Below the Surface (Audio) - The Supply Chain Security Podcast

A lively discussion of the threats affecting supply chain, specifically focused on firmware and low-level code that is a blind spot for many organizations. This podcast will feature guests from the cybersecurity industry discussing the problems surrounding supply chain-related issues and potential solutions. Get the Supply Chain Security Toolkit from Eclypsium here: https://eclypsium.com/go

Network Appliances: A Growing Concern - BTS #44 01/27/2025

CVE Turns 25 - BTS #43 12/09/2024

The China Threat - BTS #42 11/21/2024

The China Threat - BTS #42 In this episode, Paul Asadoorian, Allan Alford, and Josh Corman discuss the growing threat posed by China, particularly in the context of cyber operations and geopolitical ambitions. They explore the implications of China's strategies, the vulnerabilities in critical infrastructure, and the need for transparency and trust in digital systems. The conversation highlights the urgency of addressing these threats as they relate to Taiwan and the broader global landscape. In this conversation, the speakers discuss the critical issues surrounding digital infrastructure, emphasizing the over-dependence on unreliable systems and the need for greater trust and transparency. They explore the balance between usability and security, the challenges posed by security appliances, and the regulatory landscape affecting digital trust. The conversation also highlights the importance of empowering smaller enterprises and addressing the asymmetry in cyber defense, particularly for those at the bottom of the economic pyramid. The speakers advocate for proactive measures to prepare for future disruptions and the need for collective action to improve the overall security landscape. Takeaways: China's ambitions towards Taiwan are a significant concern. The geopolitical landscape is increasingly complex and interconnected. China's cyber operations are organized, funded, and strategic. Critical infrastructure in the U.S. is vulnerable to cyber threats. Cyber warfare will likely be a hybrid conflict involving multiple actors. Dependence on connected technology poses risks to national security. Malicious intent is not necessary for cyber harm to occur. Transparency in digital infrastructure is crucial for security. The threat of hardware exploits remains a significant concern. The recidivism rate of cyber threats is high, especially in critical sectors. There's a cost to connectivity that we haven't acknowledged. Usability is often prioritized over security, leading to vulnerabilities. Dependability in digital infrastructure is crucial for resilience. Security appliances can sometimes introduce more vulnerabilities than they solve. Regulatory frameworks need to adapt to the evolving digital landscape. Consumer demand can drive accountability in security practices. Smaller enterprises often lack the resources to secure their systems effectively. The asymmetry in cyber defense leaves many vulnerable to attacks. Proactive measures are necessary to prepare for potential disruptions. Collective action is needed to improve trust and transparency in digital infrastructure. /episode/index/show/belowthesurfacesw/id/34078566