecurity.sophos.com/2019/03/22/sacked-it-guy-annihilates-23-of-his-ex-employers-aws-servers/

Cyber risk ratings from insurance companies. Do we need yet another measure?
https://www.scmagazine.com/home/security-news/cybercrime/a-collaborative-effort-by-some-of-the-worlds-largest-insurers-has-set-out-to-create-a-consumer-ratings-service-for-the-cybersecurity-industry

Bug reporting gets nasty
https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/

 

One Cool Thing
Is there a doctor in the house?

Auto-pilot tricks to kill your friends.
https://arstechnica.com/information-technology/2019/04/researchers-trick-tesla-autopilot-into-steering-into-oncoming-traffic/

Contact

Email infosecicu@musc.edu

Twitter: