Episode 25: Combating Security Debt, Ticketfly Defacement And Data Breach

Digital Shadows

In this edition of Shadow Talk, Richard Gold joins us to discuss the issue of security debt, a term used to refer to the accumulation of security risks over time, such as missed patches, misapplied configurations, mismanaged user accounts. Richard looks into how many of the attacks we see on a regular basis are actually a result of security risks that build up over time, and how security debt is a ticking time bomb for most organizations. In Part II, Harrison Van Riper covers the recent website defacement attack and data breach incident targeting the event ticketing company, Ticketfly. Security debt resources: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/286667/FAQ2_-_Managing_Information_Risk_at_OFFICIAL_v2_-_March_2014.pdf

 

Previous Post
Episode 26: Mythbusting Vulnerabilities and Exploits
Episode 26: Mythbusting Vulnerabilities and Exploits

Simon Hall and Richard Gold join Rafael Amado to discuss misconceptions around vulnerabilities and exploits...

Next Post
Episode 24: Seize and Desist: Changes in the cybercriminal underground
Episode 24: Seize and Desist: Changes in the cybercriminal underground

Rafael Amado and Michael Marriott discuss how the criminal underground has evolved since the demise of Alph...

Subscribe to ShadowTalk Podcast on iTunes!

Click Here