Afleveringen
-
In the digital age, data loss prevention is a top concern in cybersecurity as organizations strive to safeguard sensitive information in the hands of careless, compromised and complicit users.
Today’s episode of Protecting People dives into the inaugural Data Loss Landscape report. Our guests, Itir Clarke and Brian Gleeson shed light on the alarming statistics and insightful findings around data loss and people-based risk.
One of the most surprising findings: a mere 1% of users were responsible for almost 90% of data loss alerts.
The conversation also goes into exploring human-centric approaches to DLP, including: How understanding user behaviors can influence policy and shape effective controls to mitigate data loss risksThe impact of departing employees on data security and the need for proactive strategies to prevent unauthorized data exfiltrationThe importance of continually evaluating and adapting DLP strategies to address evolving threatsTune in to discover actionable strategies and best practices for safeguarding sensitive data in an increasingly complex threat landscape.Resources mentionedData Loss Landscape report:https://www.proofpoint.com/us/resources/threat-reports/data-loss-landscapeBlog posts about generative AIhttps://www.proofpoint.com/us/blog/email-and-cloud-threats/ai-concerns-safeguard-data-in-genai-chatgpthttps://www.proofpoint.com/us/blog/email-and-cloud-threats/generative-ai-risks-to-organizational-data -
Today’s episode revolves around the latest edition of our monumental research endeavor, the "State of the Phish" report. Joining host Brian Reed is a diverse panel of global experts: Jennifer Cheng from Singapore, Carl Leonard from the U.K., Marcelo Bezerra from Brazil, and Paul Chavez from the U.S.
While we see new encounters with malware strains, vulnerabilities, and tactics yearly, the human element remains a constant. In an era of human-based risks, safeguarding people is as crucial as securing networks and infrastructure.
Noteworthy insights include a decline in successful phishing attacks (from 88% to 75%) but an underlying concern as three-fourths of organizations still fall victim. A groundbreaking aspect of this report is its inclusion of user actions, revealing that 71% of users engage in risky behaviors—96% fully aware of the risks. The panel explores the cultural and organizational factors contributing to this phenomenon, touching on convenience, urgency and leadership buy-in.
Other topics discussed include:
Regional perspectives & cultural influencesGlobal validation of user behavior insightsTune in for a riveting discussion that goes beyond statistics, unraveling the intricate web of human behavior in the face of cybersecurity challenges. -
Zijn er afleveringen die ontbreken?
-
Five Minute Forecast for the week of January 29th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• 23andMe shares details of genetic data stolen in last year’s breach
• Ransomware payments drop to a new low
• The FBI warns of a new scam using bike couriers
And senior researcher Greg Lesnewich talks about the 100 days of YARA initiative. -
Five Minute Forecast for the week of January 22nd. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Microsoft under attack from Russian state-sponsored hacking group
• A ransomware attack steals data of over 35 million shoppers
• Researchers link 3AM ransomware to the notorious Conti group
And senior threat intelligence analyst Selena Larson shares insights into recent activity by threat actor TA866. -
Few tools are as critical to modern business than Microsoft 365. Unfortunately, the platform’s ubiquity and central role in the workplace also make it a prime target for cyber attackers.
In the face of these threats, Microsoft announced what it’s calling the Secure Future Initiative, or SFI. Today’s guest is Mark Harris, a cybersecurity advisor at Proofpoint and former Gartner analyst, who provides insights into the challenges Microsoft faces in this effort–and what it means for other cybersecurity vendors.
We also discuss:The increasing use of AI in security tools, both by defenders and attackersThe growing trend of bad actors using AI, such as in phishing emails and the emergence of deep fakesCautions against relying on a single vendor and emphasize the need for efficacy and efficiency in cybersecurity practices -
Five Minute Forecast for the week of January 15th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• CISA issues warning over high-severity SharePoint vulnerability
• Ransomware gang steals 1.3 million records from Fidelity National Finance
• Fake 401k statements used to hook victims on phishing spree
And senior threat intelligence analyst Selena Larson offers an update on the 2024 threat landscape. -
Five Minute Forecast for the week of January 8th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• LockBit ransomware threatens to leak sensitive medical data
• The FTC asks for help detecting AI voice clones
• Crypto-draining scams surge on social media
And senior threat intelligence analyst Selena Larson shares details on DarkGate, a new malware and some of the campaigns distributing it. -
With the holiday season upon us, the rush of shopping, travel planning, and charitable giving is in full swing. But as we engage in festive activities, cybercriminals are equally active, exploiting our generosity and the holiday spirit. In this episode, we dive into how to protect ourselves and our loved ones during the holidays and into 2024.
We are thrilled to have three experts joining us: Dr. Bob Hausmann, a manager of learning architecture and assessment at Proofpoint; Sarah Sabotka, senior threat researcher at Proofpoint; and Debbie Rich, Product Marketing Manager for Proofpoint Security Awareness.As security culture within organizations continues to grow, there is a needed emphasis on how individuals protect themselves personally because of the interconnectedness of their two worlds.
Proofpoint's Holiday Kit, a four-week campaign that empowers organizations to educate employees on staying safe during the holiday season, is wildly helpful to users.
The panel also discusses:Common Holiday ScamsThe psychology associated with individuals susceptible to scamsThe use of generative AI by attackersProofpoint’s Holiday KitResources mentioned:
Proofpoint’s Holiday Kit -
Five Minute Forecast for the week of December 18th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Play ransomware preys on hundreds of victims, including critical infrastructure
• Qbot malware quacks again after law enforcement take-down
• Amazon engineer pleads guilty to massive crypto theft
And threat research manager Daniel Blackford looks ahead to the new year while sharing some highlights from 2023. -
Five Minute Forecast for the week of December 11th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Unpatched exploits leave U.S. agencies vulnerable to attack
• Nissan investigates a potential data breach in Australia and New Zealand
• Bored Apes on the loose after NFT security bug revealed
And senior threat intelligence analyst—and Discarded podcast host—Selena Larson previews their next episode, looking at APT group TA422.
Discarded Podcast
TA422 Blog Post -
Five Minute Forecast for the week of December 4th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• U.S. takes action against North Korean cybercriminals
• TrickBot developer faces long prison stay after guilty plea
• More victims caught up in October’s Okta breach
And senior threat intelligence analyst Selena Larson offers a personal perspective on holiday cyberthreats. -
Five Minute Forecast for the week of November 27th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Hacktivists breach U.S. Nuclear lab
• GE investigates claims of sensitive data theft
• The FCC takes steps to curb SIM-swapping
And senior threat researcher Joshua Miller gives an update on activity by advanced persistent threat actor, TA402. -
Five Minute Forecast for the week of November 13th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• World’s largest bank hit by LockBit ransomware attack
• US sanctions money launderer linked to Russian ransomware
• LockBit leaks gigabytes of stolen Boeing data
And senior threat intelligence analyst Selena Larson shares an update on opportunistic cybercrime activity related to the Israel-Hamas conflict. -
Five Minute Forecast for the week of November 6th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Okta explains how hackers breached its support system
• Global coalition vows to stop paying ransomware gangs
• Discord ditches permanent file links to curb malware delivery
And senior threat intelligence analyst Selena Larson shares news of recent campaigns by threat actor TA571.
https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta571-delivers-icedid-forked-loader -
Five Minute Forecast for the week of October 30th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Okta hit by another data breach
• France says J’accuse! to Russian cyberattackers
• Mystery attackers target Russian government and industry
And senior threat intelligence analyst Selena Larson shares update from the recent VirusBulletin conference in London.
VB Conference Agenda
VB YouTube Channel -
Five Minute Forecast for the week of October 23rd. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• ICC hit by cyber espionage amid sensitive trials
• Spanish police bust phishing ring that stole data of 4 million people
• DC voter roll compromised in data breach
And threat detection analyst Dusty Miller shares updates on campaigns using fake browser updates. -
Five Minute Forecast for the week of October 16th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• CISA shares list of common ransomware vulnerabilities
• Google points the way to a password-free future
• 23andMe braces for multiple lawsuits after data breach
And senior threat researcher Sarah Sabotka shares key themes and concerns from this year’s Cybersecurity Awareness Month.
Sign up for our cybersecurity awareness month threat research webinar. -
You’ve probably heard the old cybersecurity cliché that attackers have to be right just once to be successful, while defenders have to be right all the time. In this episode we turn the concept on its head as we discuss the concept of the attack chain—and the opportunities it gives defenders to disrupt it.
Ryan Kalember, Executive Vice President of Cybersecurity Strategy at Proofpoint, joins host Brian Reed for an in-depth look at the modern attack chain. As Kalember explains, effective cybersecurity is not trying to secure every possible asset. Instead, it’s understanding that even in a technically secure environment, the “human factor” remains a major threat across the attack chain. That’s why addressing social engineering and human vulnerabilities is critical. Only by correlating disparate aspects of cybersecurity—especially when it comes to identity and user behavior—can organizations create a more holistic approach to security.
They also discuss:
A useful framework of cybersecurityWhich areas to address in regards to elimination vs. securing each assetUnderstanding the human element and social engineeringResources mentioned:
Board Members Feel Good Yet Unprepared (Sept Blog)
Cybersecurity Awareness Hub from Proofpoint
Cybersecurity Awareness Kit -
Five Minute Forecast for the week of October 9th. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• FTC warns of “staggering” social media scam losses
• 23andMe confirms user data stolen in credential stuffing attack
• MGM counts the $100 million cost of a recent ransomware attack
And senior threat research engineer Tony Robinson discusses a newly discovered malware, dubbed “ZenRAT.” -
Five Minute Forecast for the week of October 2nd. All the cyber security news you need to stay ahead, from Proofpoint’s Protecting People podcast.
• Details emerge of a massive email breach at the State Department
• Ransomware gangs double down on victims with dual encryption
• Bing’s AI chatbot answers some queries with malware
And threat intelligence analyst Selena Larson discusses an unusual campaign using romance lures to distribute malware. - Laat meer zien