In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience.

They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cyber Hoot, which provides cybersecurity education and vCISO services. Taylor shares insights into why companies, especially SMBs, opt for vCISO services due to budget constraints and the scarcity of cybersecurity professionals. He also talks about the common challenges faced by vCISOs, such as managing burnout and ensuring client adherence to security recommendations.

The conversation delves into the importance of cybersecurity culture, the need for effective education, and the integration of cybersecurity in business practices. Taylor offers practical advice on hiring the right vCISO and highlights the benefits his company provides. The episode concludes with a discussion on the psychology behind successful cybersecurity practices and Taylor's thoughts on the future of the industry.

00:00 Introduction to Cybersecurity Today
00:04 Meet Craig Taylor: The Virtual CISO
00:47 The Early Days of Virtual CISOs
02:15 Building a Cybersecurity Company
03:40 The Rise of Virtual CISO Services
05:01 Challenges and Realities of Cybersecurity
06:42 The Importance of Cyber Literacy
20:38 Managing Cybersecurity Risks
28:05 Understanding Administrative Risks in Onboarding and Offboarding
28:39 Challenges with MSPs and Cybersecurity
29:27 The Importance of Basic Security Measures
31:52 Dealing with Technology Debt
32:52 Balancing Budget and Security Needs
35:13 Real-Life Cybersecurity Incidents
40:17 The Role of Education in Cybersecurity
46:12 Hiring the Right VCISO
51:33 Conclusion and Final Thoughts

Cybersecurity Today: Teenage Ransomware Arrests, GoAnywhere Critical Flaw, and Google AI Vulnerability

In this episode of Cybersecurity Today, hosted by Jim Love, two teenagers were arrested in London for a ransomware attack on Kiddo International preschools, involving child data extortion. The show discusses a critical vulnerability in GoAnywhere MFT servers actively exploited by ransomware operators, emphasizing the need for immediate patching. It also highlights an urgent warning from CSA about a 2021 Windows flaw now under active attack. Additionally, researchers have found a new method to exploit Google's Gemini AI through invisible unicode characters, with Google declining to patch the issue. The episode concludes with security recommendations and a note on the show's upcoming special weekend edition for Canadian Thanksgiving.

00:00 Introduction and Headlines
00:28 Teenagers Arrested for Preschool Ransomware Attack
01:57 Critical Vulnerability in Go Anywhere MFT Servers
03:21 Urgent Alert for 2021 Windows Flaw
04:32 Google Gemini AI's Invisible Prompt Flaw
06:16 Conclusion and Sign-Off

North Korean Hackers Target Crypto Wealth, LinkedIn Fights Data Scraping, and AI Tools Leak Corporate Data

In this episode of Cybersecurity Today, host Jim Love covers the latest cybersecurity headlines including North Korean hackers targeting wealthy crypto investors, LinkedIn suing a firm for creating fake accounts to scrape user data, a massive ransomware campaign by the CIOp gang targeting Oracle’s E-Business Suite, and new research highlighting AI tools as the top channel for corporate data leaks. Listen in for insights and key takeaways to protect your digital assets and corporate data.

00:00 North Korean Hackers Target Wealthy Crypto Holders
02:09 LinkedIn Sues Over 1 Million Fake Accounts
03:46 Ransomware Attack on Oracle's E-Business Suite
05:42 AI Tools: The New Channel for Corporate Data Leaks
07:53 Conclusion and Contact Information