This time, on PVCSec: Verizon reminds us we’re bad at security (THX, FotS @hrbrmstr), why it's not a good idea for corporations to use your PII as ID for PHI, you can’t handle the Truth! & BIG NEWS!
Dear Friends,
The PVC Security Podcast returns to form this week. Ed & Paul wax philosophic and cantankerous about topics such as:
BIG NEWS! As leaked/spoiled/generally known, PVC Security Podcast will record LIVE! at Converge/Bsides Detroit 16 - 18 July, specifics TBD. Stay Tuned! Ed & Paul also present 4 Pillars - Passion, Vision, Communication, Execution. Get your tickets now!
The Verizon 2015 Data Breach Investigations Report (DBIR)
Key take-aways:
9 major areas previously identified are still responsible for 95% of security incidents: user error, crimeware insider/privilege misuse, physical theft/loss, Web application attacks, denial-of-service attacks, cyber espionage, point-of-sale intrusions, and payment card skimmers
The cost of breaches is going up
Phishing is still a thing
70% of attacks also impact a second party
Mobile isn’t that big of an issue (yet)
"99.9% of the exploited vulnerabilities were compromised more than a year after the CVE"
Ed's rant on using US Social Security Numbers (SSN) or other Personally Identifiable Information (PII) for account numbers.
The value of providing negative feedback, as painful as it is to give and receive.
Show Notes:
FothS = Friend of the Show
Bob Rudis (@hrbrmstr) contributed to the Verizon 2015 DBIR.
http://www.verizonenterprise.com/DBIR/2015/?utm_source=pr&utm_medium=pr&utm_campaign=dbir2015
http://www.securingthehuman.org/blog/2015/04/16/2015-verizon-dbir-from-a-securing-the-human-perspective
http://www.darkreading.com/attacks-breaches/verizon-dbir-mobile-devices-not-a-factor-in-real-world-attacks/d/d-id/1319905?_mc=RSS_DR_EDT
http://www.gsa.gov/portal/content/104256
http://99u.com/articles/41263/why-its-selfish-to-avoid-giving-negative-feedback
Music Intro: Talking In Your Sleep by The Romantics (from Detroit, BTW)
Music Outro: Tus ojos que contemplo con delicia
Paul recorded from Mexico City, Ed from Tennessee, and Tim from the Carolinas.
↧
