Mandy Logan

Mandy Logan, a security practitioner who advises on regulatory and practical security, helps 'de-curmudgeon' the panel. Conversation jumps from ADS-B spoofing and how trackers render fake aircraft to federal cybersecurity policy, FedRAMP and software attestation rollbacks. They also cover Fortinet SSO compromises, patched Microsoft Office OLE issues, and hacking defunct e-scooters.

Ed Skoudis, a cybersecurity educator and author, joins the discussion alongside Mandy Logan to dive into the ethics of cybersecurity. They explore the moral dilemmas faced by professionals and the significance of a solid ethical framework when dealing with sensitive information. Personal experiences highlight the importance of mentorship and the challenges of whistleblowing. The conversation also touches on vulnerabilities in outdated technologies and key developments in the cybersecurity landscape, emphasizing the urgent need for integrity in the field.

Kayla Williams, Chief Security Information Officer at Devo and advocate for SOC analyst wellness, tackles the pressing issue of burnout affecting 83% of IT professionals. She highlights how AI can alleviate stress for security teams. Additionally, Mandy Logan joins the conversation, adding her expertise on AI's role in enhancing cybersecurity measures. They explore the need for improved mental health support within the industry and proactive strategies for fostering analyst engagement, ultimately advocating for AI as a helpful partner in cybersecurity efforts.

Tod Beardsley, Vulnerability Analysis Lead at CISA, offers deep insights into the Known Exploited Vulnerabilities catalog. He explains its creation and practical usage in enhancing cybersecurity. The conversation also touches on the resurgence of pagers for secure communications, the implications of Android TV malware, and the complexity of supply chain vulnerabilities. Additionally, the group humorously explores the quirks of cryptography and the evolution of network security tools, blending technical analysis with engaging anecdotes.

Lee Kim, a cybersecurity and privacy officer at HIMSS, joins the discussion alongside regular contributors Mandy Logan, Sam Bowne, and Lee Neely. They delve into the ramifications of the EU Cyber Resilience Act on product security and the legal complexities arising from recent Supreme Court rulings. The team also addresses cybersecurity breach disclosure laws and the challenges facing security researchers under current regulations. Additional highlights include insights on SEC mandates and the evolving landscape of digital threats, emphasizing the importance of legal knowledge in tech.