Shut The Backdoor podcast

1
The Quiet Disruptor - Inside an Interns AI Innovation 14:56

3일 전14:56

나중에 재생

리스트

14:56

"If we can scale AI for better use, it can make the world a better place rather than just your daily personal life." Notable Moments: [01:27] Marina explains her AI project with indigenous communities in New Zealand [03:26] Researching AI responses in abortion counseling [07:43] Ten weeks in Namibia studying environmental science and conservation [10:46] Using machine learning to study tree pod dynamics and herbivore consumption [12:24] Expanding AI research into plant growth and climate variability [13:25] Marina’s perspective on scaling AI to make the world better In this bonus episode, Jody, Meghan, and Matt talk with Redox intern Marina Freya about her innovative work at the intersection of AI, healthcare, and environmental science. From empowering indigenous communities in New Zealand to studying conservation in Namibia, Marina shares how AI can both protect ecosystems and influence patient care. She emphasizes the importance of cultural respect, accuracy, and using technology to create meaningful global impact. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
A Hacker Summer Camp - Inside DEFCON 2025 24:41

10일 전24:41

나중에 재생

리스트

24:41

"DEF CON is one of those places where you walk in expecting to learn one thing and walk out realizing the possibilities are far greater than you imagined." Notable Moments [02:24] – Trevor explains what DEF CON is and why it’s unique. [04:36] – The rise of inclusivity and community groups like WISP and Diana Initiative. [06:55] – Villages and Capture the Flag competitions explained. [09:22] – A boat inside the Maritime Hacking Village surprises attendees. [10:32] – The AI Cyber Challenge: DARPA and ARPA-H host a $4M competition. [15:23] – Kubernetes workshops bring practical, take-home lessons. [15:48] – Attacking AI image classifiers sparks conversations about healthcare. [21:36] – Matt shares why exposure to diverse ideas at DEF CON benefits the Redox team. Trevor Wilson, Staff Security Engineer at Redox, shares his experiences at DEF CON 2025. Trevor highlights the inclusive community, hands-on villages, and thought-provoking workshops. From hacking drones and boats to exploring vulnerabilities in AI models used in healthcare, the discussion reveals how DEF CON inspires curiosity and broadens security perspectives. Episode Resources https://aicyberchallenge.com/ - Main Site https://archive.aicyberchallenge.com/ - Open Source Repos https://defcon.org/ Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
A Bitter Pill - How Ransomware is Crippling Hospitals 30:59

5 weeks 전30:59

나중에 재생

리스트

30:59

"Hospitals don’t just store data. They safeguard stories, care plans, and lives. When ransomware hits, it’s not just a system crash, it’s a trust collapse." Notable Moments 00:01:10 – What ransomware is and how it's evolved 00:04:15 – How the Colonial Pipeline and Vegas attacks sparked Jeffrey’s interest 00:07:10 – Why healthcare is a prime target 00:10:00 – How Jeffrey built a ransomware database of 800+ healthcare entities 00:16:00 – Rise of ransomware-as-a-service (RaaS) and competition between threat actors 00:20:20 – Most targeted entities: hospitals, clinics, specialized care 00:24:20 – Real-life consequences: delays in patient care, increased mortality risk 00:28:00 – The looming threat of AI-trained malicious models In this episode, Jody, Meghan, and Matt are joined by security researcher Jeffrey Bell to discuss the ways ransomware is increasingly crippling hospitals. They explore how healthcare has become one of the most targeted industries, why ransomware is shifting from encryption to data exfiltration, and how threat actors now operate like businesses complete with affiliate models, revenue sharing, and even training. Jeffrey shares how he built a comprehensive subcategorized database of healthcare-related ransomware attacks and offers insight into why specialized care and hospitals are becoming prime targets. The group discusses real-world consequences, from system shutdowns to patient deaths, and emphasizes the need for proactive community defense and cross-sector collaboration. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
The Healing Network - CISO Relationships in a Ransomware Era 26:47

9 weeks 전26:47

나중에 재생

리스트

26:47

"Security isn’t proprietary. Sharing what works makes us all safer." Notable Moments 01:29 – Rise in ransomware and the case for collaboration 03:41 – Why reinvention puts you at risk 05:12 – The danger of building relationships mid-crisis 08:10 – Balancing information sharing and confidentiality 09:26 – How groups like HISAC facilitate secure collaboration 12:24 – Learning from incidents you haven’t experienced 18:06 – Building networks at all levels, not just CISOs 21:46 – Advice for making the first outreach 23:31 – Using your current network to grow your reach With healthcare breaches escalating, the team explores why proactive collaboration among CISOs and security teams is essential. Matt Mock highlights the benefits of forming external relationships before incidents occur, from faster responses to shared resources. Meghan McLeod emphasizes that security collaboration isn’t limited to leaders—any team member can contribute through platforms like HISAC or direct outreach. The episode outlines tactical strategies to prioritize relationship-building and shares the value of structured, ongoing communication across the healthcare security space. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
An AI Agenda - Robots, Rules, and Really Big Questions 20:57

14 weeks 전20:57

나중에 재생

리스트

20:57

“We have to make sure AI doesn’t just automate what we've always done. It should elevate what’s possible.” Notable Moments 00:40 – What’s pushing us to talk about AI now? 04:22 – A call for AI mission statements 08:18 – When tools lead before people: the risk of reactive adoption 11:05 – Defining AI boundaries: what it should never replace 15:33 – ChatGPT, Canva, Magic School: the tools already in use 18:42 – The importance of transparency and human oversight 22:55 – Reframing AI as “instructional support,” not just automation AI isn’t something on the horizon. It’s already woven into our daily workflows, often in ways we barely notice. As Redox team members, we’re right in the thick of it, navigating both the promise and the risks that come with this powerful technology. Our aim is to make AI practical, secure, and empowering across our organization. With insights from our security engineering team and guest Brent Ufkes, we focused on key strategies that work for us. When new AI tools crop up, curiosity comes first, but we never skip the important questions: Who’s using it? What kind of data is involved? How does it fit into our existing risk frameworks? Our approach is audience-centered. We evaluate AI exactly as we would any other tool, by layering data classification and security reviews to make sure nothing sensitive, especially PHI, gets mishandled. Education sits at the core: regular updates in Slack, comprehensive living documents, and clear policies all aim to keep things transparent and flexible. Brent reminds us that all policies work together. AI doesn’t trump privacy or compliance, and training never ends. We’re building a “culture of learning,” leaning on established security tools like DLP solutions and endpoint monitoring to keep things safe behind the scenes. AI tools are only as good as the context we provide and the prompts we write, and we’re always improving together. The biggest takeaway? AI can give us a real edge if we put security, clarity, and cooperation first. At Redox, we don’t just adapt to change; we shape it, one secure workflow at a time. Resources Have feedback or a topic suggestion? Submit it using this linked form . www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
The Lost and Found Files - Data Loss Prevention 19:37

18 weeks 전19:37

나중에 재생

리스트

19:37

"DLP is not just a tool that we have. It's also the ongoing education that we have for our employees to further minimize the occurrences of data mismanagement." Having strong Data Loss Protection (DLP) systems stops bad actors while also protecting employees from making accidental mistakes too. Every day, we put trust in the secure flow of health data. However, no matter what safeguards are in place, human error is one of the most common causes of data loss in companies. Security engineer, Zak Cowan, joins to share why data loss protection, or data leak protection, is paramount for a company like Redox. The everyday person may think about DLP as a way of securing photos and contacts. However, there is a lot more data that comes in and out of a corporate system. To those companies, data loss protection, or DLP, covers critical information such as social security numbers, bank account numbers, and particularly for a company in our space, health information. DLP protects companies from this sensitive information making its way out of their secure ecosystem and into potentially harmful hands. DLP is much more than stopping cybercriminals; it’s about creating guardrails for our whole team, preventing unintentional mistakes that can expose sensitive info, especially as so many of us work remotely or on the go. It’s not just the big bad outsiders we have to watch for. The majority of data leaks happen because of honest errors by well-meaning team members. That’s where DLP tools shine. By monitoring endpoints and cloud apps, we add invisible safety nets without grinding productivity to a halt. Education is equally critical. The best DLP solution works hand-in-hand with ongoing security training, offering helpful nudges right when someone needs them. As technology races ahead, especially with the rise of AI, our strategies can’t remain static. Zak urges us to stay curious and agile, integrating DLP solutions that evolve as new threats, tools, and workflows emerge. AI brings both risk and opportunity, so our policies and education need to keep pace, making sure every Redoxer knows what’s ok (and what’s not) when it comes to handling data. Protecting sensitive information is like having a dedication to locking the digital doors while also making sure we haven’t accidentally left a window open. At Redox, keeping health data secure is a team sport. By blending the right tools, targeted education, and a healthy dose of vigilance, we’re collectively shutting the back door one proactive step at a time. 00:52 Corporate Data Loss Protection 03:24 Remote Work DLP Challenges 07:18 Security Education Needs Technical Support 11:12 Alert System Enhances User Awareness 14:35 AI's Impact on Data Security 17:31 Unexpected Innovations Challenge Policy Adaptation Resources Have feedback or a topic suggestion? Submit it using this linked form . www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
A Phishing Trip - The Constant Evolution of Social Engineering Attacks 36:32

22 weeks 전36:32

나중에 재생

리스트

36:32

"That's when it starts getting really scary. This is no longer just an email trying to get some gift cards. This stuff can lead to the bigger attacks that then can directly impact patient care." Notable Moments 01:02 Phishing: Persistent Cybersecurity Threat 03:27 Cybersecurity’s Evolving Threats 09:15 Phishing Scams: Calls and Video 10:23 Rise of Deepfake Scams and Counterfeit Reality Attacks 15:43 Vulnerability in Healthcare as Cybersecurity Threats Escalate 21:49 MFA and Password Management Trends 24:39 Stopping Phishing with Email Security 28:24 Advanced Phishing Training Strategies 32:05 Effective Phishing Training Strategies 34:07 Ineffective Automated Training Solutions Episode Resources CrowdStrike 2025 GlobalThreat Report CrowdStrike 2025 GlobalThreat Report Gartner Article https://www.gartner.com/en/newsroom/press-releases/2025-03-18-gartner-predicts-ai-agents-will-reduce-the-time-it-takes-to-exploit-account-exposures-by-50-percent-by-2027 Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com Receiving a suspicious email, a text message claiming a lottery win, or an urgent request from a "bank" are instances of a cyber menace many know as phishing. While the term might initially bring the mental image of casting a line into a tranquil lake, this type of phishing is anything but relaxing. It’s a threat lurking in our inboxes and beyond, which is why it is important to stay vigilant with the ever-evolving social engineering attacks. Phishing has been a thorn in the side of cybersecurity for ages. The goal is to secure sensitive data like passwords or financial information or to install malicious software on a device, all under the guise of legitimate communication. The attackers attempt to capitalize on human error, exploiting the trust between people and technology. Phishing remains a top method for hackers due to its low cost and unfortunate high success rate. As Matt Mock highlights, phishing's simplicity is what makes it so dangerous. Grammatical errors or suspicious links used to make phishing attempts easy to spot. Now AI advancements have made attacks more sophisticated by creating convincing emails clear of grammar errors. They are using voice calls, video messages, and text messages with deceptive stories that sound real while demanding quick action. Home networks have brought on new challenges as remote work blurs the lines between home and professional security. The valuable data in healthcare makes them an irresistible target for cybercriminals. Healthcare data is rich with information that commands a high price in the black market. Attacks that compromise healthcare data can have serious repercussions, affecting both privacy and the quality of care. The need to protect healthcare data has never been more pressing. Preparation is paramount. Improve defenses by emphasizing advanced security measures like multifactor authentication (MFA), engaging training programs, and regular phishing tests. As cybersecurity professionals at Redox, we have the tools and responsibility to educate and protect against these persistent threats. Stay vigilant so you can help others anticipate the next wave of phishing schemes. Remember, it’s not just about locking the back door; it’s about securing all entry points.…

1
A Hacker's Welcome - Benefiting From the Bug Bounty 26:06

25 weeks 전26:06

나중에 재생

리스트

26:06

"Putting this effort into the bug bounty helps us identify any sort of gaps that we might be missing, plug holes as fast as we can, and reward the researchers for all the efforts that they spend with us." Being asked to embrace hackers may sound counterintuitive. However, in today's fast-paced world of healthcare security it's a strategy worth exploring. Brent Ufkes is a staff security engineer at Redox, joins for a conversation about bug bounty programs. He shares how these programs can become a game-changer for organizations like ours. This episode explores: Understanding Bug Bounty Programs: Brent breaks down the essentials of a bug bounty program, how it contrasts with traditional penetration testing, and the ongoing collaboration it fosters between organizations and ethical hackers. Benefits Beyond Security Companies: There are a number of people that can benefit from bug bounty programs. Brent shares insights that it’s not just for security companies; any organization that offers a solution can find value in welcoming ethical hackers. Healthcare’s Unique Security Challenges: With considerations to compliance and patient safety, the conversation delves into why healthcare organizations, in particular, should consider bug bounty programs to safeguard against an evolving threat landscape. Embracing bug bounty programs is a way to preemptively uncover vulnerabilities and enhance security postures, especially in the healthcare sector. Are you curious about how a bug bounty program could be implemented in your organization? Tune in to "Shut the Back Door" to better understand how this proactive approach to security can transform your stance in the digital realm. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
The Final Logoff - Streamlining Secure Departures 21:38

27 weeks 전21:38

나중에 재생

리스트

21:38

"Everyone who's part of a health care organization or health care tech has access to really private information. And getting that access removed from somebody who's leaving the organization is key." Key Moments 02:23 Streamlining Through Automation 05:55 Streamlining Tool Access and Security 08:54 Centralize Identity with Single Sign-On 11:41 Automated Offboarding: Quick and Secure 13:25 Automating Environment-Specific Challenges 17:10 Streamline Access to Protect Data 19:51 Streamlined Process vs. Disorganization Streamlining secure departures is not just an operational necessity; it’s a pivotal component of our organization's security framework. During our latest discussion, we explore how automating the final logoff process can transform the way we handle employee departures. Bill Easton, a skilled staff security engineer at Redox, joins to highlight practices that can enhance our security posture. The overarching theme is that automation is king. Bill emphasizes that efficient offboarding begins with a central access system integrated with our HR information system. By automating access removal, we significantly reduce the chances of oversight and enhance security resilience. A streamlined, repeatable process ensures no system is left vulnerable due to manual mishaps. Meghan McLeod highlights the importance of role-based access rather than one-off permissions. This approach not only simplifies automation but also ensures that access can be efficiently managed across various roles within the company. Bill shared his experience at Redox, where continuous improvement in automation is a priority. Even though achieving full automation is a journey, each step forward makes a difference. We’re currently at an 80:20 ratio, and the push for seamless automation continues. To further safeguard our operations, Bill advises centralizing identity management through single sign-on (SSO). This strategy not only enhances user experience but also fortifies security by consolidating access control. As we steadily build this framework, let’s ensure our team is aligned with these processes and ready to tackle future security challenges with precision and efficiency. As always, it’s about locking the back door to safeguard our most sensitive information. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
A Trojan Horse - Hiring Malicious Actors 29:54

27 weeks 전29:54

나중에 재생

리스트

29:54

"Everybody in the hiring pipeline should really be looking out for this. Every person that touches a candidate has a chance to pick this up before someone gets hired." Key Moments 00:42 Insider Threats for Financial Gain 06:10 High-Profile Cybersecurity Incident Reporting 09:16 Healthcare Data Extortion Risks 10:40 Spotting Red Flags in Hiring 14:14 Security and HR Collaboration in Hiring 17:23 Identifying Security Red Flags 19:51 Verifying Candidate Authenticity Steps 23:34 On-Camera Hiring Best Practices There is a new security concern that is catching many off guard: hiring malicious actors. Matt Mock, our CISO, shares that instances of fake candidates, particularly those backed by entities from countries like North Korea, are no longer a rarity. These actors typically have financial motives as their primary aim and have a surprising sophistication. They employ stolen identities and may even be working with domestic associates to get their foot in the door. As Meghan McLeod points out, these aren't mere hypotheticals. Even companies like KnowBe4 have reported encounters, underscoring that no organization is too small to be targeted. It is important to be vigilant in the hiring process. There are a number of red flags during remote interviews that are worth being aware of such as inconsistencies in a candidate's story, reluctance to appear on video, or unusual locations to send equipment. But it's not just about catching these actors during interviews. Some of these actors may be hired before they start to show subtle but suspicious activities. Accessing systems from unexpected locations or changing device settings to a foreign language can reveal their true intentions. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

1
Introduction to Shut The Backdoor 4:12

27 weeks 전4:12

나중에 재생

리스트

4:12

Welcome to the debut episode of Shut the Back Door, a healthcare security podcast by Redox, hosted by Jody Mayberry alongside Redox’s own Matt Mock, CISO, and Meghan McLeod, Security Engineer. This podcast is dedicated to protecting healthcare data one episode at a time. In this introduction, Meghan and Matt explain Redox's mission as a leader in healthcare interoperability, enabling providers, payers, and health tech organizations to power better care through accelerated, real-time data solutions. The podcast aims to bring Redox’s behind-the-scenes data security expertise to the forefront. As security is a shared responsibility within healthcare, Meghan and Matt emphasize the goal of fostering collaboration and sharing knowledge with the broader healthcare community, ensuring everyone benefits from improved security practices. Listeners can expect monthly episodes featuring Meghan, Matt, and expert guests discussing real-world healthcare security challenges and practical solutions. Resources www.redoxengine.com Past Podcast Episodes https://redoxengine.com/solutions/platform-security Have feedback or a topic suggestion? Submit it using this linked form . Matt Mock mmock@redoxengine.com Meghan McLeod mmcleod@redoxengine.com…

Bounty Quick Size Paper Towels, White, 8 Family Rolls = 20 Regular Rolls

Elmer's Disappearing Purple School Glue Sticks, Washable, 6 Grams, 12 Count - Back to School, Teacher Supplies

Ailun 3 Pack Screen Protector for iPhone 16 Pro Max [6.9 inch] + 3 Pack Camera Lens Protector with Installation Frame,Sensor Protection,Dynamic Island Compatible,Case Friendly Tempered Glass Film

Amazon Basics Dog and Puppy Pee Pads, 5-Layer Leak-Proof Super Absorbent, Quick-Dry Surface, Potty Training, Regular (22x22"), 100 Count, Blue & White

Atmosphere: A GMA Book Club Pick: A Love Story

Mighty Patch™ Original patch from Hero Cosmetics – The #1 Hydrocolloid Acne Pimple Patch for Shrinking Zits and Whiteheads in 1 use; Nighttime Spot Stickers for Face and Skin (36 Count)

Tubi: Watch Free Movies & TV Shows

Minecraft

Crayola Colored Pencils (36ct), Kids Pencil Set, Back to School Essentials, Must Have Classroom Supplies for Kids, Pre-Sharpened Coloring Book Pencils, 3+

들어볼 가치가 있는 팟캐스트

1
Katisha and Javen talk triangles and photobooths with Sam Prince and Liv Bentley 37:22