meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, October 6th 2016

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 6 October 2016

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min infosec news summary. News, patches, vulnerabilities and trends in information security. Ouch Newsletter; Security Fatigue; Selfi Pay; MarsJoke Decrypter

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, October 6, 2016 edition of the Sand Center at Storm Center's Stormcast.

0:07.5

My name is Johannes Ulrich, and the day I'm recording from Honolulu, Hawaii.

0:12.1

Today, the sand securing the human project released the next monthly edition of its Oach newsletter.

0:19.2

This is again targeting a non-technical audience, so not the

0:23.7

average listener of this podcast. But this is something great that you can share with friends,

0:30.5

families, and colleagues. This time it just sort of focuses on four relatively straightforward

0:36.7

things to communicate, to stay safe online.

0:41.3

Things like general awareness of the user himself, then also passwords, patching, and backups.

0:49.4

Probably if you get those four things reasonably done well, then you really can evade most of the threats out there.

0:58.3

And please remember, when you talk to non-technical users, keep it simple, focus on a couple of easy items that are actually doable,

1:07.3

not something that's too complex and then doesn't get done anyway.

1:11.6

And well, just to confirm this, we do have a new study that was created by NIST,

1:17.6

the National Institute of Standards and Technology, that did interviews with regular users about computer security. And what they found is something they describe as

1:31.3

security fatigue. Essentially, users are just overwhelmed with all the things they have to do,

1:38.3

they have to remember when it comes to security. Like for example, advice that's often given that you do need different

1:45.7

passwords for different sites and they have to be, well, hard to guess, which also makes them

1:51.3

hard to remember.

1:52.6

And then you don't give users tools like password managers in order to manage all these passwords,

1:59.1

which, of course, then users essentially just give up on it and go back to using the same password over and over.

2:07.6

This particular study came up with three different points that you should consider when you are designing security programs.

2:16.6

Number one, limit the number of security decisions

2:20.3

users need to make, and then make it simple for users to choose the right security action,

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.