S1 EP. 19: New CISA Guidelines, Kaiser Data Leak, Okta Credential Stuffing Attacks
In Episode 19 of The State of Enterprise IT Security, Brad Bussie tackles critical issues affecting the cybersecurity landscape. From new CISA guidelines aimed at protecting critical U.S. infrastructure to major data leaks impacting millions, this episode dives deep into the challenges and strategies for securing our digital world.
Topics Covered:
Topics Covered:
- CISA Guidelines for AI in Critical Infrastructure: Discussion on new measures to enhance the security of U.S. critical infrastructure against AI-related threats.
- Kaiser Data Leak: Examination of a significant data breach affecting 13.4 million Kaiser members, including the inadvertent sharing of data with advertisers.
- Okta Credential Stuffing Attacks: Analysis of the recent spike in credential stuffing attacks against Okta accounts, exacerbated by the use of residential proxy services.
Key Takeaways:
- CISA is intensifying efforts to safeguard critical infrastructure by focusing on AI risks, proposing a comprehensive plan for risk management.
- Kaiser's data leak highlights the ongoing challenges in protecting personal health information and the risks associated with third-party data sharing.
- Okta's experience with credential stuffing attacks illustrates the evolving tactics of cybercriminals and the importance of robust cybersecurity measures, including enhanced authentication processes.
Mentions & References:
- CISA (Cybersecurity and Infrastructure Security Agency)
- Kaiser Permanente
- Okta
- Techniques like residential proxy services that facilitate anonymity in cyber attacks.
- Time Stamps with Highlights:
[00:00:33] Introduction to Episode 19 Topics
[00:01:24] CISA's New AI Security Guidelines
[00:06:33] Data Leak Impacting Kaiser Insurance Members
[00:11:02] Rise in Okta Credential Stuffing Attacks
Follow Us:
X (Twitter)
YouTube
About the Show:
The State of Enterprise IT Security podcast, hosted by e360, is your go-to source for making IT security approachable and actionable for technology leaders. Join us for insightful discussions and expert analysis on the latest cybersecurity topics and trends.
About e360:
e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services, driving digital transformation for global and national enterprises with top-tier expertise.
Visit us: www.e360.com
