Adversarial Podcast Ep. 26 - US Treasury's Cybersecurity Failures, SEC scraps proposed cybersecurity rules, what makes AI Security different | The Adversarial Podcast

In this episode of the Adversarial Podcast, Jerry, Sounil, and Mario celebrate their one-year anniversary and reflect on the past year. They discuss challenges banks are posing to the Treasury regarding cybersecurity failures and the risks of sharing data with regulators, suggesting on-site reviews instead. The conversation extends to third-party risk management and the importance of securing sensitive data. They also touch on the SEC scrapping cyber rules for investment advisors and the implications of the current geopolitical climate on cybersecurity. The hosts then delve into AI, discussing a Microsoft Copilot flaw and the broader concerns around agentic AI, its potential for phishing attacks, and the need for caution in trusting AI for critical tasks, advocating for process investment and efficient implementation of controls.

Outlines

Sign in to continue reading, translating and more.

Continue

Adversarial Podcast Ep. 26 - US Treasury's Cybersecurity Failures, SEC scraps proposed cybersecurity rules, what makes AI Security different

The Adversarial Podcast

Podcast Anniversary and Reflections on Financial Services and Security

Banks Challenge Treasury on Cybersecurity Failures of Regulators

Data Collection by Regulators and the Risk of Watering Hole Attacks

Specific Data Requests and the Devil's Advocate Perspective on Regulator Oversight

Balancing Cyber Risk and Regulatory Oversight

Pen Test Reports and Honey Tokens

Expanding the Definition of Regulators and Third-Party Risk Management

Agreement, Test, and Enforcement in Third-Party Relationships

Elevated Cyber Threat Environment and the Impact on Security Programs

Hedge Fund Security and the Microsoft Copilot Flaw

LLM Guardrails and the AI Religion

Trust but Verify and Agentic AI as an Investment in Process

Logic Breaking and Business Debt

AI and Job Replacement

Adversarial Podcast Ep. 26 - US Treasury's Cybersecurity Failures, SEC scraps proposed cybersecurity rules, what makes AI Security different

The Adversarial Podcast

00:00Podcast Anniversary and Reflections on Financial Services and Security

Podcast Anniversary and Reflections on Financial Services and Security

03:31Banks Challenge Treasury on Cybersecurity Failures of Regulators

Banks Challenge Treasury on Cybersecurity Failures of Regulators

07:36Data Collection by Regulators and the Risk of Watering Hole Attacks

Data Collection by Regulators and the Risk of Watering Hole Attacks

12:25Specific Data Requests and the Devil's Advocate Perspective on Regulator Oversight

Specific Data Requests and the Devil's Advocate Perspective on Regulator Oversight

15:19Balancing Cyber Risk and Regulatory Oversight

Balancing Cyber Risk and Regulatory Oversight

18:21Pen Test Reports and Honey Tokens

Pen Test Reports and Honey Tokens

23:03Expanding the Definition of Regulators and Third-Party Risk Management

Expanding the Definition of Regulators and Third-Party Risk Management

27:29Agreement, Test, and Enforcement in Third-Party Relationships

Agreement, Test, and Enforcement in Third-Party Relationships

32:35Elevated Cyber Threat Environment and the Impact on Security Programs

Elevated Cyber Threat Environment and the Impact on Security Programs

37:13Hedge Fund Security and the Microsoft Copilot Flaw

Hedge Fund Security and the Microsoft Copilot Flaw

41:13LLM Guardrails and the AI Religion

LLM Guardrails and the AI Religion

45:01Trust but Verify and Agentic AI as an Investment in Process

Trust but Verify and Agentic AI as an Investment in Process

50:57Logic Breaking and Business Debt

Logic Breaking and Business Debt

55:37AI and Job Replacement

AI and Job Replacement