The State of Enterprise IT Security Brad Bussie

In this episode, Brad Bussie discusses the critical gap in cybersecurity expertise, the U.S. government's $50 million investment to bolster healthcare cyber resilience, and the emerging threat of YouTube as the latest phishing battleground. Stay tuned to uncover the latest insights and expert analysis on these pressing issues in the world of IT security.
Topics Covered:
The widening cybersecurity expertise gap and its implications.U.S. investment in Better Healthcare cyber resilience.YouTube's rise as a phishing battleground.Key Takeaways:
Expertise Gap: The shortage of skilled cybersecurity professionals is a growing concern, affecting the ability of organizations to defend against sophisticated threats.Healthcare Cyber Resilience: The U.S. government's $50 million investment aims to enhance the cybersecurity infrastructure of healthcare systems, critical in the wake of increasing cyberattacks.YouTube Phishing: Cybercriminals are increasingly targeting YouTube as a platform for phishing attacks, exploiting its vast user base.Mentions & References:
U.S. government initiatives on healthcare cybersecurity.Recent studies and reports on the cybersecurity skills shortage.Examples of phishing attacks on YouTube.Time Stamps with Highlights:
[00:00] Opening Remarks: Introduction and episode overview.[02:30] Expertise Gap: Discussing the lack of cybersecurity professionals and its impact.[05:00] U.S. Invests $50m in Better Healthcare Cyber Resilience: Details on the $50 million investment and its expected benefits.[08:15] YouTube Phishing Threats: How cybercriminals are exploiting YouTube for phishing scams.[12:45] Key Strategies: Recommendations for organizations to improve their cybersecurity posture.[15:30] Closing Thoughts: Final insights and a look ahead to future episodes.Follow Us:
LinkedInFacebookX (Twitter)YouTubeAbout the Show:
The State of Enterprise IT Security podcast, hosted by e360, is your go-to source for making IT security approachable and actionable for technology leaders. Join us for insightful discussions and expert analysis on the latest cybersecurity topics and trends.
About e360:
e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services, driving digital transformation for global and national enterprises with top-tier expertise.
Visit us:
www.e360.com

(00:00) - Introduction to Cyber Threats and IT Security
(00:49) - Exploring the Security Expertise Gap in Cloud Expansion
(05:41) - Investing in Healthcare Cyber Resiliency
(09:15) - YouTube: The New Frontier for Cyber Threats
(13:51) - Conclusion and Call to Action

Join Brad Bussie, Chief Information Security Officer at e360, as he explores Google's innovative approach to cloud security in today's episode. Focusing on how Google has revolutionized security operations with a multilayered defense strategy, Brad discusses the integration of AI and threat intelligence to enhance cybersecurity measures in the cloud era.
Topics Covered:
Google's Approach to Cloud Security: An overview of how Google tackles the complexities of cybersecurity with advanced technologies and strategies.The Role of AI and Automation in SecOps: Examining how Google utilizes artificial intelligence to streamline threat detection, investigation, and response.Integrating Threat Intelligence and Expertise: Insights into how Google’s acquisition of Mandiant and integration with VirusTotal enhance their security capabilities.Key Takeaways:
Google Security Operations is designed to support not just Google Cloud but multi-cloud environments, providing a versatile and robust security solution.The use of AI in Google's security operations allows for more efficient data analysis and threat detection, significantly reducing the workload for security analysts.Google’s comprehensive security framework combines AI, machine learning, and human expertise from Mandiant to offer a proactive and informed cybersecurity defense system.Mentions & References:
Insights from the Google Next Conference on the role of AI in securityGoogle's VirusTotal IntegrationTDIR Process in Google's Cloud SecurityMandiant’s ExpertiseTime Stamps with Highlights:
[00:00:32] - Introduction to Google’s security operations and the challenges in cloud security[00:02:09] - Discussion on the shift from traditional security models to advanced, integrated systems[00:07:24] - The impact of AI and automation on security operations[00:11:27] - How Google's comprehensive threat intelligence network supports proactive defenseFollow Us:
LinkedInFacebookX (Twitter)YouTubeAbout the Show:The State of Enterprise IT Security podcast, hosted by e360, is your go-to source for making IT security approachable and actionable for technology leaders. Join us for insightful discussions and expert analysis on the latest cybersecurity topics and trends.
About e360:e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services, driving digital transformation for global and national enterprises with top-tier expertise.
Visit us: www.e360.com

In Episode 19 of The State of Enterprise IT Security, Brad Bussie tackles critical issues affecting the cybersecurity landscape. From new CISA guidelines aimed at protecting critical U.S. infrastructure to major data leaks impacting millions, this episode dives deep into the challenges and strategies for securing our digital world.
Topics Covered:
CISA Guidelines for AI in Critical Infrastructure: Discussion on new measures to enhance the security of U.S. critical infrastructure against AI-related threats.Kaiser Data Leak: Examination of a significant data breach affecting 13.4 million Kaiser members, including the inadvertent sharing of data with advertisers.Okta Credential Stuffing Attacks: Analysis of the recent spike in credential stuffing attacks against Okta accounts, exacerbated by the use of residential proxy services.Key Takeaways:
CISA is intensifying efforts to safeguard critical infrastructure by focusing on AI risks, proposing a comprehensive plan for risk management.Kaiser's data leak highlights the ongoing challenges in protecting personal health information and the risks associated with third-party data sharing.Okta's experience with credential stuffing attacks illustrates the evolving tactics of cybercriminals and the importance of robust cybersecurity measures, including enhanced authentication processes.Mentions & References:
CISA (Cybersecurity and Infrastructure Security Agency)Kaiser PermanenteOktaTechniques like residential proxy services that facilitate anonymity in cyber attacks.Time Stamps with Highlights:[00:00:33] Introduction to Episode 19 Topics[00:01:24] CISA's New AI Security Guidelines[00:06:33] Data Leak Impacting Kaiser Insurance Members[00:11:02] Rise in Okta Credential Stuffing Attacks
Follow Us:
LinkedInFacebookX (Twitter)YouTube
About the Show:The State of Enterprise IT Security podcast, hosted by e360, is your go-to source for making IT security approachable and actionable for technology leaders. Join us for insightful discussions and expert analysis on the latest cybersecurity topics and trends.
About e360:e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services, driving digital transformation for global and national enterprises with top-tier expertise.
Visit us: www.e360.com

In this episode, Brad Bussie, Chief Information Security Officer at e360, is joined by Shariq Aqil, Field CTO from Zerto, an HPE company. They delve into the critical topic of building a cyber resilience vault, providing valuable insights into creating robust defenses against cyber threats.
Topics Covered:
Introduction to Cyber Resiliency:Definition and importance of cyber resiliency in modern business environments.Strategies for achieving cyber resilience, including proactive and reactive measures.Exploring the Cyber Resiliency Vault Concept:Detailed explanation of what a Cyber Resiliency Vault is and the problems it addresses.Discussion on how Zerto’s technologies enhance cyber resilience through their innovative vault solutions.Building a Cyber Resiliency Vault with Zerto:The technical and strategic approach to using Zerto for creating a cyber resiliency vault.Benefits of integrating Zerto’s solutions into cybersecurity frameworks.Key Takeaways:
Importance of a comprehensive strategy encompassing prevention, detection, response, and recovery.Insights into Zerto’s approach to continuous data protection and its impact on minimizing data loss and recovery times.The role of cyber resiliency vaults in enhancing organizational ability to withstand and recover from cyber incidents.Mentions & References:
Zerto and e360 partnershipCyber resilience strategies and technologies discussed in the episode are pivotal for organizations seeking to enhance their security posture.Time Stamps with Highlights:
[00:02:00-00:04:00] Shariq Aqil’s Background:Shariq provides an overview of his professional background and his role at Zerto, detailing his experiences at Dell, EMC, and IBM before joining Zerto.[00:04:00-00:06:00] What is Cyber Resiliency:Brad elaborates on the concept of cyber resiliency, explaining it as an organization’s ability to maintain critical operations effectively amidst cyber threats.[00:06:00-00:08:00] The Role of Cyber Resiliency Vaults:The discussion shifts to the specific function of cyber resiliency vaults, describing how they protect critical data and support quick recovery from cyber incidents.[00:08:00-00:10:00] Technical Details of Zerto’s Solutions:Shariq dives into the technical aspects of Zerto’s solutions, focusing on continuous data protection and its advantages over traditional backup solutions.[00:10:00-00:12:00] Importance of Quick Recovery:The conversation emphasizes the importance of rapid recovery capabilities in cyber resiliency solutions, highlighting how Zerto’s technology minimizes data loss and recovery times.[00:12:00-00:14:00] Implementing Zerto’s Cyber Vaults:Brad and Shariq discuss the implementation of Zerto’s cyber vaults, explaining the process of data replication, scanning for anomalies, and ensuring data immutability.[00:14:00-00:16:00] Broader Implications of Cyber Attacks:They discuss the broader impact of cyber attacks on business operations, stressing the need for comprehensive cyber resilience strategies that go beyond immediate recovery.[00:16:00-00:18:00] Discussion on Cyber Resilience Strategies:The discussion turns to strategies for enhancing cyber resilience, including the need for a multi-faceted approach that encompasses technology, policies, and people.
Follow Us:
LinkedInFacebookX (Twitter)YouTubeAbout the Show:The State of Enterprise IT Security podcast, hosted by e360, is your go-to source for making IT security approachable and actionable for technology leaders. Join us for insightful discussions and expert analysis on the latest cybersecurity topics and trends.
About e360:e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services, driving digital transformation for global and national enterprises with top-tier expertise.
Visit us: www.e360.com

(00:00) - Welcome to the State of Enterprise IT Security Edition
(01:05) - Introducing Shariq Aqil from Zerto
(02:53)

Brad Bussie, Chief Information Security Officer at e360, hosts the State of Enterprise IT Security Edition podcast, where he delves into three main topics aimed at making IT security more approachable for technology leaders. 
The first segment reflects on the aftermath of a ransomware attack on United Health and Change Healthcare, highlighting the sobering realization that paying ransoms does not guarantee the safety of stolen data, as evidenced by Change Healthcare's loss of sensitive patient information despite a $22 million ransom payment. 
The second segment discusses cloud security, questioning the substantial investment in cloud technology and exploring the utility and limitations of security tools such as SIEM, EDR, and ITDR based on a survey of 150 security professionals from large companies. The implications of automation and AI in enhancing security operations, despite staffing challenges within the IT security domain, are also examined. 
The third segment probes the ethical and privacy concerns surrounding AI technologies capable of emotional intelligence and voice synthesis, spotlighting Hume's empathic AI and HeyGen's AI-driven content creation platform. Bussie underscores the need for robust security measures to protect user data and prevent misuse of AI in emotional manipulation and content generation, advocating for user vigilance and informed engagement with emerging AI technologies.
00:00 Introduction to Enterprise IT Security Insights
01:20 Deep Dive into United Health's Cybersecurity Incident
07:02 Exploring Cloud Security Investments and Challenges
17:12 The Future of AI: Emotional Intelligence and Avatars
24:13 Innovative AI Technologies: HeyGen and AI Avatars
31:30 Conclusion and Final Thoughts
e360 website: www.e360.com
Show page: e360.com/state-of-enterprise-it-security-podcast
Follow on LinkedIn: https://www.linkedin.com/company/e360solutions
About the Show:
The State of Enterprise IT Security podcast is your go-to source for the latest in IT security, offering approachable and actionable insights for technology leaders. Join us as we explore the complexities of cybersecurity and the innovative solutions driving the industry forward
About e360:
e360 excels in delivering specialized technology solutions across Cloud, Cybersecurity, Digital Workplace, Modern Infrastructure, and Managed Services. We are at the forefront of driving digital transformation for global and national enterprises with our top-tier expertise.


(00:00) - Introduction to Enterprise IT Security Insights
(01:20) - Deep Dive into United Health's Cybersecurity Incident
(07:02) - Exploring Cloud Security Investments and Challenges
(17:12) - The Future of AI: Emotional Intelligence and Avatars
(24:13) - Innovative AI Technologies: HeyGen and AI Avatars
(31:30) - Conclusion and Final Thoughts

Navigating Emerging Threats and Innovations in IT Security
In this episode of the State of Enterprise IT Security Edition, host Brad Bussie discusses three main topics relevant to technology leaders today. Firstly, he addresses the growing adoption of Multi-Factor Authentication (MFA) and its vulnerabilities, including MFA fatigue, SIM swapping, and session cookie theft, providing strategies to mitigate these risks. Next, Bussie talks about a recent emergency directive from the U.S. Cybersecurity Agency (CISA) in response to a Russian APT's infiltration of Microsoft's network and theft of sensitive correspondence, emphasizing the importance of federal agencies hunting for signs of the breach, analyzing exfiltrated emails, and securing authentication tools. Lastly, insights from the Google Next conference are shared, highlighting advancements in AI-driven security solutions and features, including Gemini for cloud and cybersecurity, AI hypercomputers, and enhanced data privacy measures. The episode aims to make IT security approachable and actionable for its audience.
00:00 Breaking News: Russian Hackers Target Microsoft00:00 Introduction00:48 Welcome to the State of Enterprise IT Security Edition01:52 Growing Challenges with Multi-Factor Authentication (MFA)09:11 U.S. Government on High Alert: Russian Hackers Steal Sensitive Data16:24 Innovations and Security Insights from Google Next Conference23:24 Closing Thoughts on Enterprise IT Security