Trust Issues

• EP 70 - Zero Days and High Stakes: The US Treasury Attack

  In this episode of Trust Issues, host David Puner dives into the recent high-profile cyberattack on the U.S. Treasury Department. Joined by Andy Thompson, CyberArk Labs' Senior Offensive Research Evangelist, and Joe Garcia, CyberArk’s Principal DevOps Solutions Engineer, they explore the timeline, details and implications of the attack. Discover proactive security recommendations, insights into zero-day vulnerabilities and the broader impact on federal cybersecurity. Tune in to learn how to help bolster your defenses against future cyber threats.To read CyberArk Labs' analysis of the U.S. Treasury attack, check out the teams' blog, "The US Treasury Attack: Key Events and Security Implications." 

  --------  

  26:00
• EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud

  In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management, emphasizing the importance of a multi-layered defense strategy as organizations increasingly adopt cloud services, digital transformation and agile development practices. Ritesh highlights the critical role of machine identities in managing secrets and the growing significance of AI and automation in enhancing security measures. He also underscores the necessity of a comprehensive approach that includes discovery, visibility and leak detection to safeguard sensitive information effectively. The conversation covers the challenges of managing secrets in multi-cloud environments and the importance of regular secret rotation and access control. This episode provides valuable insights into best practices and strategies for securing secrets. 

  --------  

  39:02
• EP 68 - Cloud Security, Collaboration and Futuring in the Now

  In this episode, Trust Issues host David Puner wraps up 2024 with a conversation with Red Hat’s Field CTO Ambassador E.G. Nadhan about the future of cybersecurity. They discuss the importance of cloud security principles, the impact of emerging technologies like AI and quantum computing, and the challenges of managing machine identities. Nadhan emphasizes the need for organizations to prepare for future security challenges by understanding the attacker mindset and taking proactive steps today to protect for tomorrow. The conversation also touches on collaboration within the open source community and the role of Red Hat's Field CTO organization in driving innovation and addressing market opportunities.

  --------  

  41:22
• EP 67 - The Password Problem

  In this episode of the Trust Issues podcast, host David Puner sits down with Andrew Shikiar, the Executive Director and CEO of the FIDO Alliance, to discuss the critical issues surrounding password security and the innovative solutions being developed to address them. Andrew highlights the vulnerabilities of traditional passwords, their susceptibility to phishing and brute force attacks, and the significant advancements in passwordless authentication methods, particularly passkeys. He explains how passkeys, based on FIDO standards, utilize asymmetric public key cryptography to enhance security and reduce the risk of data breaches. The conversation also covers the broader implications of strong, user-friendly authentication methods for consumers and organizations, as well as the collaborative efforts of major industry players to make the internet a safer place. Additionally, Andrew highlights the importance of identity security in the context of these advancements, emphasizing how robust authentication methods can protect personal and organizational data. Tune in to learn about the future of authentication and the steps being taken to eliminate the reliance on passwords.

  --------  

  34:56
• EP 66 - Post-Election Insights: AI, Misinformation and Security

  In this episode of Trust Issues, host David Puner interviews James Imanian, Senior Director of the U.S. Federal Technology Office at CyberArk. They discuss the critical topic of election security, focusing on the recent 2024 U.S. presidential election. Drawing from his extensive background in cybersecurity including a career in the Navy and a stint at the U.S. Department of Homeland Security, James brings a wealth of experience to the conversation, which explores AI's impact on election security—highlighting how AI has transformed the landscape by increasing the scale, speed and sophistication of misinformation and disinformation campaigns. James explains the differences between misinformation, disinformation and malinformation and their roles in the information environment surrounding elections.He also highlights the importance of public-private partnerships in securing election infrastructure and the role of international collaboration in countering nation-state threats. The episode examines the challenges of maintaining trust in the digital age and the potential of identity verification technologies to enhance information trustworthiness.Finally, the discussion touches on the parallels between election security and enterprise cybersecurity, emphasizing the need for critical thinking and proactive measures to uphold the integrity of both elections and organizational security.For more insights from James Imanian on election security, check out his blog, "Six Key Measures for Upholding Election Security and Integrity." 

  --------  

  37:49

More Technology podcasts

Trending Technology podcasts

About Trust Issues