Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:02
When it comes to the zero-day attacks, zero-day
0:06
attacks will happen and
0:08
it's
0:09
just a nature of the digital
0:12
world that we live in as
0:14
the Cyber Security Professionals. We
0:16
need to be aware of
0:19
the fact that is the
0:21
reality but
0:22
actors are now casting this wide net. It's
0:25
essentially irresistible and they
0:27
are doing an indiscriminate Target. Don't figure
0:29
it out. they want to Target after they've caught.
0:34
This. Is, see see,
0:37
the podcast below here's A and
0:39
Know People Leader and
0:41
Cyber Security Experts about how
0:44
to say a Nexus and,
0:46
Protected Every Episode
0:48
will explore different. Cyber challenges
0:50
and highlight the many ways we can
0:53
enhance our online security reduce
0:55
the likelihood of, a top and
0:57
improve. our digital confidence
1:01
i'm your host or that mcgowan
1:05
When
1:11
it comes to hackers with malicious intent
1:13
most of them aren't in the business of
1:16
playing said in. fact
1:18
bad actors will do anything they can
1:21
to catch you with your guard down and
1:23
take advantage of any vulnerabilities
1:26
they can identify The Your Network. Zero
1:29
day exploit or a cat refers
1:32
to a cyber security had that
1:34
takes advantage of a flaw or
1:37
vulnerability. In a system for.
1:39
developers aren't even aware of it
1:42
for have time to six it hence
1:44
the term zero day Since
1:47
cyber security issues has skyrocketed
1:50
recent years, it comes as no
1:52
surprise that twenty one was
1:54
the worst year for zero
1:57
the attacks in history.
2:00
With almost double the total number
2:02
of attacks in twenty in,
2:04
this episode my guest and I
2:07
will be exploring the phenomenon of
2:09
zero the attacks. how they
2:11
Work and, most importantly
2:14
How they can be avoided are mitigated. In
2:16
the future.
2:21
That actors are becoming increasingly
2:23
cutting when it comes to finding new
2:25
ways to perform ill intentioned
2:27
hacks. Zero day attacks
2:29
have become one of their sneaky methods
2:32
to date our. first
2:34
guess stephen kerner The
2:36
working and cyber security for upwards
2:38
of a decade. The most recently
2:41
he spent the past few years running TD's
2:43
Cyber Security Operations Center. The
2:46
provided an overview of the growing
2:48
trend of zero day attack.
2:51
So as Euro Day exploit
2:54
is something that has never. seen
2:56
before within the industry, the
2:58
reason that it's called the zero days that are days
3:01
euro the day that it is first
3:03
used on or first discovered
3:05
his is daisy or of so the
3:08
interesting and risky thing about that
3:10
is that. There's. A up at
3:12
that point in time, there is very little known
3:14
about that vulnerabilities, how
3:17
it can be exploited and than most
3:19
importantly, for us on the defensive side
3:21
of things. Is how do we stop it from
3:23
been exploited, how do we stop attackers
3:25
from using this gap
3:27
this one or ability to perform
3:30
some sort of malicious activity against
3:33
the assets? That we protect.
3:35
Then. And the zero day should
3:37
be discovered, hopefully that
3:40
and that they're usually discovered by security
3:42
researchers so people that when
3:44
they find this information is using
3:47
proper discovery techniques, the
3:49
reason. Proper disclosure techniques:
3:51
They're going to inform the right people at the
3:53
right order for good purposes, but
3:55
sometimes threat actors find
3:57
those one abilities first and that's when
3:59
the. The ramp up
4:01
and there's a lot more risk involved in those situations.
4:06
One of the most insidious aspects of
4:08
the zero, the attack. That a bad
4:10
actors were performing them aren't
4:12
necessary. Only after a specific Target
4:14
often, they're
4:16
really just throwing stuff at the wall and
4:19
seeing what sticks. Jake,
4:22
Norwood the lead cybersecurity delivery
4:24
executive for EU and
4:26
the UK at boo. Allen Hamilton
4:29
provided a well known example of
4:31
this Saturday in action.
4:35
There was a a, capable
4:37
actor an espionage motivated actor
4:40
who compromised. little company
4:43
Then. Provided. A fairly common
4:45
piece of software called solar winds
4:48
and then got into the actual patch
4:51
for that, a system, and then
4:53
that compromised patch went out to many
4:55
users. And and some users installed
4:57
it or not all, and some of those
4:59
installed users happened to be on that bad
5:01
actor's target list, so
5:03
I think we used to think that. A bad actor
5:05
would look at a target right they look
5:07
at like the bank and they'd say we
5:09
want to get into this pain when,
5:12
I think is much more. Common and therefore
5:14
a greater risk for most institutions is
5:16
kinda like what happened during solar winds a
5:19
capable after cast wide net.
5:21
they're going to hit Everybody. That they
5:23
can and that a once they've hit
5:26
the landed some successful footholds,
5:29
then they start looking through what they got right
5:31
so it's not fishing with a symbol line and. A hot
5:34
it's fishing with a net in the nerds they
5:36
can a catch and release what they want and don't
5:38
want from inside of that net so.
5:40
the case of zero day especially
5:42
day public to zero day for this couple
5:45
a days between us between know there's a problem
5:47
and there's and patch Or
5:49
would you look at those kinds of scenarios,
5:52
your this really, really dangerous position where
5:54
lots of bad actors are now casting this wide
5:56
net that's essentially irresistible?
6:00
And they are doing an indiscriminate of Target.
6:02
Bill figure it They want the target after they've caught
6:04
it. When
6:06
we hear stories like the one Jake relate
6:08
about solarwinds one of the,
6:10
most common questions that comes is what
6:13
kind of person would do this. or? Of
6:15
course most of. The aren't completely blind
6:18
to the fact that there are bad people
6:20
in the world. That it can often
6:22
be difficult to grasp the concept,
6:24
but there are people who spend their time
6:27
trying to hack into a closed system
6:29
for financial. In or some other
6:31
incentives.
6:33
Analysts curry that is a senior vice
6:35
president of advance cyber defense
6:38
at booz Allen Hamilton. See,
6:41
I see. Her fair share of malicious hackers
6:43
throughout her career. However.
6:46
He explains and zero the attacks
6:48
aren't always the result of ill intent.
6:51
The sad. They can very awesome
6:53
be the result of an unsuspecting Internet
6:55
users stumbling around of the dark
6:58
and coming across a network vulnerability
7:00
without even trying.
7:03
I don't want to necessarily say that marries
7:06
a type of the soccer and attacker.
7:08
You can definitely take different shapes
7:10
and forms I think with Muslim
7:13
forty turned a fan here the.
7:15
type of any Her fan
7:17
or any in a bad actor
7:20
that discovers or even executes
7:22
the AH there, it a tax
7:25
depends purely on the motivation.
7:28
And what I mean by that is.
7:31
The, you know? Though, for example, if a motivation
7:34
is political than maybe it
7:36
would be in a politically motivated
7:39
Ah nation states group
7:41
that is executing it's maybe
7:43
he know. It's something or
7:46
someone I have a fake who is really
7:49
trying to. Okay,
7:51
there, you know, cause whether it's
7:54
climate change is aware that they are
7:56
bullies and so that type
7:58
of you know motivation. Dr.
8:00
Perhaps more increase in that could have
8:02
to this activity when it comes to, it's trying
8:04
to find a zero day and than exploit an attack
8:07
them. They can take different shapes
8:09
and forms, you know, so kinda cyber criminal
8:11
groups hacks it is that. And already
8:13
as well as the other areas of
8:15
what I do want to highlight, though, is that
8:18
a lot of times. The talk about the are they
8:20
being the? The ocean of the bad guys are,
8:22
you know, they hackers but
8:25
quite often. I'm
8:27
on day zero days are actually
8:29
inadvertently discovered. By
8:32
either the you there is, so that's why
8:34
I. I think that finding and defining
8:36
the who is actually. A.
8:38
Bad person in this case kinda
8:40
potential as you're a I use the air us
8:43
or you know me the not have an Arab
8:45
a this is the usage of the software.
8:47
And a user, or you know, even
8:49
have an application, develop our earth
8:52
in a someone who is this working with that, you
8:54
know, environment. What he's and just
8:56
stumbled across and inadvertently exploits
8:59
I see many time.
9:02
It. Happened an exit personally when I
9:04
used to work isn't the data
9:06
in a long, long time and us in our I might
9:08
have the Vienna like done the same because I. Had
9:10
a piece of equipment dice you
9:12
miss consider it's, and I accidentally
9:15
cause the Mississippi tag that know when
9:17
you. They were possible, you know, but
9:19
is it happened because again of Miss Configuration's
9:22
says of kind of finding those flaws can happen,
9:24
you know, not only with an end to it like Melissa
9:26
sentence, but sometimes. You know that
9:29
happens as a youth Arab experience. You're
9:32
asking about the who have zero the
9:34
attacks. The next person might
9:36
be. Why? Anna
9:39
mentioned the reasons for zero the
9:41
attack. The can be complex for
9:43
the most part.
9:44
The peppery comes down to the very thing
9:46
that makes the world go round. You
9:48
guessed it. The money. The
9:51
battle for cyber security. We
9:54
know there are the bad guys. The
9:57
good guy. There are also
9:59
people. In in the background. Seek
10:01
out zero day vulnerabilities, the for
10:04
the bad guys can find them. Ultimately.
10:07
Helping companies avoid an attack.
10:10
That explains.
10:12
Though the way I can think about it,
10:14
you know, there are bad guys that. That race
10:17
they're basically. Trying to
10:19
find all the flaws and then attack
10:21
head and then sell it on the dark markets and him
10:23
on his has it that way, then you have the
10:25
concept of the red team of tidies
10:28
or the red sea Murray's our within a to organization
10:31
that actually well being. void
10:33
by the organization to performance,
10:36
but other that third group of would
10:38
you would consider probably brave hat
10:40
hackers and a,
10:43
you know, would they do it? This
10:45
is just. Professional. Third,
10:47
like finding are like security, like
10:49
finding he know things that are not
10:52
known there, a lot of people that's a thrive
10:54
on that, and so what they do is they. Discovered
10:56
the vulnerabilities, but instead of maliciously
10:58
exploiting them as a Zero day attack. They
11:01
will notify the company even though they
11:03
not employed by them, but they will notify the company.
11:06
And in the early you
11:09
would hope that the company would say, oh, great
11:11
job, but it
11:13
became a business where, you know, there
11:15
is such, you know, what you would consider Brokers
11:18
such as bug Bounty programs. Essentially
11:21
submitted as a bug and then
11:23
they organization who subscribes to the
11:25
bug Bounty.
11:26
They will anonymously or not.
11:28
So anonymously pay you for your researcher
11:30
for your submissions, just kind of, you
11:32
know, that you
11:34
and independent from the company,
11:37
that company subscribes to the bug Bounty. But
11:39
then here are you getting paid by the bug Bounty?
11:41
But that accompanies basically, is
11:44
the bug, bomb discuss. so essentially,
11:46
you know, it's kinda like that broker
11:48
it's ecosystem that was created
11:51
to make sure that they're not unlimited,
11:53
a holiday resorts of faith there
11:56
and defend time he know, the company
11:58
said the benefit of that.
12:00
Crowdsourcing of zero day vulnerabilities
12:02
discovery.
12:05
There are they attack. In effect, individuals.
12:08
For businesses of all shapes and sizes
12:11
and, of course with higher stakes
12:13
comes higher risk of incurring some
12:16
serious losses the company's
12:18
profitability
12:20
This is why taking preventative measures
12:22
in advance to mitigate the damage. The consequences
12:25
is critical.
12:27
They call this practicing good
12:29
cyber hygiene.
12:31
I. Think the best way for have any company
12:33
right, small company big company to
12:36
reduce exposure to
12:38
the vulnerability problem comes down
12:40
to a lot of fundamentals and
12:42
these scale. With your size, a company like you don't
12:44
need a five hundred million
12:46
or a hundred million or billion dollar
12:49
cyber security, much it's do most of these things
12:51
your company is. Bigger, it's harder to do,
12:53
rights is a big difference between fifty and points
12:55
and five hundred thousand and points in your and your
12:57
network, but even as inventories amazing
13:00
push. The start of, the and but what's
13:02
your as or and that's real
13:04
challenge for mature organizations
13:06
all over the world once you have that ass inventory
13:09
but of actual. Physical assets and where they are,
13:11
but also, you know what software you
13:13
running, what do you have on your network, what's
13:16
the middle where are being these extra little
13:18
pieces? Of software in the middle. of
13:20
other software that you're using some of the
13:22
most famous zero days and pseudo zero
13:24
days we've seen over the last couple of years were
13:26
in middleware and so very difficult
13:29
to remediate because you don't even know if your habits
13:32
so learning in advance before
13:34
you find out that there's a big announcement of
13:36
a big vulnerability of what you have
13:39
increases your velocity of response
13:42
That the other big thing that I think
13:44
that. Companies. Need to do is they
13:46
need to do everything in their power to accelerate
13:49
the velocity of response so that
13:51
means preparation right them
13:53
is having an instant response plan it's
13:55
and. That it's response plan covers both what the technical
13:57
responders do and with the executive.
14:00
What? The lawyers do with your public communications
14:02
team still rights, you need to write
14:04
that plan, you need to practice that plan drill
14:07
that plants every time something
14:09
happens, need to actually. Pull the plan out,
14:11
use it and then you realize that you wrote
14:13
of badly and you fix it and,
14:15
you do it again, so a lot of
14:17
what you. Need to do to prepare for prepare bad day is accepting
14:20
that the bad days going to come it will. come
14:22
and maybe it'll be and minor bad day
14:24
and that's great of maybe you'll be a catastrophic
14:27
bad day and that's not great but you need
14:29
to prepare for Know what you have
14:31
good cyber hygiene keep everything
14:33
that you have is up to date as you can you.
14:36
know have process to accelerate
14:38
things and make sure that your answer response
14:40
processed operates quickly
14:42
and efficiently and makes the right decisions
14:44
quickly it's you know because the damage
14:46
that's going to come is mostly gonna
14:48
come as a result of delay Then. Longer
14:50
it takes to make a decision, the more time to bad actor has
14:52
to at once you've kicked a bad actor
14:54
out the longer it takes to communicate with your regulators.
14:57
Or with your clients what's happened, the
14:59
cranky are they getting the board business you lose
15:01
the more reputational damage you suffer so?
15:04
Speed is really, really important of these facts.
15:08
Shake reminds us that bad day
15:10
is going to things so.
15:12
what happens when that bad day finally
15:15
does arrive The
15:17
explains the steps a company should take
15:19
when they become aware of a vulnerability that
15:21
a zero they are. Worker is trying
15:23
to exploit.
15:26
welcoming them is aware of a vulnerability, the
15:28
immediately need to figure out how to mitigate that
15:30
vulnerability, usually that means they read a
15:32
patch. That closes
15:34
off her fixes that vulnerability. Running.
15:37
Apache me difficult because sixty
15:39
one problem could create new problems, sixty one
15:41
problem could just stop the thing from
15:43
working I and one of the things that largest
15:45
at especially large. Enterprises up and deal
15:48
with is what they receive a pass from a company,
15:50
stood the test that patch in their environment
15:52
because that past might not just breaks
15:54
the original. Piece of software that it's fixing
15:57
is it my break, a whole bunch of other stuff is
15:59
critical to an end up. So this through there
16:01
are a ripple cascade problem, but bullets
16:03
let's talk about the kind of instance where a zero
16:05
day becomes publicly known but the
16:07
patches and out yet. Maybe. Either
16:09
way, that the zero day got known as happens in
16:11
some of these big, high profile attacks is
16:14
a instant response company discovers
16:17
and attacked realizes
16:19
that the way to this. Attack happened was that it the
16:21
compromise of parts are the exploitation
16:23
of a particular previously undiscovered
16:25
vulnerabilities and now that vulnerabilities public
16:28
and a developer that owns that vulnerabilities
16:31
freaking. Out trying to figure out how to plug
16:33
this whole rights, so from the moment they
16:35
hear about it until the moment that Patch comes
16:37
out, all they're doing is trying to.
16:39
Find a way to pass it and if they can't
16:41
pass it's coming up with medications
16:44
that will. Reduce. The
16:46
risk or prevent the risk we're
16:48
without patching, for example, if you set your configuration
16:50
to not allowed to next and on certain parts
16:52
that will mitigate the problem until there's. A pass
16:55
out in some cases, they might say this
16:57
is completely unsafe, turn it off. Don't!
16:59
Use this platform
17:01
or the software this tool and
17:03
tell we had we have delivered the patch that's
17:06
a really big problem for a lot of companies, obviously
17:08
because if that's if. That is a software is critical
17:10
to what they do, you could be shutting
17:13
down an entire enterprise and causing substantial
17:15
business impacts to that's what's happening the background,
17:17
meanwhile, your cyber. Security team. They.
17:20
Tried to apply medications they haven't been provided
17:22
with the mitigation, they're trying to invent a mitigation once
17:25
the patches out there to test the past makes her
17:27
doesn't crash other critical. Systems within
17:29
the Enterprise and, then once they perform
17:31
the test they have to get all of these
17:33
dots are application owners
17:36
and server owners and sis
17:38
admins to deploy. The balls,
17:40
and so you end up with this really
17:43
frightening really little life cycle where
17:45
you got that the truth zero day window when
17:47
the bad guy knows about the. vulnerability in the good guy.
17:49
doesn't then you have this window from
17:51
the good guy knowing about the window
17:53
but not being able to do anything about it until
17:55
that passer mitigation as published hopefully
17:58
that's not more than that's couple of days And.
18:00
Then, from that line with the patches
18:02
published until the past is actually
18:04
deployed, could be anywhere from
18:06
three days to three
18:09
months in a in a mature, responsible
18:12
companies and never. Mind companies that never
18:14
get around to patching stuff right, which happens.
18:16
What that means, though, in what we see, is that?
18:19
The truth, he wrote, "A window, you have
18:21
the bad guy splitting it" The mitigated
18:24
rights didn't in that window between
18:27
public announcements and effectively
18:29
applying the patch which again is gonna be anywhere
18:31
from like three days to three
18:34
months in. that window
18:37
Then. Bad guy begins: "You're all
18:39
the bad guys in the world because is now public information
18:42
begin looking for opportunities the cast that
18:44
wide net and to exploit that vulnerability
18:47
out what. We've seen as that frequently
18:49
forty eight hours is all it takes on
18:51
the long and for a bad guy to hear
18:53
about a vulnerability that he didn't know about the day. Before
18:56
and started splitting it twenty.
18:58
four to forty eight hours you're fast
19:00
as companies are frequently patching within three
19:03
days we're looking at generously
19:05
at day two days of unmitigated
19:08
potential accessed if accessed company
19:10
doesn't have a full defense
19:12
in depth approach which is the safe multiple
19:14
defenses against different kinds of attacks
19:16
aren't reliance on knowing the exact
19:18
signature the attack
19:22
Knowing the right defensive strategies is
19:24
key, but as we know it's
19:27
important that companies are. The up on the offense
19:29
to. The been reminded
19:31
us that keeping up with the latest tools
19:33
and technologies is. Critical
19:36
for cyber professionals today.
19:39
Then comes the zero day vulnerabilities and
19:41
sure that you have a process
19:44
in place to continuously.
19:47
Update your systems.
19:50
You know in a robust manner and sure that
19:52
your life cycle for updating
19:54
the, currency of your systems is
19:56
it the software that you use
19:59
his Fairly. Robust and
20:01
utilize, you know, technologies
20:03
such as Cloud to be able to do
20:06
this don't allow your systems to gather
20:08
years and years of technical
20:10
data without updates because that. Just makes
20:12
your job that much harder when they're zero day vulnerabilities.
20:16
And then? From there, you know, invest
20:18
in very simple tools like a vulnerability
20:20
scanner to scan your
20:22
assets, because even just simple
20:25
things like that will give you
20:27
a lot of information about what assets
20:29
you have, what on abilities they have can
20:31
be very helpful. Then when there
20:33
is a new. On ability that is released
20:36
and these systems will automatically
20:38
update themselves with the newest signatures
20:41
when the newest on abilities that be to be detected
20:43
and move of I'd you very simple to use dashboards
20:46
to. They make decisions on
20:48
pardon. What needs to be fixed?
20:52
And I'll also had some wise words to share
20:55
about mitigating the negative consequences
20:57
of a zero day attack or any
21:00
other cyber security disaster for that
21:02
matter. The saying goes,
21:04
keep calm and carry on.
21:07
Then. Wind Organization discovered that they
21:09
have been is it attacked with
21:12
at zero day or any other
21:14
attack, or they were exposed, especially
21:16
to this any type of zero day
21:18
vulnerability that. Might have been
21:20
exploited, I think the very first
21:22
thing that organization needs to
21:24
do or of his assets to keep calm
21:27
when I see him is everybody starts
21:29
panicking, Hessman The. Panic sets
21:31
and a lot of this rest and
21:33
has, you know, like very hasty
21:35
decisions are made, and I think
21:38
the number one thing that any organization
21:40
where they, you know. Senior executives
21:42
are all the way down to the in,
21:45
a signal insists that might be
21:47
involves this U.S. You organize
21:49
themselves and pause.
21:52
Then I don't mean to say "pause" for a very
21:54
long time because time is of innocence,
21:57
but Elsa don't think that diving
21:59
straight in without. Even giving you know
22:01
any kind of time to organize
22:04
and collect the thoughts and really
22:06
understand the. Open impact to come up with
22:08
this very short term impact
22:11
on plan. The gonna do, really.
22:14
More damage as. Rush into it and then you
22:16
know then that said the way I would say I
22:18
would probably say keep calm Vienna.
22:21
and ah Panic and
22:23
for three sets race contain eradicate
22:25
and recovery. So, you know, if you
22:28
keep calm and contain many, you
22:30
feel like, okay? Okay, now, Eurethra,
22:32
the next step of the process, and that is in
22:35
part to keep calm, and you know now that you a third
22:37
eradication, which is basically cleaning
22:39
up everything that. Understanding
22:42
the root cause and then, after that,
22:44
once you have completed that face, you
22:47
know again. Keep calm upgrades, if you
22:49
know, and then recover, and by the
22:51
recovery, I mean, you know, implement
22:53
the. For you might
22:56
have met. You know, in the previous
22:58
steps that led to this attack. Except
23:01
the found that. That's not
23:03
a bad security program. You
23:06
have been exposed to the zero days,
23:09
it's it happens and we work
23:11
in the environment that is ever changing
23:14
and we will never. The
23:16
always hundred percent.
23:18
The cure it, it that's kind of the
23:21
nature of it, so I think. My
23:23
thing is, don't panic, keep calm and
23:25
don't blame yourself.
23:28
Overall, keeping a level headed attitude
23:31
and remaining aware of the risk we face
23:34
in the digital world today. "To
23:36
have the keys to staying", Cyber says.
23:39
A shared some sign up. The word. That
23:42
will help her pick fear out of the equation
23:44
and minimize or risk of a. It's going
23:46
forward. The very
23:49
day tax will happen. And.
23:52
It says, and nature of the
23:55
digital world, that. The live in I.
23:57
think i The fabric,
23:59
the cute. The professionals, as a cyber security
24:01
executive. We need
24:03
to be aware of
24:05
the fact that. That is the reality
24:09
and. The pyramid,
24:11
try to mimic. Our everyday
24:13
lives. When going with cyber
24:15
quite often, I think even the a cyber
24:18
security. "You know college graduate
24:20
since they start thinking about cyber
24:23
being", said said. scary world,
24:25
they are, you know, so complicated or
24:27
if I picked him up" Therein lay with the hit
24:29
or probably sitting and looking at me and
24:31
thing, what is all the cyber? That are you talking about?
24:34
But I would like. Try
24:37
and think of this, I've heard nothing but your
24:40
own personal life, so, for example, if
24:42
you have. High value
24:45
paper is high value assets.
24:48
The happen. You
24:50
know take certain steps to protect the whether
24:52
it is taking it to the bank and
24:54
subscribing to the bank security
24:57
key chain at. that point you go to
24:59
the banking on going to trust the first day You're
25:01
going to go ahead and say okay, Mr.
25:04
Bean for cheaper, so me what? The Keith,
25:06
how would I do the kids is at once you, the two
25:08
kids who is going to be allowing
25:10
me a difference is one person so
25:13
on that? Human level
25:15
will actually validate the security
25:18
controls that if you mimic
25:20
them and the cyber world life will lead
25:22
you to the same type of security controls
25:25
in the computer, so if you buy
25:27
a software and you want to put your passwords on
25:29
there. You know, do little bit of a diligence
25:31
and find out as far as. Wait,
25:34
a second is that the same level of protection
25:36
that I would expect from my bank if I were to put
25:38
much he knows my savings, it may
25:40
remind you know papers and there's
25:43
ah same in the house, you know, if you have
25:45
the health protection. And you use
25:47
the alarm and the lock and the
25:49
guard dog, and all of that his defense
25:52
and deaths, you know that he approached, use
25:54
the word that is the attacker is similar
25:56
needs to be kind of muna thought through the
25:58
computer world so. I
26:00
think you know to me, I just want to make
26:02
sure that. Favorite:
26:04
Not scary, said with access, super exciting
26:07
and Nina Cyber. Nothing
26:10
but taking your a real date concepts
26:12
and applying them to the digital world,
26:15
but everything that we. The you in
26:17
our everyday lives to
26:20
reduce the risk of any it's
26:22
hot. Cyber is
26:24
exactly how you know I personally
26:27
think we should be thinking about. Our
26:29
it is for world because it's
26:31
similar.
26:37
The oh, the attacks are just one way.
26:40
Bad actors are capitalizing on vulnerability.
26:43
In protected networks around the world.
26:45
We hope today's episode has helped you learn
26:48
more about these attacks and how you
26:50
can lower your risk and take action
26:53
when you are inevitably the. exposed
26:55
to a vulnerability in the future.
26:58
recap here, are three key
27:00
insight we can all take away from
27:02
this episode There's
27:05
zero. the attacks are on the rise
27:08
but that does it mean We should lose our cool
27:10
remaining. aware of the rest are healthy
27:12
are pro actively prevent future attacks
27:15
While mean creating a calm and collected attitude.
27:20
It's important that we stay on top of system
27:23
updates and the latest tech tools
27:25
that can help us prevent and
27:27
mitigated. Keep
27:29
your finger on the. Half of the industry
27:32
and take a regular. Inventory of.
27:34
The network to stay safe. And
27:37
final table.
27:39
The never be a time when our risk of
27:41
cyber attacks is that.
27:42
Hero present in. this
27:44
digital world cyber security risk
27:47
come with the territory the learning
27:49
to roll with the punches will take you
27:51
very
28:00
That is the Anna Steven and
28:02
Change.
28:03
For sharing your expert knowledge and,
28:05
thank you for listening to see sweet if
28:07
you like what you heard
28:09
Be sure to leave us a rating and review
28:11
on Apple Podcasts join.
28:13
me for the season finale Aaron
28:16
in June I'm, quite at
28:18
mcgowan and remember with
28:20
over four billion of us online we
28:23
have to do everything possible to
28:25
keep ourselves And that's it and.
28:28
to the
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More