The Weekly Run Down 3/11-3/15
Ryan Williams Sr.
Cybersecurity & Risk Management Consultant | Podcast Host | Helping Businesses Achieve Compliance & Security Excellence
TGIF! I hope everyone had a more than tolerable work week and made plans for a relaxing weekend. Grab your favorite morning beverage and get comfortable because we've got quite the lineup for you in this week's newsletter. This week both Shannon and I hope to bring you, wary cyberspace defenders, tales that intrigue, insights that enlighten, and even sprinkle in a little wisdom you didn't know you needed.
Imagine sneaky cyber spies from Russia taking a peek into Microsoft's deepest secrets or a passionate Texas educator on the precipice of eradicating those baffling terms and conditions buried deep in every End User Agreement. And just when we thought the fortress overseen by CISA was untouchable, along comes a breach to remind us that no one is ever truly safe from a well-armed cyber adversary.
But wait, there's more! This week, "Ask A CISSP" delivered a gem of a chat with Michael Ware , learning more about his background and "cybersecurity origin story", as well as, an important discussion on diversity and the moral dilemmas AI is starting to throw our way. Hosts Ryan Williams Sr. and Shannon Tynes took us down kung fu memory lane.
Last but certainly not least, continue reading for a sneak peek at next week's guest on the "Ask A CISSP" podcast.
So, whether you're here to catch up on this week's cybersecurity hijinks or simply in search of your next Netflix show to devour, you're in the perfect spot. Dive into this week's stories with us, level up your cybersecurity knowledge, and who knows? You might find yourself cracking a smile along the way. Don't forget to hit the "Read more" links for each episode's full article, and please, do Like, Share, and Subscribe to our podcast wherever you tune in!
Monday - Microsoft's Source Code Theft
You can view the full podcast episode on our YouTube page:
You can listen to the full podcast episode on almost every audio platform:
In this week's cyber scoop, we dive into a daring escapade that seems straight out of a spy thriller. The culprit? A group of Russian government hackers, known as Midnight Blizzard APT, who made headlines with a brazen heist against none other than Microsoft. Deemed infamous after their SolarWinds breach, these digital intruders managed to pilfer source code and sneak a peek at top execs' emails, all thanks to some advanced password-spraying finesse. Despite Microsoft's formidable security, Midnight Blizzard's attack, which began unnoticed in November 2023 and came to light only in January, has spotlighted a glaring flaw in the armor against state-sponsored cyber espionage.
As the dust settles and Microsoft digs deeper, the extent of Midnight Blizzard's infiltration remains shrouded in mystery, hinting they might still be lurking within. This episode not only emphasizes the shadowy persistence of cyber foes but also serves as a stark reminder of the Achilles' heel posed by legacy accounts. It's a call to arms for enhanced identity access management (IAM) and a proactive stance on cybersecurity, reminding us that the digital battleground is ever-changing and vigilance is our greatest weapon.
Tuesday - A Grant To Help Simplify User Agreements
You can view the full podcast episode on our YouTube page:
You can listen to the full podcast episode on almost every audio platform:
This week, we spotlight Dr. Lavanya Elluri of Texas A&M University–Central Texas , who's pioneering a project that might just change how we interact with those lengthy, often ignored terms and conditions. Armed with a $170,000 grant from the National Science Foundation (NSF) , Dr. Elluri's mission is to cut through the legalese, making the crucial details of privacy and security in these documents accessible to all of us. The key? An innovative app that's set to break down complex federal and state data privacy laws into bite-sized, understandable pieces.
While the enthusiasm for this project is palpable, our dynamic duo, Ryan and Shannon, shed light on the real challenge: shifting the deep-seated habit of bypassing terms and conditions. This bold move doesn't just spotlight Texas as a frontrunner in cybersecurity innovation; it's paving the way for a broader national push toward better digital literacy and privacy awareness.
Wednesday - CISA Hacked But How?
You can view the full podcast episode on our YouTube page:
You can listen to the full podcast episode on almost every audio platform:
In a startling revelation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) was recently breached by a highly sophisticated cyber-attack. The assailants exploited vulnerabilities in Ivanti products, infiltrating at least two critical national security systems. Despite the stealth of their approach, CISA's eagle-eyed detection of suspicious activities led to the swift shutdown of the implicated systems, showcasing the agency's readiness to confront such challenges head-on.
This breach has thrown a spotlight on the urgent necessity for modernizing our systems and keeping hardware and software up to date to withstand the relentless evolution of cyber threats. While the attackers remain in the shadows, their audacity serves as a grim reminder of the sophisticated dangers that prowl our digital landscape. As we navigate the murky waters of cybersecurity in an era where nation-state actors are increasingly bold, this incident underscores the paramount importance of staying vigilant, building resilience, and fostering international collaboration to fortify our digital defenses.
领英推荐
Thursday - Meet Michael Ware - CIO, NC Department of Environmental Quality
You can view the full podcast episode on our YouTube page:
You can listen to the full podcast episode on almost every audio platform:
In an insightful episode of "Ask A CISSP," we're treated to Michael Ware 's fascinating journey from a 24-year military career to spearheading cybersecurity as the Chief Information Officer (CIO) for the North Carolina Department of Environmental Quality . Mike's story is a testament to the unique blend of military discipline and strategic prowess that enriches the cybersecurity sector. Beyond his narrative, the discussion broadens to explore the vital impact of cultural and neurodiversity in sparking innovation and fostering a more inclusive approach to cyber challenges.
The conversation with host, Ryan Williams Sr. takes a deep dive into how political landscapes influence cybersecurity strategies, highlighting the adaptability and forward-thinking required of professionals in the field. AI's role in shaping future cybersecurity measures also gets a spotlight, alongside a frank dialogue on the biases and ethical dilemmas that need addressing to leverage AI effectively.
Not one to gloss over the tech world's darker corners, the episode brings to light the alarming rise of "Pig Butchering" scams (see video below), underscoring the ethical duty of cybersecurity experts to educate and safeguard the public. This episode embodies the dynamic, multifaceted nature of cybersecurity, urging listeners to cultivate vigilance, inclusivity, and integrity in their professional journey through the digital age.
Pig Butchering Scams: Last Week Tonight with John Oliver (HBO):
Friday - The Weekly Run Down 3/15
You can view the full podcast episode on our YouTube page:
You can listen to the full podcast episode on almost every audio platform:
This week, Ryan and Shannon take us on a detour into their movie and gaming lives, kicking things off with their take on Netflix's live-action rendition of "Avatar: The Last Airbender." They dive into how it stands up against the cherished animated original, dissecting the nuances in tone and storytelling that set the two apart. As they ponder what lies ahead for the franchise, it's clear that this adaptation sparks as much curiosity as it does debate.
The conversation takes a poignant turn as they pay tribute to the late Andre Braugher, whose memorable role in "Brooklyn Nine-Nine" left an indelible mark on the comedy landscape. Reflecting on his legacy leads to a broader appreciation of the gems within the genre, from Jackie Chan's action-packed laugh fests to the unexpected delights of comedy entries like "Ricky Stinnicky." This episode serves as a reminder of the rich tapestry of entertainment that continually surprises, challenges, and delights us.
Next Week's Guest on the Ask A CISSP Podcast
Gear up for next week's "Ask A CISSP" podcast, where we'll be welcoming a powerhouse in the world of cybersecurity: Jacob Hill ! As an Executive Vice President of Cybersecurity, Compliance, and Technology, not to mention founding the GRC Academy and host of its amazing podcast (GRC Academy Podcast), Jacob is a force to be reckoned with. We're diving into his "cybersecurity origin story," unpacking the journey that led him to the forefront of the industry.
But that's not all. Jacob will also be sharing invaluable advice on building "your brand" within the cybersecurity landscape, alongside a plethora of insights and wisdom only someone of his caliber can offer. Whether you're a seasoned pro or just dipping your toes into the cyber waters, Jacob's stories and strategies are bound to inspire and elevate your game. Make sure to tune in for a session brimming with knowledge, tips, and inspiration from one of the industry's best!
Thank you for reading and stay tuned for more episodes of The Other Side of the Firewall podcast on Monday, Tuesday, Wednesday, and Fridays, as well as, the Ask A CISSP podcast every Thursday.
Please Like, Share, and Subscribe to the podcast on your platform of choice!
Stay safe, stay secure!
So what do you think of the newsletter?
What was your favorite episode this week?
This was a crazy week, what topics did we miss?
Leave your feedback in the comment section!
CMMC Training for Defense Contractors & DoD
1 年Awesome job on this newsletter, Ryan Williams Sr.! Thanks so much for having me on the podcast, I enjoyed the conversation!!