
Loading summary
Rich
From the CISO series, it's cybersecurity headlines. Google acquires cybersecurity Firm Wiz for $32 billion. Senate bill offers improved cybersecurity for water utilities. And Hellcat's JIRA campaign strikes again. These are some of the stories that my colleagues and I have selected from this past week's cybersecurity headlines. And now we're looking forward to some insight, some opinion and indeed some expertise from our returning guest making her third appearance on the show, Christina Shannon, CIO over at KIK Consumer Products. Christina, it has been too long. I gotta ask though, how was your week in cybersecurity?
Christina Shannon
Week's going great, Rich. Good to see you too. You know, it's a nice thing to see. It might be a little premature for me to say cause I'm not sure I have enough data to see if this is a pattern or not, but at least for me, we're doing our cybersecurity insurance renewal and it seems like the last few years of what I call crazy premiums are starting to normalize.
Rich
Hey. So. Hey. Well, we'll have to keep tabs on that. But that's, I like the little scuttlebutt here. This is, this is nice. This is nice. And that's why we did award you three stars. Our producer Steve Prentice put up the three stars for our three time guest. So thank you so much for gracing the show. Once again, thanks also to our sponsor Delete me, take control of your personal data. We'll hear more from them later in the show. I'm going to say, you know, they haven't been a sponsor for three times but they have potential to be a three star sponsor as well. Join us on YouTube live. Do so go to CISO series.com hit the events dropdown and look for the cybersecurity headlines Week in review image. You can just click on it to join us. Get in there. I see some new names in there. Stuart Sandstrom, of course, one of our regular ccl, the big boss man, David Spark and Kevin Ferrell all making their time to make the show better with their comments and you can indeed join them. So get in that chat and contribute. Just some quick housekeeping here. A little bit of breaking news here before we get into our discussion. Big hat tip to security researcher Brian Krebs. You may have heard of him, he is on security quite frequently. He highlighted that the US treasury just announced it is lifting sanctions against the cryptocurrency mixer Tornado Cash. We cover them quite a bit in 2022, 2023, their initial sanctions, kind of the arrest and sentencing of a lot of their leadership. They're responsible for laundering at least half a billion dollars for the North Korean Lazarus Group, among many others, billions of dollars in money laundering. In lifting the sanctions, the treasury said it remains deeply concerned about the significant state sponsored hacking and money laundering, but that digital assets present enormous opportunities for innovation and value creation for the American people. Read those tea leaves as you will. Before we get into the discussion portion of this, quick reminder that all the opinions Christina is going to be presenting are indeed her own, necessarily those of our employer, family, friends, staff or affiliates. Next. First up here, the big story that got everybody talking this week. Google acquiring the cybersecurity Firm Wiz for $32 billion. I promise I won't say it every time like that. The global tech giant has decided to ease on down the road, according to Wiz, its largest purchase to date. The Financial Times says that Wiz and Alphabet have agreed to a $3.2 billion termination fee, which lets Wiz run like an independent company if the deal falls through or is significant, significantly delayed. So the deal was announced, it is not, you know, it will probably take upwards of a year or more for it to actually close. But Christina, clearly this is not intended to be, you know, a heavy load for Google. Rather, it's a move to strengthen its position in the competitive cloud market, particularly in the era of rapid AI advancement, something they're trying to keep pace with. Last week on the show we were reporting on the DoJ's intention to break up Google. I guess they didn't get the memo or like, what if we got bigger instead? I'll be in a different, completely different market here. I'm curious, what's your take on this?
Christina Shannon
You know, when I think about who are the big cloud providers, right, you always think aws, you think Microsoft Azure, and then you think about their security bundlings and they're pretty mature and they're getting more mature. And then, I mean a distant third, at least for my head, is Google, right? Like in terms of organizations that are adopting and what they use. And so I think this is a really good move for Google in the sense of increasing their market share. And I think that, you know, this will Wiz is a great product. So I think adding that to their, to their cloud platform, as long as it's integrated well, I think that, you know, could give them a big boost in terms of customers.
Rich
Yeah, it's definitely, I mean, I've been, you know, kind of following the cloud, you know, the public cloud race going back to 2015, 2016, and it's always AWS, Azure and Google and their, and their whole thing for the longest time was they were kind of one of the early pioneers in a lot of AI, like enterprise AI workloads and that kind of stuff, being very friendly to that everybody else is caught up to there. So yeah, it kind of makes sense. And I really don't feel, I don't know what the case would be for this to be seen as anti competitive when you have such a fairly, you know, I mean, three players is a diverse market when it comes to big tech these days anymore.
Christina Shannon
I agree. Yeah.
Rich
All right, next up here, Senate bill offers improved cybersecurity for water utilities. The bill is being reintroduced by Senators Katherine Cortez Masto of Nevada and Mike Rounds of South Dakota after previous legislation was stalled during the 118th Congress. Named the Cybersecurity for Rural Water Systems Act a little disappointed there's not a better acronym. The bill would update and expand the Department of Agriculture's circuit rider program, which provides technical assistance to rural water systems. A press release announcing the bill states that just 20% of water and wastewater systems across the US have basic cyber protections. Gulp. So, Christina, we have covered the fragility of the water system and water utilities a few times over the years. It always appears as a neglected part of our infrastructure, even though we all use water. We aim to stay away, obviously from politics on this show, but with the current administration spending a lot of time removing, repealing programs, they would say cutting red tape. Do you feel that this one has achieved chance of passing? And what if it doesn't? This is the second time they've tried to do it.
Christina Shannon
You know, I'm cautiously optimistic. I would say that, you know, but even if it doesn't pass, I look at this as, this is like foundational in terms of when you think about what are the things that you need to protect from a cyber standpoint. Like, I look at this as like a public safety hazard, right? This right in the same category as critical infrastructure. It's, you know, think about the old incident in Florida like a few years ago, right? That could have been horrible. And so when you think, like to me it's more where it's black or white in the sense of whether it's, you know, even if it doesn't pass, you know, there should be some kind of maybe public private partnerships, maybe you bring it down to a state level and you get some legislation there I mean, this should be something that's at the top priority, you know, for at all levels of government, in my opinion.
Rich
Yeah, it's one of those things that it's. I mean, that sound cliche, but it's so easy to take it for granted because you turn on your tap, your water's there, it's like you don't. I guess it's tough to communicate that obviously, I guess down to an individual level, that's not what's needed to necessarily pass legislation. Right. To have that public will to do. So I would hope, whether you're talking local, state, federal, there's an awareness. Right. That like water as utility is critical infrastructure. Yeah. But we definitely need to keep tabs on kind of the status of this. And then if, you know, if this doesn't come to pass, like what the local efforts are looking like, we've seen CISA trying to raise that cybersecurity poverty line for these kind of utilities for the past couple of years. What their new mandate is going to allow them to do in this space, maybe in conjunction or in the lack of this kind of legislation, will definitely be something we'll be keeping tabs on this show for sure.
Christina Shannon
Yeah. The only thing I wanted to say is you think about workplace safety, right? And you think about OSHA and all those different regulatory bodies that come in and they make sure that all that's in line. Right. Like, I think, like, there's got to be more of that for, you know, our utilities, our critical infrastructure, you know, wherever it comes from, whether it comes from private or public. Like that to me is just, it's black or white, foundational. You got to do it.
Rich
Yeah, yeah. Well, I just always think, I mean, especially like that old smart one that was like a remote PC dial in, you know, kind of social engine, like the threshold to get access is not perilous for someone looking to do bad. And I hope we can make progress, whether it's through this bill, whether it's, you know, whatever the effort is, I just hope that we keep that in mind of let's keep the water out.
Christina Shannon
Agree.
Rich
Stuart Sanstrup says turn off the water for 10 or 20 hours at the Capitol and it might get passed pretty quick. Stuart, I'm not necessarily agreeing with you, but I'm saying that does sound highly effective. Next up here, Hellcat's JIRA campaign strikes again. The Switzerland based global telecommunications provider ASCOM has confirmed a cyber attack on its IT infrastructure in which its technical ticketing system was breached. This appears to be the Work of a threat group called Hellcat, which is busy targeting JIRA servers worldwide using compromised credentials and also busy having pretty cool night. The attack went through their JIRA ticketing system, which has become a common attack method for Hellcat, who has also attacked telco companies in France and Spain. So Christina, we've seen many attacks on JIRA coming from Atlassian largely because of its value as a container of sensitive data such as project details, source code, confidential documents. Really a treasure trove of what threat actors could, could make all sorts of use of. To be fair, all high profile companies have their share of attacks. But as a security professional, what advice would you have for organizations that use JIRA specifically?
Christina Shannon
You know, like you just said, it's, it's, that is a treasure trove for a lot of sensitive data. Right. Even intellectual property source code. Right. Like I think, you know, start with multi factor authentication. That's where I always start. And then you look at, you know, is your JIRA environment segmented appropriately? Right. Separate your JIRA environment and other sensitive environments from the rest of your corporate network. And then looking at, you know, from the standpoint of privilege access or you know, ensuring that you have least privileged controls applied and then you go to, okay, well what's, you know, what's my detection response? Right. Do I have EDR installed on these servers? There's a number of controls you could do, but I think like really it starts with, you know, do I have least privilege and do I have multi factor in place from.
Rich
Yeah, is part of this also, I guess are organizations realizing that there's a big target on JIRA at this point? Like have we, have we hit that at least that level of saturation before? Like, because I feel like all super sound processes and steps that you're pointing out here, but until you get that buy in that this is like a priority, it's harder to do all of those things.
Christina Shannon
I'm not sure that it's fully there yet. Right. I think that too some of that has to do with the organization structure. A lot of times, whether it's a web or sorry, whether it's a development team that uses jira and they're usually separated from the security team, the help desk, a lot of times not part of the security team. So I think a lot of it is, are these teams in silo, are they communicating with each other at the organization level? And as long as that's happening, I think you're seeing, I'm starting to see a lot more people talk about JIRA servicenow some of the ticketing systems as hey, this is that place where we're storing sensitive data and we got to protect this too. I don't think it's all the way there yet though.
Rich
I just think Active Directory is holding up a sign just like pointing at Jira at this point. And it's just like, please don't, don't hurt me anymore. Before we move on to our next story, I have to spend a few moments with our sponsor for today, Delete Me Data brokers bypass online safety measures to sell your name, address and Social Security number to scammers. Deleteme scours the web to find and remove your private information before it gets into the wrong hands by scanning for exposed information and completing opt outs and removals. With over 100 million personal listings removed, Deleteme is your trusted privacy solution for online safety. Get 20% off your delete me plan when you go to JoinDeleteMe.com CISO and use that promo code CISO at checkout. Next up here Stalkerware Company Spy X Suffers a Data Breach Spy X is a consumer grade spyware operation described as mobile monitoring software for Android and Apple devices, ostensibly for granting parental control of a child's phone. It suffered a Data breach in June 2024, but according to TechCrunch, it has not been previously reported and there's no indication that Spy X's operators ever notified its customers or those targeted by the spyware. The breach was revealed that Spy the breach has revealed that Spy X and two other related mobile apps that were clones of Spy X had records on almost 2 million people at the time of the breach, including thousands of Apple users. Hey, you weren't left out. So Christina, Spy X probably does not like being called Stalkerware, but I got to look by maybe how it's being used here. Like many of its competitors, they do seem to end up doing maybe more than they were designed for. From a cybersecurity standpoint, it must appear as yet another attack vector. Looking at if employees are using this type of app simply for the reasons intended, such as monitoring their kids activity, I'm curious, what's your take on this?
Christina Shannon
You know, alanis Mars said, isn't it ironic, right? That song goes through my head on this one. But I think it's, I think from a personal use standpoint I kind of get it right. I could see some use cases there where some parents want to keep tabs on their kids. Putting that in a corporation though, I think there's far more risks and benefits. I think if Companies want to do that. You got to go look at what's my acceptable use policy and probably update that. You got to start thinking about data privacy. And have you told people how you're using their data? I think there has to be a lot of governance put in place if you're going to try to use that in a corporation to make sure, A, you're thinking about data privacy, B, you're protecting this platform from a data breach because you know a lot of bad is going to happen if you have a data breach using this. As we already see, it doesn't even seem like the company tells people too.
Rich
Yeah, I mean, I mean that's the, that's the other side of it. It's like, as CCL points out, what does the spy in the company name stand for? You know, it's kind of, it's kind of a great point. And if you're trying to pose yourself as a legitimate service, like, because I do agree there, you know, I'm not at the age where my kids have phones yet, but I'll be certainly thinking about these types of things. But then you need to be upfront, you need to be the best citizen when you have that kind of device access. I feel like the onus is on you to be a first class, transparent citizen when these kind of issues come up.
Christina Shannon
Completely agree.
Rich
Next up here, 23,000 repositories targeted in popular GitHub action. A supply chain attack on the widely used GitHub Action TJ action change files. I mean, you all know it. I know need to tell you about it. Compromised CICD secrets in build logs for over 23,000 repositories. Attackers hijacked a GitHub personal access token to inject malicious code that exposed secrets in publicly accessible workflow logs. Though there's no evidence the data was exfiltrated, GitHub removed and restored the repository on March 15 after eliminating the malicious commit. But the incident raised concerns about broader supply chain risks for open source projects. Always a hot topic these days, this attack highlights the risk of compromised CICD secrets and the broader vulnerabilities in open source supply chains. Christina, Given how attackers exploited a GitHub personal access token to inject malicious code, I'm curious, what steps should organizations take to better secure their CICD pipelines and minimize the impacts of similar threats?
Christina Shannon
You know, they should just keep their secrets and clear text and their code. No, I'm kidding. I thought you said what should they not do? They should use, first off, use a key vault, basically use that to manage all your secrets, do automated rotation and then look at how are you scanning your code for vulnerabilities before you do that, commit action. That'd be another thing you could do. Then, obviously, from a defense in depth standpoint, you also still do multi factor authentication. Look at your IAM controls. Look at your EDR controls. Those are typically from top to bottom. I'd say if you look at the protect, identify, protect, detect, respond, recover controls, you should put all those around GitHub.
Rich
Yes. That seems more and more imperative by the day for something that so many. It's the lifeblood of so much. It's hard to overstate its importance. Right. And the fact that we're just kind of starting to really, I don't know, take those controls more seriously. Again, kind of going back to JIRA and kind of where we need to position that in our organizations too. It's a little surprising, honestly, at this stage in the game. But progress is progress. Let's get better. Okay, our last story of the day here. Supply chain hack hits 100 or over 100 auto dealerships. Over 100 car dealership websites were compromised by a supply chain attack where hackers injected malicious click fix code through the LES automotive video service. The attack tricked visitors into copying and executing a malicious command, ultimately infecting them with a sectop rat remote access Trojan. Through PowerShell, researchers warned that click fix, a growing social engineering tactic, has been used for years, but there has been a surge in the technique over the past several months. So, Christina, this is another Qlik fix story. I'm curious, have you encountered this? You know, it can be easy to fool people quite easily. And I'm curious, how would a CIO or CISO train people out of getting fooled by a fake captcha run through click fix? I mean, that's our first instinct is let me get this out of the way here.
Christina Shannon
Yeah, so I've not had it, knock on wood, right? I've not had it happen to me or, you know, organizations that I've, you know, served in CISO or CIO roles. But I think that this is one of those times where that you always hear the term it's an evolving threat landscape. But this is one of those situations or stories that makes that a true statement. Right. When you do security awareness training, most of the history or most of the past, we focus on phishing and how you teach people to spot phishing. I think that has to evolve and some products are evolving it to where you do simulated attacks with users, where you get them Used to looking at, hey, this is an irregular authentication prompt. Maybe I should think about this before I just click it or before I copy and paste malicious code. That's where I'd start from a security awareness standpoint.
Rich
Yeah, my sympathies always go out to us poor users because I mean it really does prey on the, you know, we've gotten, we maybe let's, let's, let's for the sake of argument say we've made progress on phishing and then you get something like this where it's just that one thing that everyone just wants to get through. Like, and I agree, like there's a multi prong approach here. We can start making progress. We can, you know all the, all the classic security awareness stuff. We can do timely remediations. We can, you know, work on resilience so it's not the end of the world if, if someone does do this. But like it does feel distressingly impossible at times for the port to keep up with all this. I feel like with training we can adapt to click fix. We can know that there, you know, we can just like with fishing, we can educate and get to a high percentage of literacy on this. But it just, it feels like okay, well then we'll just move to the next chain in the pipeline and yeah, and on and on down there.
Christina Shannon
I also, I echo. I feel bad for users, right? Like they think they're going on a safe website. They don't want to have to think about it. They just want to go do what they're trying to do and bam, right?
Rich
They're doing the thing that the thing tells it to do and that they've done a thousand, like that's, that's, that's where it like feels, it feels rough. What does not feel rough is reading the comments from our chat because everyone is crushing it today. There's some really great stuff going back to the, to the GitHub actions. We had a really fun conversation or CCL saying always be careful using non vetted actions and make sure the tokens can only be used for limited actions. We also had apple pie alibi also solid YouTube handle on there kind of joining in that chat going back and forth. We had a great talk about, you know, Atlassian on prem stuff, maybe alluding to some details that we don't know about CCL there. I'm not going to ask any questions I don't want answers to, but this is the kind of stuff you get in our chat. You get people that know talking about these stories, sharing their perspectives helping make the show better. I truly, truly appreciate it. The other person that's helped make the show better, let me tell you, ain't this guy. It is Christina Shannon, the CIO over at Kik Consumer Products, just absolutely crushing it today. Christina, thank you so so much for your time. I truly appreciate it every time you're on.
Christina Shannon
Thank you very much. I always enjoy having this discussion. So thank you. Rich.
Rich
We will not hesitate to impose on you again to but until then, where can people find you on the cyberspace LinkedIn.
Christina Shannon
That's usually where I like to hang out. Yeah, come find me there.
Rich
Absolutely. We will have a link to that in our show notes. Or I guess you could just search for Christina Shannon. Not too difficult. Or if you're following the CISO series, you're tagged in our post about this. Why don't you go ahead and share that as well. Let people know and come to our next super Not Super Cyber Friday. Wrong Event Week in Review it's been such a busy Friday folks. Let's face it here. One thing I'm never too busy for is thanking our sponsor for today. Delete me. Take control of your personal data. Once again, huge thank you to our audience. I know we can't get always every comment up on the screen. There are some conversations happening fast and furious, but fantastic to see that. I absolutely love it. It really does help make the show better. Thank you. Thank you so much. Remember to join us next week for Super Cyber Friday. That was my tease for it by pretending like I didn't know what show this was. Where our topic of discussion will be Hacking fragmented IAM A an hour of critical thinking of how to simplify the confusion on identity management, governance and security. It's an extremely easy show title to say. That all happens at 1pm Eastern and then you can come back later in the day for another episode of the Week in Review, which is indeed the very show we are doing right now that starts at 3:30pm Eastern. To register for both, just head on over to our events page@cisoseries.com in the meantime, you still get your daily news fix every single day through cybersecurity headlines. Give us about six minutes, we'll get you all caught up. For myself, for our producer Steve Prentice, for Christina Shannon, for the big boss man David Sparkin. All of us here in the CISO series family, I am wishing you and yours to have a super sparkly day. Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind the headlines.
Cyber Security Headlines: Week in Review
Hosted by CISO Series
Release Date: March 21, 2025
In this episode of Cyber Security Headlines, hosted by Rich from the CISO Series, the discussion centers around the most pressing cybersecurity events of the week. Rich is joined by returning guest Christina Shannon, CIO at KIK Consumer Products, marking her third appearance on the show. Together, they delve into significant stories such as Google's acquisition of Wiz, legislative efforts to bolster water utility cybersecurity, the resurgence of Hellcat's JIRA attacks, a major data breach involving Spy X, and notable supply chain attacks targeting GitHub and auto dealerships.
The episode kicks off with the headline-grabbing news of Google's acquisition of the cybersecurity firm Wiz for a staggering $32 billion. According to Rich, this move is Google's largest acquisition to date and is strategically aimed at strengthening its position in the competitive cloud market amid rapid advancements in artificial intelligence.
Key Discussion Points:
Market Positioning: Christina Shannon highlights that while AWS and Microsoft Azure are traditionally seen as the dominant cloud providers, Google's acquisition of Wiz is a significant step towards increasing its market share. She remarks, “This will Wiz is a great product. So I think adding that to their cloud platform, as long as it's integrated well, could give them a big boost in terms of customers.” (00:41)
Competitive Landscape: Rich adds that the acquisition makes sense in the broader context of the public cloud race, emphasizing that Google is not necessarily overstepping in a market dominated by major players.
Conclusion: The acquisition is viewed as a strategic enhancement for Google's cloud services, potentially leveling the playing field against AWS and Azure by bolstering its cybersecurity offerings.
The conversation shifts to legislative efforts aimed at improving cybersecurity within water utilities. The Senate is reintroducing the Cybersecurity for Rural Water Systems Act, initially stalled during the 118th Congress.
Key Discussion Points:
Legislative Importance: Christina expresses cautious optimism about the bill’s prospects, stating, “I look at this as like a public safety hazard, right? This right in the same category as critical infrastructure.” (06:25)
Current Challenges: Only 20% of U.S. water and wastewater systems currently have basic cyber protections, underscoring the fragility and neglect of this critical infrastructure.
Government Role: Christina advocates for foundational cybersecurity measures, comparing them to workplace safety regulations, and emphasizes the need for public-private partnerships and state-level initiatives if federal legislation stalls.
Conclusion: Strengthening cybersecurity in water utilities is deemed essential for public safety, with the bill offering a crucial framework to address existing vulnerabilities.
A significant cyber attack targeting JIRA servers worldwide by the threat group Hellcat is the next major story discussed. The attack on ASCOM, a global telecommunications provider, involved compromising the IT infrastructure and technical ticketing systems.
Key Discussion Points:
Vulnerability of JIRA: Christina emphasizes the sensitivity of JIRA as a repository of valuable data, including project details and source code. She advises, “Start with multi-factor authentication... ensure that you have least privileged controls applied.” (10:15)
Organizational Challenges: The conversation touches on the often siloed nature of development and security teams, which can hinder comprehensive security measures for tools like JIRA.
Conclusion: Organizations using JIRA must implement robust security protocols, including multi-factor authentication and strict access controls, to safeguard against such targeted attacks.
The episode covers a recent data breach involving Spy X, a company offering consumer-grade spyware marketed for parental control over children’s devices. The breach exposed records of nearly 2 million individuals, including thousands of Apple users.
Key Discussion Points:
Corporate Use Risks: Christina discusses the potential dangers of deploying such spyware within corporate environments, highlighting the necessity for clear acceptable use policies and stringent data privacy measures. She states, “If Companies want to do that, you got to look at what's my acceptable use policy and probably update that.” (14:14)
Transparency and Governance: Emphasizes the importance of transparency with users regarding data usage and securing platforms against breaches.
Conclusion: The Spy X breach underscores the critical need for companies to govern the use of monitoring software carefully and ensure robust data protection mechanisms are in place.
A supply chain attack targeting over 23,000 GitHub repositories via compromised personal access tokens has raised alarms about the security of open-source projects. Attackers injected malicious code into workflow logs, posing significant risks to CICD pipelines.
Key Discussion Points:
Securing CICD Pipelines: Christina recommends utilizing key vaults for managing secrets, implementing automated rotation, and conducting vulnerability scans before committing code. She advises, “Use a key vault... do automated rotation... and scanning your code for vulnerabilities.” (16:53)
Defense in Depth: Emphasizes the importance of multi-layered security approaches, including multi-factor authentication and robust IAM controls, to protect against such threats.
Conclusion: Strengthening CICD security through comprehensive secret management and proactive vulnerability scanning is essential to mitigate supply chain risks in open-source environments.
The final major story involves a supply chain attack that compromised over 100 auto dealership websites through malicious code injected via the LES automotive video service. This attack deployed a remote access Trojan via PowerShell, emphasizing the evolving threat landscape.
Key Discussion Points:
User Awareness Training: Christina highlights the necessity of evolving security awareness programs to address new threats like click fix scams. She suggests, “Start thinking about this before I just click it or before I copy and paste malicious code.” (19:12)
Resilience and Response: Discusses the importance of building organizational resilience to quickly respond and recover from such attacks.
Conclusion: Continuous adaptation of security training and robust incident response strategies are crucial in combating sophisticated supply chain attacks.
Throughout the episode, Rich acknowledges active participation from listeners via the show's live chat, highlighting contributions from regulars like Stuart Sandstrom, David Spark, and Kevin Ferrell. He commends Christina Shannon for her insightful contributions and encourages listeners to connect with her on LinkedIn.
Notable Quotes:
The episode concludes with a reminder of upcoming events and episodes, including the next Super Cyber Friday discussion on fragmented IAM. Rich extends gratitude to Christina Shannon for her valuable insights and encourages listeners to stay engaged through the CISO Series’ various platforms.
For more detailed discussions and daily updates on cybersecurity, visit cisoseries.com and join their live events to stay informed and connected with cybersecurity professionals.