Link to episode

This week's Department of Know is hosted by Rich Stroffolino, with guests Brett Conlon, CISO, American Century Investments, and Michael Bickford, former CISO, New York State Gaming Commission.

Missed the live show? Check it out on YouTube.

The Department of Know is live every Friday at 4:00 p.m. ET. Join us each week by registering for the open discussion at CISOSeries.com.

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent release
of Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on
credentials alone, it requires the right user, the right device, and the right conditions.
Because as we've seen in recent large-scale CRM breaches, stolen credentials and
misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is
exposed, and access is limited to exactly what's needed. Learn more and start your free
trial today at ThreatLocker.com/CISO.

Cosmetics giant Rituals discloses data breach

Apple fixes iOS flaw exploited by the FBI

Microsoft Teams Helpdesk impersonation

Get the show notes here: https://cisoseries.com/cybersecurity-news-rituals-cosmetics-breach-fbi-ios-flaw-fixed-teams-helpdesk-malware-impersonation/

Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

OpenAI shares cyber product with government orgs

Unauthorized Mythos access, Firebox bugs fixed by Mythos

Insurers move to cap LLMjacking cyber payouts

Get the show notes here: https://cisoseries.com/cybersecurity-news-new-openai-cyber-product-unauthorized-mythos-access-insurers-to-cap-llmjacking-payouts/

Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

CISA lacks Mythos access

Lovable denies data leak

YouTube opens up deepfake detection tool

Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-lacks-mythos-lovables-leak-by-design-youtubes-deepfake-detection/

Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Vercel confirms breach, stolen data for sale

ZionSiphon targets water infrastructure

Bluesky blames outage on DDoS

Get the show notes here: https://cisoseries.com/cybersecurity-news-vercel-breach-zionsiphon-targets-water-infrastructure-bluesky-ddos/

Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

London hospitals continue to suffer from 2024 ransomware attack

Four arrested in PowerOFF takedown

Microsoft Defender "RedSun" zero-day

Get the show notes here: https://cisoseries.com/cybersecurity-news-london-hospital-ransomware-legacy-poweroff-takedown-microsoft-redsun-zero-day/

Huge thanks to our sponsor, ThreatLocker

ThreatLocker is extending Zero Trust beyond endpoint control. With their recent releaseof Zero Trust Network Access and Zero Trust Cloud Access, access isn't based on credentials alone, it requires the right user, the right device, and the right conditions. Because as we've seen in recent large-scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With ThreatLocker, nothing is exposed, and access is limited to exactly what's needed. Learn more and start your free trial today at ThreatLocker.com/CISO.

Link to episode page

This week's Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms, security engineering, Kilo Code, and Eduardo Ortiz-Romeu, VP, global head of cybersecurity, Techtronic Industries.

Missed the live show? Check it out on YouTube.

Huge thanks to our sponsor, Conveyor

Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now.
If there is, here's something worth knowing. The teams that have fully automated their customer security reviews didn't just get a better trust center. They switched to an AI platform built for the whole workflow. Conveyor handles trust center, questionnaire automation, and self-serve for sales, all in one place, with AI keeping the knowledge base current so answers are always accurate.
Learn why enterprise SaaS teams choose Conveyor at conveyor.com.

Cisco posts urgent Webex Services warning

Splunk issues fixes for Enterprise vulnerability

Git identity spoof tricks Claude into approving bad code

Get the show notes here: https://cisoseries.com/cybersecurity-news-cisco-webex-warning-splunks-enterprise-fix-git-spoof-tricks-claude/

Huge thanks to our sponsor, Conveyor

Happy Friday. Hope there isn't a fresh security questionnaire sitting in your inbox right now. If there is, here's something worth knowing.
The teams that have fully automated their customer security reviews didn't just get a better trust center.
They switched to an AI platform built for the whole workflow.
Conveyor handles trust center, questionnaire automation, and self-serve for sales, all in one place, with AI keeping the knowledge base current so answers are always accurate. Learn why enterprise SaaS teams choose Conveyor at conveyor.com.