e360 Blog

S1 EP. 21 Security Expertise Gap, U.S. Pumps $50mm into Better Healthcare Cyber Resilience, YouTube Latest Phishing Battleground

Written by Brad Bussie | May 30, 2024 1:24:34 PM

Overview:

 

In this episode of the State of Enterprise IT Security podcast, Brad Bussie addresses three pressing cybersecurity issues. First, he explores the security expertise gap in cloud expansion, highlighting a Tenable report that reveals many companies are eager to grow their cloud capabilities but struggle with a significant skills shortage. This gap poses serious risks, making it challenging for organizations to implement robust cloud security measures effectively.

Brad also discusses the U.S. government's $50 million investment to enhance healthcare cyber resilience through the ARPA-H initiative. This program aims to develop automated cybersecurity solutions to protect hospitals from cyber threats. Lastly, he examines how YouTube has become a hotspot for phishing and deepfake scams, with threat actors exploiting the platform to deceive users. Brad emphasizes the importance of staying informed and vigilant in the face of these evolving cyber threats.

Listen to the Episode:

 

Watch the Episode:

Key Topics Covered:

 

Security Expertise Gap in Cloud Expansion: A discussion on the critical findings from a Tenable report revealing that while many companies are eager to expand their cloud capabilities, they face a significant shortage of skilled professionals to secure these environments effectively.

U.S. Investment in Healthcare Cyber Resilience: Details on the ARPA-H initiative, which involves a $50 million investment by the U.S. government to enhance cybersecurity in hospitals. The program aims to develop automated solutions to protect against cyber threats.

YouTube as a Phishing Battleground: Insights into how YouTube is being increasingly exploited for phishing and deepfake scams, posing new risks for content creators and viewers.

Read the Transcript:

Introduction to Cyber Threats and IT Security

[00:00:00] Brad Bussie: I wanted to highlight a new and alarming frontier in cyber threats. YouTube.

[00:00:08] Brad Bussie: I'm Brad Bussie, Chief Information Security Officer at e360. Thank you for joining me for the State of Enterprise IT Security Edition. This is the show that makes IT security approachable and actionable for technology leaders. I'm happy to bring you three topics this week. The first, security expertise gap threatening cloud expansion.

[00:00:34] Brad Bussie: The second, U. S. pumps 50 million into better healthcare cyber resiliency. And third, YouTube becomes latest battlefront for phishing and deepfakes. And with that, let's get started.

Exploring the Security Expertise Gap in Cloud Expansion

[00:00:49] Brad Bussie: Today, I wanted to dive into some fascinating findings from a recent Tenable report that highlights a critical issue in the tech world, cloud expansion, and the security challenges that come with it.

[00:01:03] Brad Bussie: If you're a tech enthusiast or a professional in the field, stay tuned, because this is going to be insightful. Let's start with the basics.

[00:01:14] Brad Bussie: Many companies are eager to expand their cloud presence, especially with the growing demand for AI. For instance, Google recently announced A billion dollar investment in their finished data center.

[00:01:28] Brad Bussie: This shows their commitment to cloud AI growth in Europe. But there's a catch the same tenable report reveals that while most companies want to grow their cloud capabilities. Many don't feel confident about their security measures to do so safely. According to Tenable's 2024 cloud security outlook, navigating barriers and setting priorities.

[00:01:55] Brad Bussie: 97 percent of IT managers are planning to [00:02:00] expand their cloud environments in the next year. However. 45 percent of those in charge of cloud security say they're facing a major skills gap. And Bernard Montel from Tenable, he highlighted that this lack of expertise is a big barrier to implementing new cloud security measures.

[00:02:25] Brad Bussie: This is a real challenge, and cloud computing has revolutionized how businesses operate by offering scalability, cost savings, and easy access to resources. But as more organizations adopt these services, the cybersecurity risks also increase. So a 2024 report from CrowdStrike found that cloud intrusions have jumped by 75 percent in the past year.

[00:02:59] Brad Bussie: Attackers can now penetrate customer environments in as little as two minutes. And that's frighteningly fast. So these threats include data breaches due to vulnerabilities or misconfigurations. DDoS attacks that disrupt services and even insider threats where someone with legitimate access exploits the system.

[00:03:29] Brad Bussie: Now, to combat these, a multi layered security approach is essential. And this means robust access management, encryption, continuous monitoring, and following cloud security best practices. And here's where the skills gap really hits hard. We just need more skilled cybersecurity professionals to manage these threats and Lewis West from Hamilton Barnes pointed out that an aging [00:04:00] workforce and financial challenges post COVID have led to a crisis in the cybersecurity sector.

[00:04:07] Brad Bussie: And ISACA's 2023 report also noted that 39 percent of organizations are looking to fill entry level positions that don't even require experience, degrees, or credentials. It's honestly a perfect storm of challenges. Without dedicated cloud security experts, companies risk overlooking critical issues like misconfigurations and failing to implement strong access controls.

[00:04:39] Brad Bussie: Even outsourcing security has its risk. 33 percent of respondents in the tentacle report see third party suppliers as one of. The biggest risks to their cloud infrastructure. And, but Bernard Montel summed it up well saying that while the intention to expand cloud systems is clear among IT leaders, the frequency of breaches and risks from third party providers.

[00:05:08] Brad Bussie: Highlight the urgent need for investment in upscaling and resources. Addressing the skills gap is crucial for strengthening cloud security measures and mitigating evolving threats. So, for all the tech leaders and cybersecurity professionals listening, it's time to prioritize upskilling and investing in your security teams.

[00:05:35] Brad Bussie: The cloud offers immense opportunities, but only if we can secure it effectively.

Investing in Healthcare Cyber Resiliency

[00:05:41] Brad Bussie: Second topic, US pumps 50 million into better healthcare cyber resiliency. We have an exciting development from the Advanced Research Projects Agency. For health or ARPA-H. They've pledged 50 [00:06:00] million to enhance cyber security in hospitals.

[00:06:03] Brad Bussie: This initiative is crucial and I can't wait to share the details. So what's the big plan? ARPA-H, a funding agency set up by the Biden administration to invest in breakthrough technologies in healthcare is launching a program called Universal Patch. And remediation for autonomous defense or upgrade.

[00:06:29] Brad Bussie: The goal here is to bring together hospital IT staff, equipment managers, and cybersecurity experts to create software that makes hospitals more cyber resilient. The upgrade program aims to automate cyber threat solutions and build a platform that evaluates potential vulnerabilities through simulation.

[00:06:52] Brad Bussie: What's really cool is that this platform is designed to adapt to any hospital environment across a wide array of common devices. Now, Upgrade focuses on four key technical areas. First, it's all about creating effective vulnerability management systems. Next, it aims to automatically detect vulnerabilities and develop custom defenses.

[00:07:20] Brad Bussie: Next, The program is also looking to devise methods for quickly identifying software vulnerabilities and creating defenses for each one detected. One of the major challenges this program addresses is the diversity among hospitals. Everything from the types of care they provide and the devices they use to the patients that they serve.

[00:07:45] Brad Bussie: Because hospitals differ so much, developing up to date security programs that address cybersecurity vulnerabilities is tough. these differences can cause delays in essential [00:08:00] software updates, leaving devices and sensitive information at risk. The ARPA-H blog post really drives this point home.

[00:08:12] Brad Bussie: Even short disruptions to IT systems can critically impact patient services, especially as the devices most critical for patient health and safety are among the least protected the complexities in securing the number and variety of Internet enabled medical devices may unwittingly open health care systems to ransomware.

[00:08:39] Brad Bussie: And other cyber attacks. So this program is a call to action for teams to submit proposals, addressing each of the four technical areas. I think it's a fantastic opportunity for cybersecurity experts to make a real difference in the healthcare sector. So for all the cybersecurity professionals out there, this is your chance to get involved in a groundbreaking initiative.

[00:09:06] Brad Bussie: The upgrade program by ARPA-H. Could be a game changer for hospital cyber security, making health care safer for everyone.

YouTube: The New Frontier for Cyber Threats

[00:09:15] Brad Bussie: Third topic, YouTube becomes latest battlefront for phishing and deepfakes. I wanted to highlight a new and alarming frontier in cyber threats. YouTube. According to a recent report by researchers at the security vendor Avast, YouTube has become a hotspot for malicious activities, including phishing, malware deployment, and bogus investment schemes.

[00:09:46] Brad Bussie: Avast is a cybersecurity company that provides antivirus software and other security tools to protect individuals. and businesses from online threats like malware, phishing and [00:10:00] ransomware. They use advanced technologies like AI to stay ahead of cyber threats and also promote cyber security awareness and education.

[00:10:10] Brad Bussie: Despite a data privacy controversy in 2020, I still think they have good data to share for this particular topic, especially when it comes to content creators and small businesses that leverage YouTube. So let's break down what's happening and what it means for you. So Avast researchers focused on two primary threats.

[00:10:34] Brad Bussie: Llama and Redline. these threats manifest through phishing, scam landing pages, and malicious software. Essentially, YouTube is being used as a traffic distribution system. it's directing unsuspecting users to harmful sites. and scams. A particularly concerning trend is the rise of deepfake videos on YouTube.

[00:11:02] Brad Bussie: So these videos feature realistic but fake people or events spreading disinformation and tricking viewers. Avast found multiple high profile accounts, each with over 50 million subscribers that were compromised and hijacked to spread cryptocurrency scams using deep fake videos. And these videos are made even more deceptive with fake comments and malicious links.

[00:11:36] Brad Bussie: Researchers identified five main methods that threat actors are using to exploit YouTube. First, phishing emails. Personalized phishing emails are sent to YouTube creators proposing fake collaboration opportunities to gain their trust. And then send malicious links and malicious links in video descriptions.[00:12:00]

[00:12:00] Brad Bussie: These are bad actors that use compromised video descriptions to include malicious links, tricking users into downloading malware. There's hijacked channels. Attackers hijack YouTube channels and repurpose them to spread other threats, like cryptocurrency scams. There's exploiting software brands.

[00:12:23] Brad Bussie: Attackers create fraudulent websites that look legitimate, but are loaded with malware. They use social engineering in videos to guide users to these sites. There's malware disguised as helpful tools. So videos present malware as a helpful tool, deceiving users into downloading harmful software. Avast has played a role in mitigating these threats.

[00:12:52] Brad Bussie: protecting more than 4 million YouTube users in 2023 alone and around 500, 000 users in the first quarter of this year. So for everyone that's out there, whether you're a content creator or a regular viewer, stay vigilant and informed. It's crucial to train and reassure employees That it's okay to notify their security team or other colleagues if they receive unusual requests, such as providing login credentials, moving money, or buying gift cards.

[00:13:28] Brad Bussie: I think what I've highlighted here is that the digital world can be a dangerous place, and platforms like YouTube, while immensely popular, are not immune to these threats. So stay informed. Educate others and always be cautious with suspicious links or requests.

[00:13:51] Brad Bussie: Thank you for joining me and I look forward to next time on the State of Enterprise IT Security [00:14:00] Edition.