In this week's episode, Andy and guest Eric Siron discuss the cybersecurity landscape based on data from the Monthly Threat Report for May 2024. They cover a range of news items, including Microsoft's recent announcement to expand the Secure Future Initiative, the new PSTI (Product Security and Telecommunications Infrastructure) Act in the UK and a significant brand impersonation campaign targeting the German financial entity Commerzbank. Additionally, they provide updates on the Change Healthcare ransomware attack. 

Key takeaways: 

• Microsoft’s acknowledgement of security issues is crucial for building customer trust. 
• The PSTI Act in the UK sets standards for consumer device security and compliance. 
• Payment of ransoms in ransomware attacks needs to be carefully evaluated. 
• Data breaches in healthcare can have widespread and long-term consequences for patients and organizations. 

Timestamps: 

(04:02)  Insights from the Latest Monthly Threat Report: Decrease in Email Threats, Top Targeted Industries, and Impersonated Brands

(14:02)  Breaking Bad Habits: QR Codes, OAuth, and User Training

(15:18) Microsoft's Security Issues and Response to CSRB’s Criticism: Committed to Improve Security

(25:23)  New UK Law Mandates Security Standards for Consumer IoT Devices

(34:02) Impact of Ransomware Attack on Change Healthcare and the Dilemma of Paying Ransom 

Episode Resources:

Full Monthly Threat Report May 2024

Sharpen your Instincts with Security Awareness Training