We Like Puppies – BSW #210
Full Audio
View Show IndexSegments
1. Medical Device Secure Development Lifecycle – Christopher Gates – BSW #210
How to incorporate security into your existing medical device development process, What artifacts need to be created, & Security activities that are new.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Christopher is Velentium’s Director of Product Security, overseeing the company’s Cybersecurity division. Christopher has worked for over 40 years developing medical devices, the last 12 of which have been dedicated to device cybersecurity.
Christopher describes himself as a prophet who evangelizes the benefits of a secure development lifecycle, not only to increase a device’s security but also to ease the burden of the developer and ensure the high-quality outcome of the product itself. Christopher is on a five year mission to raise the level of cybersecurity in the medical device industry, this started with the first and only book published about Medical Device Cybersecurity and is continuing with certified training in embedded cybersecurity for medical device manufacturers.
Hosts
2. Dictionary Attacks, SASE Misinformation, & 3 Key Tasks – BSW #210
In the Leadership and Communication Segment, 5 Reasons Why Cybersecurity Should Be A Priority While Planning Your Business, 3 Key Tasks That Help Me Work Way Less and Accomplish More, Everything You Need to Know About Dictionary Attacks, Is Misinformation Slowing SASE Adoption, & more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
Hosts
- 1. Winning the Cybersecurity ContestPrioritization, Hand Off to MSSP, Run a Scout Team, Invest in People, Left of Boom
- 2. 5 Reasons Why Cybersecurity Should Be A Priority While Planning Your BusinessHeh: "Hence, the cybersecurity in your business can: Involve more clients, Form the sustainable loyal clients base, Build the nice reputation, Save money on the new PR company"
- 3. Is Misinformation Slowing SASE Adoption?"SASE is the convergence of networking and security that optimizes access performance, reduces operational complexity and enhances security posture on a global scale,” said Greenfield. “SASE is built on a cloud-native and cloud-based architecture, which is distributed globally across many points of presence (PoPs) and supports all edges of the network."
- 4. CIOs lead digital tool transformation, but adoption imperfect"Digital tools provide value, but there's a gap between what businesses can achieve and the potential of certain tools, according to Dion Hinchcliffe, VP and principal analyst at Constellation Research. "Modern IT solutions have very high leverage and can provide lots of value, if we're using ... some of their more advanced features, which we typically don't train our workers on first,"" - Adoption means people are trained on it!
- 5. Cloudflare wants to be your corporate network backbone with centralized management and security
- 6. 3 Key Tasks That Help Me Work Way Less and Accomplish MorePrioritize and execute: "Now, I take a slightly different approach, and it has paid off immensely. I focus 70–80 percent of my time each day on my main income stream, and I utilize that other 20–30 percent of my day for other things (which I will describe in more detail in task two below). By devoting only 70–80 percent of my time to my main income stream, I have opened up opportunities to work on other projects. "
- 7. $50m ransomware demand on Acer is highest everCarnage: "Separately, BleepingComputer’s investigation into the attack suggests that the REvil gang may have successfully weaponised the Microsoft Exchange ProxyLogon vulnerabilities in order to gain access to Acer’s network."
- 8. Everything You Need to Know About Dictionary AttacksCISOs need more practical advice: Two-factor authentication, Password vaults, and making certain developers are using 1) Secure password hash storage and 2) Secure password reset. Make those things a priority, the rest is noise.