Cybersecurity Headlines Department of Know: President signs defense bill, time flies at NIST, Italian ferry malware
16 snips
Dec 23, 2025 This week features Jason Taule, CISO at Luminis Health, and Chris Ray, Field CTO at GigaOm. They dive into the implications of a DXS breach and explore the complexities of third-party SaaS risks in healthcare. The duo discusses an Italian ferry malware incident, revealing vulnerabilities from crew-installed software. They also analyze the recent defense bill regarding private cyber operations and the ripple effects of the NIST atomic clock event on network time protocols. Their key takeaway? Resilience is crucial; always expect the unexpected.
AI Snips
Chapters
Transcript
Episode notes
Open Source Has Hidden Security Costs
- Open source software brings benefits but also security debt and supply-chain risk.
- Vet binaries and maintain a known-good repository before deploying open-source components.
Don't Chase Rumors About Policy Shifts
- Rumors about major policy changes often differ from final legislation, so avoid overreacting.
- Focus planning on confirmed policy actions, not early headlines.
Private Firms Can't Fully Replace Government
- National security partnerships with private firms raise complex tradeoffs around authority and capability.
- Government must remain engaged rather than fully abdicating cyber responsibilities.