API Security , Cyber Fail , Election Security
Cyber Fail: Attack of the Zombie APIs!
Also: Election Security Dysfunction; the Legacy of Government-Backed SpywareWelcome to "Cyber Fail," where our experts uncover fails so we can all strengthen our defenses. Today, we take on the looming menace of zombie APIs, the terrors of election dysfunction and the scary legacy of government-backed spyware and its impact on privacy rights.
See Also: The Healthcare CISO’s Guide to Medical IoT Security
In this episode:
- Attack of the Zombie APIs! Experts warn that attacks on insecure APIs are growing, as 41% of IT leaders report that they have no way of knowing how many shadow, orphaned and zombie APIs are on their systems. Our experts say it's time to give the double-tap to zombie APIs.
- Report Card: Election Fail. What if your Electoral Commission took a basic cybersecurity assessment and received an “automatic fail” during an audit? Would it surprise you that around that same time, someone accessed the commission's emails and potentially the personal data of 40 million voters? Of course not.
- Can We Hide From Sherlock? Sherlock, a new brand of spyware from Israel, can infect Windows, Android and iPhone devices using no-click malware distributed through online ads. Our experts pontificate on the state of nation-state surveillance.
- Cyber Fix. Peiter "Mudge" Zatko has had an illustrious career - former hacker, security researcher, DARPA security manager and a former CISO who became the industry's most noted whistleblower when he testified before Congress about security issues at Twitter. We all wondered where Mudge would land. It turned out to be the U.S. Cybersecurity and Infrastructure Security Agency.
Be sure to catch Anna Delaney, director of productions, ISMG, and our special guests for the next episode of "Cyber Fail."
Special Guests
- Chase Cunningham, Dr. Zero Trust, podcaster, security adviser
- Richard Bird, CSO, Traceable
- Quentyn Taylor, senior director, information security, EMEA, Canon
- Joe Sullivan, CEO, Ukraine Friends, and former CISO
- Michelle Dennedy, co-founder and CEO, PrivacyCode.ai
ISMG contributors: Tom Field, senior vice president, editorial, ISMG; Tony Morbin, executive news editor, EU; Mathew Schwartz, executive editor of DataBreachToday and Europe; and Rashmi Ramesh, assistant editor, ISMG.