In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the FTC’s order for Marriott and Starwood to enhance their data security measures, a recent hijacking of a Chrome extension, and emerging threats for 2025. They also delve into the implications of AI in cybersecurity, emphasizing the need for governance and risk management as AI technologies become more pervasive in the workplace.

Takeaways

• 
  
• The FTC has mandated Marriott and Starwood to implement a comprehensive security program for 20 years.
  
• Data breaches can lead to significant regulatory actions and long-term consequences for companies.
  
• The hijacking of browser extensions poses a serious risk to user data and security.
  
• Emerging threats for 2025 include zero-day exploits and supply chain attacks.
  
• AI governance is crucial as employees increasingly use AI tools without oversight.
  

Links

• 
  
• https://www.bleepingcomputer.com/news/security/ftc-orders-marriott-and-starwood-to-implement-strict-data-security/
  
• https://www.bleepingcomputer.com/news/security/cybersecurity-firms-chrome-extension-hijacked-to-steal-users-data/
  
• https://www.darkreading.com/vulnerabilities-threats/emerging-threats-vulnerabilities-prepare-2025
  
• https://www.securityweek.com/beware-of-shadow-ai-shadow-its-less-well-known-brother/