This is the last show for the year, Risky Business will return on January 10th 2018.
In this week’s feature Stephen Moore joins us. He was formerly the Staff Vice President of Cyber Security Analytics at Anthem, the healthcare company that was spectacularly owned by a Chinese APT crew in 2015.
Instead of us all just saying “lol they got owned, they’re idiots,” I thought it would be a good idea to actually talk to someone who was there. As you’ll hear, Anthem’s team knew they were being targeted by an APT crew, did its best to fend off the attackers, but sadly they lost anyway.
It’s sobering listening.
This week’s sponsor interview is also just great. We’ll check in with Casey Ellis of Bugcrowd. He’ll be along to talk about this whole Uber mess. A lot of the reporting around the so-called Uber data breach seemed to fixate a bit on the fact that the attacker was paid via the HackerOne bug bounty platform. The coverage has conflated extortion with bug bounty programs, much to Casey’s dismay. He’ll be along later to share his views on what the Uber snafu means, as well as to share his thoughts on DJI’s disastrous bug bounty program.
Adam Boileau, as usual, stops by to discuss the week’s security news, and also to wrap up the 2017 season.