Episode Transcript
Transcripts are displayed as originally observed. Some content, including advertisements may have changed.
Use Ctrl + F to search
0:00
From the CISO series, it's
0:02
cybersecurity headlines. US
0:07
government bans Kaspersky and sanctions
0:09
12 executives. Evolve Bank
0:12
confirms data breach, undermining lockbits,
0:14
Federal Reserve claim, and the
0:16
UK's largest nuclear site pleads
0:19
guilty over cybersecurity failures. These
0:22
are some of the stories that my colleagues
0:24
and I have selected from this past week's
0:26
cybersecurity headlines. And now we're ready
0:28
for some insight, opinion, and expertise on
0:30
all of these. From our guest, Jim
0:32
Bowie, the CISO over at Tampa General
0:34
Hospital. Jim, I know you're a busy
0:36
guy. Thank you so much for making the time and being here. Thanks.
0:39
It's good to be here. Yeah, I cannot wait to
0:41
get into these stories. You were helping curate them this
0:44
week for the week interview, so I'm really excited for
0:46
some of your thoughts. A lot of big stories, a
0:48
lot of big angles I want to get your thoughts
0:50
on. Before we get into those,
0:52
though, I have to thank our sponsor for today, Prelude
0:55
Security. We're 30 minutes away
0:57
from peace of mind. Join
0:59
us on YouTube Live. Do so good at
1:01
cisoseries.com. Hit that old events dropdown and look
1:03
for the cybersecurity headlines week in review image.
1:06
You can click on it to join us. If you are in
1:08
our Discord for Super Cyber Friday, we're going to be
1:11
posting links there as well, so make sure you check
1:13
those out. And be sure to contribute your comments. I
1:16
want Jim's thoughts, but I also want
1:18
your thoughts. I see you, CCL, Kevin
1:20
Farrell, incredulous, chordate in there as well.
1:23
Let me hear your thoughts as we're going through this. Would
1:25
love to get some more. We got about 20 minutes, though,
1:27
so let's just jump right in. First
1:29
up here, the U.S. bans Kaspersky and sanctions
1:31
12 executives. These
1:34
sanctions were issued by the Treasury Department's Office
1:36
of Foreign Asset Control. We know it is
1:38
good old OFAC and pretty much freezes all
1:40
their property and interests. These actions
1:42
come on the heels of an announcement made
1:45
by the government on June 20th regarding a
1:47
ban on selling Kaspersky antivirus software due to
1:49
it being a Russian organization. The
1:51
ban starts on July 20th and software updates
1:53
to its U.S. customers will be prohibited on
1:56
September 29th. Commerce
1:58
Secretary Gina Raimondo. said now
2:00
would be a good time for companies to
2:02
find an alternative to Kaspersky for their security
2:04
needs. I'm just going to say sound advice
2:06
there. Thank you, Secretary Raimondo. But
2:09
that US individuals and businesses can continue
2:11
to use or have existing Kaspersky products
2:13
and services that are not violations of
2:15
the law. So you will not go
2:17
to jail for keeping using things that
2:19
aren't going to get software updates. So
2:21
Jim, Kaspersky has alternated
2:23
over the years between having some
2:26
good collection of researchers to being a
2:28
Russian organization at a time when associating
2:30
with a Russian organization, not exactly great
2:32
optically. So why now? You get a
2:34
sense this is part of a strategy
2:36
about maybe eliminating risk, maybe some new
2:38
evidence came to light or is this
2:40
hey, it's election season, maybe this is
2:42
just some good press. I
2:44
think you nailed it at the end there. I think it's election
2:46
season. If they were going to do
2:49
this and for those at home, if
2:51
you remember, in 2017, it
2:53
came to light that the Russian
2:56
government somehow used Kaspersky or they were in
2:58
league with Kaspersky to take NSA tools, hacking
3:00
tools. I would imagine they
3:02
would have done it then they did ban the
3:05
computer use on government networks. So I thought that was
3:07
the end of it. But I think I think you're
3:09
right. This is saber rattling. I was actually surprised I
3:12
was watching last night the debate purely
3:14
because I thought they'd bring this up. Because
3:16
the timing of it lined up. I was like, hey, they did
3:18
this two days before this week say we're tough on Russia. Here's
3:20
what I've done. I don't
3:23
think this protects the
3:25
private world any more than it was
3:28
four days ago. I think it's saber
3:30
rattling. Well, and
3:32
I mean, correct me if I'm wrong here,
3:34
but my understanding is any security professional worth
3:37
anything would have already made this decision, you know,
3:39
almost 10 years ago now at this point. Yeah,
3:41
Kaspersky made it through your risk assessment profile and
3:43
you gave it a thumbs up. You may want
3:46
to reevaluate your DRC team. Some
3:50
good thoughts. So yeah, we will see
3:52
if that does play out though in the political season. It's a
3:54
really good point. I didn't even think of that
3:56
coming up. I just thought maybe
3:58
you're a masochist or something for watching the debate. That's a
4:00
separate issue. Next up
4:02
here, Evolve Bank confirms data breach
4:04
undermining Lockbit's Federal Reserve claim. Arkansas-based
4:07
Evolve Bank and Trust confirmed this week
4:09
the theft of customer information, which has
4:11
now been posted on the dark web.
4:13
Bank representatives say the information evolved PII,
4:16
but not financial or banking information. So
4:18
just your personal information, don't worry about
4:20
it. This appears to be a job
4:22
pulled off by attackers affiliated with Lockbit,
4:24
which itself had claimed to have breached
4:26
the US Federal Reserve. In
4:28
fact, among the documents was a press
4:30
release about the Federal Reserve enforcement action
4:33
against Evolve Bank alongside regarding
4:35
deficiencies in anti-money laundering controls
4:37
and risk management practices. So
4:40
Jim, the story has a touch of the
4:42
more you look, the more you find given
4:44
that Evolve isn't your average mom and pop
4:46
bank, many of the customers whose data was
4:48
stolen are startups and many of them financial
4:50
companies at some point, a lot of FinTech
4:53
in there. It also has the Lockbit angle,
4:55
a group seemingly on
4:57
the rise again, after there's a posted shutdown earlier
4:59
this year. What's your take on this? My
5:02
take is Lockbit's good hype, good hype man,
5:04
right? They posted that
5:07
and within two hours I had to call my
5:09
leadership, my senior leadership because I knew that was
5:11
gonna hit Forbes and whatever. And they were gonna
5:13
be like, what's going on? And it had nothing
5:15
to do with our company where health organization, right?
5:19
And I was like, they could be lying. You
5:21
don't know, just take it with a grain of
5:23
salt till there's some proof. And as it turned
5:25
out the way it is, actually VX Underground had
5:27
a good theory that they probably don't speak English.
5:29
They saw a document that said Federal Reserve on
5:31
it and got a little happy from it, right?
5:34
And if it happened to be true, kind of beside the
5:36
point then at that point, right? Yeah. Yeah,
5:39
and since they've, oh, sorry, go ahead. Well, I'm just
5:41
wondering, so that's an interesting perspective. I hadn't even thought
5:43
about that, kind of the wasted effort or like the,
5:46
I don't wanna call it wasted due diligence, right?
5:48
Cause you do want to look into these, when
5:50
these claims kind of come up, but I'm wondering
5:53
how much is that a factor in like time
5:55
wasted where we can't trust these threat actors. We
5:57
have to assume everything, especially from Lockbit who has
5:59
a... track history seems to be credible. It's
6:03
a lot of time wasted. I have a couple
6:05
people dedicated purely our team to cyber threat intelligence.
6:07
And that's all they do all day is sift
6:09
through this and wait to see and set up
6:11
alerts. And it's a good
6:13
chunk of your FTEs. But
6:16
it's important because if I don't get ahead of it to
6:20
my senior leadership, my other peers in organization, they
6:22
will lose confidence. And if I can say ahead
6:24
of time, hey, this is a problem, you're gonna
6:26
see this. It doesn't affect us, it does affect
6:28
us. It helps a lot with the trust. All
6:31
right, next up here, UK's largest
6:34
nuclear site pleads guilty over cybersecurity
6:36
failures. The company that
6:38
manages the Cellafield nuclear site in
6:40
Northern England has pleaded guilty to three
6:43
criminal charges over cybersecurity failings. Cellafield
6:45
is no longer a functioning nuclear
6:47
plant, but is currently housing more
6:49
plutonium than any other location on
6:51
earth. And also has a
6:53
number of facilities for things like nuclear decommissioning
6:55
and waste processing and storage. As
6:58
such, it's considered one of the most complex and
7:00
hazardous nuclear sites in the world. I
7:03
would assume most nuclear sites fall into complex
7:05
and hazardous in some degree. The
7:07
criminal charges focus on failures to comply with approved
7:10
security plans between 2019 and early 2023, which
7:13
is a long time. In admitting
7:15
these failures, Cellafield management is also denying
7:17
reports from the Guardian that the facility
7:20
might also have been compromised by hacking
7:22
groups linked to both China and Russia.
7:25
So Jim, basically every sentence in the story
7:27
is something more that I don't want to
7:29
hear. There was a story in
7:31
the BBC from December of last year that
7:33
shows the chief of security, Ewan Hutton, defending
7:35
his actions while still admitting that there were
7:38
problems like cracks in an open air pond
7:40
full of radioactive sludge, but that, hey, they're
7:42
keeping an eye on it. Again,
7:45
not great. I know
7:47
this is a UK story, this plant is in the UK, but
7:50
every country seems like they're having similar types of
7:52
issues. Do we wait until we
7:54
get another three mile island or love
7:56
canal before acting here? No.
8:00
This is I was like my shock was the same as
8:02
yours reading that article and I was just hoping at the
8:04
end We got some ninja turtles out of
8:06
it or something right That's the only
8:08
positive that could have come out of it. But uh You
8:11
have this problem in our infrastructure here. You've got the
8:15
Is it the hui hui? I can never
8:17
pronounce them that are deep into our infrastructure.
8:19
Yes. Yes. Yes You've got volt typhoon. They
8:21
were going to shut off all of our
8:23
infrastructure or communications once china If china decides
8:25
to invade jaiwan you've we've got
8:27
the same massive problems here We've got I was
8:29
dealing with a peer of mine. I was talking
8:31
to another energy company
8:34
And they were talking about how they use torrents
8:37
to update their their firmware on their devices and
8:39
i'm like, ah Just we're we're way behind in
8:41
this legacy equipment. There's two There's
8:44
two industries that are just commonly getting
8:46
hit and that's healthcare and it's uh
8:48
energy infrastructure Utilities
8:50
and it's because of legacy stuff like that And
8:52
we're just going to keep having that problem and
8:54
I don't know the answer on modernizing because they've
8:57
shut down all the programs for the most part
8:59
Yeah, it's it's that problem of needing
9:02
to you know, these are essential
9:04
services around like power is essential,
9:06
right? Healthcare is essential and
9:09
it what I mean it that leads into a
9:11
whole other realm
9:13
of uh, you know In inheriting technical debt,
9:15
right like taking on technical debt So you
9:18
can keep operations moving over the long term
9:20
and then that turns into this legacy long
9:22
tail Where we're dealing with, you
9:24
know trying to network SCADA systems that were never designed
9:26
for it and building on all that kind of stuff
9:28
so yeah, it really I
9:31
mean at some point You
9:33
I would have thought it was the colonial pipeline attacks, right?
9:35
That would have been the definitive wake-up
9:38
call to be like we need to you
9:40
know Take this on I like
9:43
you said some of the programs for this. I have
9:45
gone away I know ceasa is making a lot of
9:47
initiatives To to more systemically
9:49
address this but it does feel like uh,
9:51
you know drops in a bucket at this point
9:55
Yeah, it's it's just hard. You've got like you said,
9:57
you know in it on the head. You've got these
9:59
systems that weren't designed to do these things that weren't
10:01
supposed to live for 50 years. You don't have anyone
10:03
making new systems to replace it, and
10:05
you've got to have access to do the things they need to do. It's
10:08
a real tough problem. At some point, maybe we'll run
10:10
out of like quarter-inch floppies, and
10:12
then we'll all be forced to move
10:14
on, at least for some of the
10:16
critical infrastructure stuff. So here's hoping. All
10:18
right, before we move on, now we
10:20
have to spend a word and a
10:22
moment with our sponsor for today, Prelude
10:24
Security. 30 minutes or less isn't just
10:26
for pizza delivery. It can be how
10:28
fast you know you're protected against the
10:30
latest threats. Visit preludesecurity.com/threats
10:32
for a free delivery
10:34
of threat-hunting queries, detection
10:37
rules, and security tests
10:39
based on any piece
10:41
of threat intelligence. We
10:43
can review listeners can head
10:46
to preludesecurity.com/threats to upload their
10:48
intelligence and know with certainty.
10:51
That's P-R-E-L-U-D-E,
10:55
security.com/threats. Next
10:59
up here, fresh move it bug under
11:01
attack just hours after disclosure. A
11:04
new high severity vulnerability in move it transfer
11:06
software is being actively exploited just hours after
11:08
it was made public. Researchers determined
11:10
that attackers could exploit the bug by
11:12
using a forced authentication attack with a
11:15
malicious SMB server and a valid username,
11:17
or by impersonating any user on the
11:19
system by uploading their own SSH public
11:21
key to the server without logging in,
11:23
then use the key to authenticate. Ad
11:26
mention move to patch versions as soon as possible.
11:29
I guess table stakes advice there for everybody.
11:31
But Jim, I'm curious, what do you make
11:33
of these two attack vectors? Are they original
11:36
or do they reveal new flaws in the
11:38
design of move it? I'm
11:42
probably pretty sure they've been there. I don't think they're a
11:44
new thing. I just think they found it. They
11:46
took up to give them credit initially. If y'all
11:49
are move it customers, you would have gotten emails
11:51
for weeks before this saying, hey, patch, patch, patch,
11:53
patch. So I have
11:55
to give them credit on that front. What I don't give them credit
11:57
for is they thought it was a 7.5.
12:00
and it was this particular part, but once there's blood in
12:02
the water, people start looking at things, and then it had
12:04
to escalate it to 9.1 when
12:06
they realized there was another third-party component, so the
12:08
patch actually doesn't work to
12:11
mitigate the problem. So, Census actually
12:13
pulled a report, and I think it
12:15
was 2,700 instances online before
12:19
this was released, and then once they came out and said,
12:21
hey, you need a patch, now there's only 1,800 two days
12:23
later. So people are listening to this
12:25
one because of last year's instance
12:28
with the Clop ransomware group. I
12:31
imagine all 1,800 of those are probably healthcare too.
12:33
Yeah, and I know I've received my
12:36
fair share of move-it disclosures over the
12:38
past couple of months here. For sure,
12:40
CCL and the chat had a questionnaire,
12:42
didn't they try to implement their own
12:44
version of SFTP, or
12:47
SFTP, yes. I'm not sure
12:49
on that CCL. I will have
12:51
to look into that. I don't wanna overspeak the
12:53
case for move-it here, but
12:55
yeah, definitely, it's one of
12:57
these things where I feel like this is almost
13:00
on the level of, we
13:02
hear about new specter-level vulnerabilities. Obviously, this is way more
13:04
practical and way more in your face. I feel like
13:06
we're just going to be hearing about this because
13:09
there's such inertia to move off of
13:11
these types of platforms that we're just gonna be hearing about
13:13
this for years to come. Yeah, it's
13:16
a problem, and just in
13:18
the same way that faxing's a problem, right? It's an auto. You
13:21
would think if we're not using FTP, we're using
13:23
faxing and healthcare, and you've gotta move on to
13:25
something, I don't know, crazy, new, secure connections, but
13:30
it goes back to legacy stuff, and it has
13:32
to be out there, it has to be exposed,
13:34
and you better have your lockdown IPs
13:36
right and sourced, not just any rule. All
13:40
right, our next story here. DHS
13:43
aims to streamline clearance approvals to
13:45
increase headcount. As lawmakers
13:47
at a House hearing pointed at
13:49
the federal government's cumbersome, pointed out
13:51
the federal government's cumbersome hiring process
13:53
that has undermined its ability to
13:56
recruit cyber talent. CIO Eric Hyson
13:58
responded that the DHS uses a
14:00
multi-pronged approach included through its cybersecurity
14:02
talent management system and by assessing
14:04
clearance protocols, but that it's looking
14:07
to reduce requirements and expand the
14:09
use of interim clearances at both
14:11
the secret and
14:13
top secret level. This
14:15
solution is just one of many
14:17
proposed to assist with the estimated
14:19
500,000 vacant cyber-related jobs in
14:21
the country. So, Jim, very
14:24
much a tricky situation. You're understaffed. You need
14:26
to be like there's a recognized
14:28
need that we need to staff up bringing talent.
14:31
You don't want to have,
14:33
you want qualified people, but there is a
14:36
clearance process. I guess, how
14:38
do we fill this in without lowering the
14:40
bar too far? I'll
14:42
counterpoint on that. I think your bigger
14:44
national security threat is not filling these
14:46
positions. The
14:50
issue, and I was reading deep into this
14:52
because I can turn your 20 minute show
14:54
into a four hour show about this, but
14:56
the lowering the barrier to entry to cybersecurity,
14:59
the gatekeeping of, I'm going to light Twitter on fire
15:01
here. You don't need a bachelor's degree to do this
15:03
job. You don't need a four year degree. You can
15:05
have great programs. There are great programs out there that
15:07
do it, but
15:10
if you give me a talented, smart,
15:12
capable person, we can teach them this
15:14
stuff. It's not rocket science and the
15:16
99% of the cases, don't get me
15:18
wrong. There's great people out there doing
15:20
all kinds of crazy research
15:22
that's needed in that point. But for
15:24
what Sisa and DHS is talking about
15:27
here, you
15:29
need people that can do full management help with reporting. All
15:32
that is trainable by just competent people. And
15:34
apparently I just lost power. So, Oh, no.
15:36
You can do that out. All right. Yeah.
15:39
But
15:43
it's a problem not to do it. They're
15:46
not restricting people
15:48
from the ability
15:50
to, if they're having, they still
15:52
need to exercise classified materials. They're
15:54
still getting clearances. If
15:56
they are not, then they don't need it. And
15:58
that's what this is. Yeah,
16:01
and I know they've started to do work
16:03
because I have some families
16:05
working in the federal government for years, and I know
16:07
that they have, like, they are
16:09
very strict with harm, like you were
16:12
saying, degrees needed to obtain, you know,
16:14
certain positions, certain levels within
16:16
any different agency. I remember my mom laughing because someone
16:18
got up to a higher grade because they had a
16:21
master's in music, and they were in the Department of
16:23
Justice, but they had a master's degree, so they qualified
16:25
for this position. I know there's
16:27
been some work both on the military and
16:29
in the civilian side to make
16:32
those softer, right, not make those as hard
16:34
requirements, but specifically with cyber. But
16:37
yeah, I hadn't thought about that in terms of, like,
16:39
just looking at purely at a risk proposition,
16:42
right? The risk of not being properly staffed
16:44
versus, you know, the risk of an insider,
16:46
you know, threat of someone not being cleared
16:48
or something like that. I think that's a
16:50
really interesting way to think about that, and
16:52
I would expect nothing less from a CISO.
16:56
But I won't let you sit
16:58
in the dark here too long, Jim, so
17:00
we will finish up with our last story
17:02
here. CDK global outage caused by Black Suit
17:04
ransomware attack. In an
17:06
update to one of last week's biggest stories,
17:09
Believing Computer has learned that the operation behind
17:11
CDK Global's massive IT outage and disruption to
17:13
car dealerships across North America is Black Suit,
17:15
an operation launched in May 2023 and which
17:17
is believed to be
17:20
a rebrand of the Royal Ransomware operation,
17:22
and therefore the direct successor of the
17:24
Conti cybercrime syndicate is just a wonderful
17:26
cybercrime family, really, at this point. If
17:29
you read some of the dark web monitoring
17:31
accounts on X, you'll see that Black Suit
17:33
has been very busy of late. So
17:36
Jim, CDK is starting to look like
17:38
this season's version of change healthcare, but
17:40
I have a specific question here. CDK
17:42
is warning that threat actors are contacting
17:45
dealerships posing as CDK agents or affiliates
17:47
in order to gain access to their
17:49
systems. Kind of a perfect social engineering
17:51
situation, you know, appearing to be the
17:53
helpful company spokesperson
17:55
helping you out in distress. As
17:58
a CISO, how How do
18:00
you prepare for this, especially with such a
18:02
disparate kind of dealership structure that's just kind
18:04
of inherent with how those businesses work? This
18:08
one's tough when you have, like you
18:10
said, thousands of different dealers, different organizations,
18:12
but as a CISO dealing with this change, like
18:14
we had to with the healthcare, change healthcare incident,
18:17
you have to get ahead of things. You have to really
18:19
hope that your senior leadership's with you
18:21
and communicating, allowing
18:24
you to communicate out. Going to
18:26
similar situation as this, the whole
18:28
streamline of our revenue stream was down because of
18:30
the change healthcare as well as most
18:32
of America. These
18:35
car dealerships are dealing with that same problem. You need
18:37
to, you're going to have panic. You're going to have
18:40
a need. Anyone who's offering a branch, they're
18:42
going to be all over it. That's where that
18:44
social engineering comes into play. That's where you as a CISO
18:46
and you as a cybersecurity team need to get in front
18:48
of your CEO and CIOs
18:50
and be like, I need to meet with all
18:52
these different teams and put these communications out like,
18:55
do not trust anyone. Do
18:57
not give them access. It's not us. That's
19:00
just the only way you can really handle that part. All
19:03
right. Well, before we get out of here, one, do recognize,
19:06
we had a comment from Kevin Farrell kind of about our
19:09
federal hiring discussion that says they should
19:11
be able to streamline the clearance process
19:13
for applicants who currently hold public trust
19:15
clearances for sure. That's
19:17
his totally unbiased opinion. So thank you, Kevin,
19:20
for that. Love, love that
19:23
thought. And yeah, I think there's just
19:25
a lot of, I mean,
19:27
there's a lot of, I don't want to call that
19:29
a little thing, but there's a lot of things that
19:31
you could do to, I feel like, make a big
19:33
difference. Of course, if any big bureaucracy, training a battleship,
19:36
roll out your metaphor of choice,
19:39
but speed and alacrity, not exactly
19:41
the federal government's M.O. Before
19:44
we get out of here, Jim, was there any
19:46
story here that was a thumbs up or an
19:48
eye roller for you this week that just kind
19:50
of caught your attention? The
19:52
eye roller was a locked bit claiming to hack the Federal Reserve,
19:56
but it was important to
19:58
look at on that front. Yeah,
20:02
yeah, for sure. And also
20:04
we had just a few
20:06
hours ago, we had kind of
20:08
the revelations that Nobelium, aka
20:10
Cozy Bear, has been attacking
20:12
TeamViewer2. I know we'll be getting
20:14
some coverage on that on cybersecurity headlines.
20:17
So look for that. Lots of,
20:20
listen, it's rough out there for using
20:22
third party software. It's a
20:25
rough time out there for you. Jim,
20:27
is there anywhere we can send people to follow
20:29
you on cyberspace? You had some great insights today.
20:31
Really appreciate it. Where can people follow you online?
20:34
LinkedIn is the best place if you want to reach
20:36
out. And if you have any questions or follow up
20:38
on this, just say, Hey, we talked on the show
20:40
or I saw you on the show and I'm happy to
20:42
get back to you. If you're a CISO on LinkedIn, it's
20:44
all vendors trying to sell you stuff. So please differentiate yourself.
20:46
I won't know it was you. Yeah,
20:48
I just want five minutes of your time. Don't worry, Jim. Yeah,
20:51
exactly. Well, thank you so
20:53
much, Jim Bowie, the CISO at Tampa
20:55
General Hospital. Stay in with us in
20:58
the dark. Shout out to your uninterrupted
21:00
power supply. Hold it down down there.
21:02
That's pretty impressive. And
21:05
thank you also to Jay Walter Smith for
21:07
also rolling your eyes at the
21:10
whole lock bits claim
21:12
on the Federal Reserve. Hey, listen, you can't blame him
21:14
for trying, I guess. I mean, you can blame them
21:16
for like everything else. They're, they seem like they're horrible
21:18
people, but anyway, uh, so glad
21:21
to see you're not alone on that one, Jim. Thanks
21:23
also to our sponsor for today,
21:25
PrayLude Security. You're 30 minutes away
21:28
from peace of mind. Visit them
21:30
at prayludesecurity.com/threats, P R E L
21:32
U D E security.com/threats. Thanks also
21:35
to our audience today. Uh, we
21:37
had some people on LinkedIn and
21:39
YouTube getting in, leaving some comments.
21:42
Always appreciate everybody coming in, throwing
21:44
some questions, some insight and their
21:46
own expertise. We are here every
21:49
single Friday, uh, except for next
21:51
Friday, which is we're taking off for the 4th
21:53
of July. So if you could, you could still
21:56
show up on YouTube and follow the CISO series,
21:58
we just won't be broadcasting. That's okay. We'll
22:00
be back the week after that 3 30 p.m. Eastern
22:04
Most Fridays you can find us here. We always have a fun
22:06
time But you could still get your
22:08
daily news fix except for 4th of July cyber
22:10
security headlines every day six minutes We'll get you
22:12
all cut up a lot of exclusions 4th of
22:14
July. We're celebrating America I
22:16
hope you are too if you're in the US if
22:19
if not just have a fun 4th of
22:21
July until the next time we meet
22:23
I'm rich. Dravolino reminding you to have
22:25
a super sparkly day Cyber
22:30
security headlines are available every weekday head
22:32
to see so series comm for the
22:34
full stories behind the headlines
Podchaser is the ultimate destination for podcast data, search, and discovery. Learn More