Preview Mode Links will not work in preview mode
  1. All Episodes
  2. DtSR Episode 253 - Defending the Small-to-Medium Enterprise

DtSR Episode 253 - Defending the Small-to-Medium Enterprise

Jul 18, 2017

On this podcast - James and I welcome Shon Gerber as we talk through a pair of current events and the topic of the day.

 

  • Blue Cross Blue Shield of Alabama sends out USB sticks
    • Security elitists up in arms
    • We've taught people to be suspicious - don't click, don't open docs, and don't use USB -- So how do we get our clients content?
    • To my fellow security professionals- it's reckless to continue to stand with a firm "no" while offering no alternatives
    • So what do we suggest?
    • More important - what threat model vector are we saying that blocking the sending out of USB sticks would defend against?
    • https://www.theregister.co.uk/2017/07/12/blue_cross_usb_card_mailers/
  • MySpace has a major account password reset flaw, allowing account take-over

 

This week we bring Shon Gerber onto the show to talk about defending the SMB and SME. Here are some of our talking points:

  • SMBs/SMEs are uniquely challenged in that they can't afford good security any more than they can accord lack of security -- what's the answer?
  • How do we achieve scale, in an area of industry with razor thing margins and tiny profit margins
  • SMBs/SMEs are more likely to be catastrophically affected by an attack such as ransomware than big companies -- agree or disagree (#DtSR on twitter to talk back)
  • Other challenges - including how to achieve scale

 

Guest:

  • Shon Gerber
    • Current
      • CISO for multinational chemical company with approximately 10K employees
    • Recent Past
      • Security Operations Supervisor for multi-national company 100K employees 
      • Senior Security Architect with multi-national 
      • Air Force Red Team - Squadron Commander
      • Multi-Disciplinary (Physical / Network Penetration Testing of Critical Systems)