Himalaya: Listen. Learn. Grow.

4.8K Ratings
Open In App
title

C-IT Security Podcast

Charles Whitby: Business Security Thought Leader

0
Followers
0
Plays
C-IT Security Podcast

C-IT Security Podcast

Charles Whitby: Business Security Thought Leader

0
Followers
0
Plays
OVERVIEWEPISODESYOU MAY ALSO LIKE

Details

About Us

Welcome to the C-IT Security website, where corporate leaders are informed of the latest news relating to information assurance, protection and privacy. This website is not just for the IT professional, but any professional who is concerned about his/her company ending up in the news. We will brief you on the latest security news around the globe and provide suggestions for high level controls to explore in your organization. By no means is this podcast a consulting service. The idea is to foster creative thinking for the prudent business leader to make intelligent decisions based upon the impact other businesses are experiencing by current threat actors.

Latest Episodes

8-25-14 An attack targeting JP Morgan and Chase Customers in the United States

“Diligence is the mother of good fortune and idleness, its opposite never brought a man to the goal of any of his best wishes.” -Miguel De Cervantes JPMorgan Chase customers targeted in massive phishing campaign http://www.scmagazine.com/jpmorgan-chase-customers-targeted-in-massive-phishing-campaign/article/367615/ http://www.darkreading.com/jp-morgan-targeted-in-new-phishing-campaign/d/d-id/1306589? C-IT Recommendation Provide social engineering awareness for your customers. Ensure you communicate specifically how your organization will communicate […]

8 MIN2014 AUG 25
Comments
8-25-14 An attack targeting JP Morgan and Chase Customers in the United States

8-20-14

“Out there in some garage is an entrepreneur who’s forging a bullet with your company’s name on it.” -Gary Hamel Cybercriminals Deliver Point-of-Sale Malware to 51 UPS Store Locations http://www.securityweek.com/cybercriminals-deliver-point-sale-malware-51-ups-store-locations http://www.scmagazine.com/ups-announces-breach-impacting-51-us-locations/article/367257/ C-IT Recommendation Create new non-intuitive usernames for POS accounts. Disable the default usernames. Use Strong password for Terminal log in accounts and change them […]

9 MIN2014 AUG 21
Comments
8-20-14

8-19-14

7 MIN2014 AUG 20
Comments
8-19-14

8-18-14 The problem with former employees retaining access to companies they no longer work for

Bulk of Ex-Employees Retain Access to Corporate Apps: Survey http://www.securityweek.com/bulk-ex-employees-retain-access-corporate-apps-survey http://www.infosecurity-magazine.com/news/uk-smbs-manage-exemployee-risk/ C-IT Recommendation Verify your company has an effective and enforced access control standard and policy which requires that access be removed when an employee transfers within the organization or leaves the organization. Use Role based Access Control. Roles should be specifically defined by the […]

9 MIN2014 AUG 18
Comments
8-18-14 The problem with former employees retaining access to companies they no longer work for

8-13-14 A tech support scam targeting trusting users, a report describing 2014 as the year of the data breach, Microsoft’s plan to stop supporting older versions of Internet Explorer

“It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” – Charles Darwin Windows tech support scammers take root in the U.S. http://www.csoonline.com/article/2464030/security-leadership/windows-tech-support-scammers-take-root-in-the-u-s.html Article Resources Malwarebytes blog on the scare tactic https://blog.malwarebytes.org/fraud-scam/2014/08/beware-of-us-based-tech-support-scams/ 2014 So Far: The Year of the Data Breach http://www.infosecurity-magazine.com/news/2014-the-year-of-the-data-breach/ C-IT […]

11 MIN2014 AUG 13
Comments
8-13-14 A tech support scam targeting trusting users, a report describing 2014 as the year of the data breach, Microsoft’s plan to stop supporting older versions of Internet Explorer

8-12-14 The PCI Council publication advising companies how to ensure security compliance with third party service providers, New malware that hides in media files, Microsoft patch Tuesday bulletins

“It doesn’t take great men to do things, but it is doing things that make men great.” -Arnold Glasow PCI Council Publishes Guidance on Working With Third-party Providers http://www.securityweek.com/pci-council-publishes-guidance-working-third-party-providers http://www.scmagazine.com/pci-council-releases-third-party-security-assurance-guidance/article/365658/ C-IT Recommendation Require your third party service provider to provide a report of compliance and require the entity to conform to conducting a risk analysis […]

14 MIN2014 AUG 12
Comments
8-12-14 The PCI Council publication advising companies how to ensure security compliance with third party service providers, New malware that hides in media files, Microsoft patch Tuesday bulletins

8-11-14 A letter issued to Automotive CEOs to beef up automobile security, New bank malware activity in the United States, a website vulnerability that your company may need to fix

“Great men undertake great things because they are great; fools, because they think them easy.” -Luc de Vauvenargues Hackers Demand Automakers Get Serious About Security http://www.securityweek.com/hackers-demand-automakers-get-serious-about-security http://www.darkreading.com/application-security/automakers-openly-challenged-to-bake-in-security/d/d-id/1297902 C-IT Recommendation Find out if your organization has Security embedded into the Product Development Life Cycle. There should be no new systems released to the public or deployed […]

12 MIN2014 AUG 12
Comments
8-11-14 A letter issued to Automotive CEOs to beef up automobile security, New bank malware activity in the United States, a website vulnerability that your company may need to fix

8-7-14 A report by Cisco Systems alleging most enterprises are exposed to browser attack, 1.2 Billion email accounts globally hacked by a Russian attack group

“The purpose of business is to create and keep a customer.” ― Peter F. Drucker Over 90% of Enterprises Exposed to Man-in-the-Browser Attacks: Cisco http://www.securityweek.com/over-90-enterprises-exposed-man-browser-attacks-cisco http://www.csoonline.com/article/2459954/data-protection/cisco-patches-traffic-snooping-flaw-in-operating-systems-used-by-networking-gear.html C-IT Recommendation Perform regular security assessments in your organization Corporate leaders must establish a security debrief cadence with the information security teams. CSOs/CISO’s should meet with operational teams weekly […]

16 MIN2014 AUG 7
Comments
8-7-14 A report by Cisco Systems alleging most enterprises are exposed to browser attack, 1.2 Billion email accounts globally hacked by a Russian attack group

8-5-14 Data thieving software posing as a security application on Android Devices, a report explaining that most top free and paid mobile apps pose threats to organizations

“Genius is one percent inspiration and ninety–nine percent perspiration.” – Thomas A. Edison Android malware SandroRAT disguised as mobile security app http://www.scmagazine.com/android-malware-sandrorat-disguised-as-mobile-security-app/article/364455/ Article Resources McAfee Blog Post http://blogs.mcafee.com/mcafee-labs/sandrorat-android-rat-targeting-polish-banking-users-via-e-mail-phishing Emory Libraries Information Security Awareness covering Phishing http://it.emory.edu/security/security_awareness/phishing.html Most Top Free and Paid Mobile Apps Pose Threat to Enterprises: Report https://www.securityweek.com/most-top-free-and-paid-mobile-apps-pose-threat-enterprises-report C-IT Recommendation Perform an asset […]

12 MIN2014 AUG 5
Comments
8-5-14 Data thieving software posing as a security application on Android Devices, a report explaining that most top free and paid mobile apps pose threats to organizations

8-4-14 A report that shows many c-level executives have little respect for their Information Security Leaders, a social engineering campaign that takes advantage of Microsoft Word weaknesses, The US Department of Homeland Security’s report on Po

“If you work just for money, you’ll never make it, but if you love what you’re doing and you always put the customer first, success will be yours.” – Ray Kroc C-Level Execs to CISOs: No Seat for You! https://www.securityweek.com/c-level-execs-cisos-no-seat-you http://www.scmagazine.com/study-ciso-leadership-capacity-undervalued-by-most-c-level-execs/article/364231/ C-IT Recommendation Corporate leaders must establish a security debrief cadence with the information security […]

20 MIN2014 AUG 4
Comments
8-4-14 A report that shows many c-level executives have little respect for their Information Security Leaders, a social engineering campaign that takes advantage of Microsoft Word weaknesses, The US Department of Homeland Security’s report on Po

Latest Episodes

8-25-14 An attack targeting JP Morgan and Chase Customers in the United States

“Diligence is the mother of good fortune and idleness, its opposite never brought a man to the goal of any of his best wishes.” -Miguel De Cervantes JPMorgan Chase customers targeted in massive phishing campaign http://www.scmagazine.com/jpmorgan-chase-customers-targeted-in-massive-phishing-campaign/article/367615/ http://www.darkreading.com/jp-morgan-targeted-in-new-phishing-campaign/d/d-id/1306589? C-IT Recommendation Provide social engineering awareness for your customers. Ensure you communicate specifically how your organization will communicate […]

8 MIN2014 AUG 25
Comments
8-25-14 An attack targeting JP Morgan and Chase Customers in the United States

8-20-14

“Out there in some garage is an entrepreneur who’s forging a bullet with your company’s name on it.” -Gary Hamel Cybercriminals Deliver Point-of-Sale Malware to 51 UPS Store Locations http://www.securityweek.com/cybercriminals-deliver-point-sale-malware-51-ups-store-locations http://www.scmagazine.com/ups-announces-breach-impacting-51-us-locations/article/367257/ C-IT Recommendation Create new non-intuitive usernames for POS accounts. Disable the default usernames. Use Strong password for Terminal log in accounts and change them […]

9 MIN2014 AUG 21
Comments
8-20-14

8-19-14

7 MIN2014 AUG 20
Comments
8-19-14

8-18-14 The problem with former employees retaining access to companies they no longer work for

Bulk of Ex-Employees Retain Access to Corporate Apps: Survey http://www.securityweek.com/bulk-ex-employees-retain-access-corporate-apps-survey http://www.infosecurity-magazine.com/news/uk-smbs-manage-exemployee-risk/ C-IT Recommendation Verify your company has an effective and enforced access control standard and policy which requires that access be removed when an employee transfers within the organization or leaves the organization. Use Role based Access Control. Roles should be specifically defined by the […]

9 MIN2014 AUG 18
Comments
8-18-14 The problem with former employees retaining access to companies they no longer work for

8-13-14 A tech support scam targeting trusting users, a report describing 2014 as the year of the data breach, Microsoft’s plan to stop supporting older versions of Internet Explorer

“It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” – Charles Darwin Windows tech support scammers take root in the U.S. http://www.csoonline.com/article/2464030/security-leadership/windows-tech-support-scammers-take-root-in-the-u-s.html Article Resources Malwarebytes blog on the scare tactic https://blog.malwarebytes.org/fraud-scam/2014/08/beware-of-us-based-tech-support-scams/ 2014 So Far: The Year of the Data Breach http://www.infosecurity-magazine.com/news/2014-the-year-of-the-data-breach/ C-IT […]

11 MIN2014 AUG 13
Comments
8-13-14 A tech support scam targeting trusting users, a report describing 2014 as the year of the data breach, Microsoft’s plan to stop supporting older versions of Internet Explorer

8-12-14 The PCI Council publication advising companies how to ensure security compliance with third party service providers, New malware that hides in media files, Microsoft patch Tuesday bulletins

“It doesn’t take great men to do things, but it is doing things that make men great.” -Arnold Glasow PCI Council Publishes Guidance on Working With Third-party Providers http://www.securityweek.com/pci-council-publishes-guidance-working-third-party-providers http://www.scmagazine.com/pci-council-releases-third-party-security-assurance-guidance/article/365658/ C-IT Recommendation Require your third party service provider to provide a report of compliance and require the entity to conform to conducting a risk analysis […]

14 MIN2014 AUG 12
Comments
8-12-14 The PCI Council publication advising companies how to ensure security compliance with third party service providers, New malware that hides in media files, Microsoft patch Tuesday bulletins

8-11-14 A letter issued to Automotive CEOs to beef up automobile security, New bank malware activity in the United States, a website vulnerability that your company may need to fix

“Great men undertake great things because they are great; fools, because they think them easy.” -Luc de Vauvenargues Hackers Demand Automakers Get Serious About Security http://www.securityweek.com/hackers-demand-automakers-get-serious-about-security http://www.darkreading.com/application-security/automakers-openly-challenged-to-bake-in-security/d/d-id/1297902 C-IT Recommendation Find out if your organization has Security embedded into the Product Development Life Cycle. There should be no new systems released to the public or deployed […]

12 MIN2014 AUG 12
Comments
8-11-14 A letter issued to Automotive CEOs to beef up automobile security, New bank malware activity in the United States, a website vulnerability that your company may need to fix

8-7-14 A report by Cisco Systems alleging most enterprises are exposed to browser attack, 1.2 Billion email accounts globally hacked by a Russian attack group

“The purpose of business is to create and keep a customer.” ― Peter F. Drucker Over 90% of Enterprises Exposed to Man-in-the-Browser Attacks: Cisco http://www.securityweek.com/over-90-enterprises-exposed-man-browser-attacks-cisco http://www.csoonline.com/article/2459954/data-protection/cisco-patches-traffic-snooping-flaw-in-operating-systems-used-by-networking-gear.html C-IT Recommendation Perform regular security assessments in your organization Corporate leaders must establish a security debrief cadence with the information security teams. CSOs/CISO’s should meet with operational teams weekly […]

16 MIN2014 AUG 7
Comments
8-7-14 A report by Cisco Systems alleging most enterprises are exposed to browser attack, 1.2 Billion email accounts globally hacked by a Russian attack group

8-5-14 Data thieving software posing as a security application on Android Devices, a report explaining that most top free and paid mobile apps pose threats to organizations

“Genius is one percent inspiration and ninety–nine percent perspiration.” – Thomas A. Edison Android malware SandroRAT disguised as mobile security app http://www.scmagazine.com/android-malware-sandrorat-disguised-as-mobile-security-app/article/364455/ Article Resources McAfee Blog Post http://blogs.mcafee.com/mcafee-labs/sandrorat-android-rat-targeting-polish-banking-users-via-e-mail-phishing Emory Libraries Information Security Awareness covering Phishing http://it.emory.edu/security/security_awareness/phishing.html Most Top Free and Paid Mobile Apps Pose Threat to Enterprises: Report https://www.securityweek.com/most-top-free-and-paid-mobile-apps-pose-threat-enterprises-report C-IT Recommendation Perform an asset […]

12 MIN2014 AUG 5
Comments
8-5-14 Data thieving software posing as a security application on Android Devices, a report explaining that most top free and paid mobile apps pose threats to organizations

8-4-14 A report that shows many c-level executives have little respect for their Information Security Leaders, a social engineering campaign that takes advantage of Microsoft Word weaknesses, The US Department of Homeland Security’s report on Po

“If you work just for money, you’ll never make it, but if you love what you’re doing and you always put the customer first, success will be yours.” – Ray Kroc C-Level Execs to CISOs: No Seat for You! https://www.securityweek.com/c-level-execs-cisos-no-seat-you http://www.scmagazine.com/study-ciso-leadership-capacity-undervalued-by-most-c-level-execs/article/364231/ C-IT Recommendation Corporate leaders must establish a security debrief cadence with the information security […]

20 MIN2014 AUG 4
Comments
8-4-14 A report that shows many c-level executives have little respect for their Information Security Leaders, a social engineering campaign that takes advantage of Microsoft Word weaknesses, The US Department of Homeland Security’s report on Po
hmly
Welcome to Himalaya LearningDozens of podcourses featuring over 100 experts are waiting for you.