Sounil Yu on FCC Consent Decrees and API Security
In this special episode of Modern Cyber, Jeremy chats with Sounil Yu about a recent consent decree from the FCC that specifically calls for improved API security. They discuss what consent decrees are, their seriousness, and the potential consequences for companies that fail to comply. Sounil also provides insights into best practices for API security and the role of standards like NIST and OWASP in guiding organizations.About Sounil Yu:Sounil Yu is a cybersecurity luminary with a rich background as a former CISO and chief security scientist at Bank of America. He is renowned for his groundbreaking work in reshaping cybersecurity approaches, notably creating the Cyber Defense Matrix and the DIE triad. As the Co-founder of Knostic, Sounil continues to push boundaries in the industry, offering innovative solutions to cybersecurity challenges. His expertise and thought leadership have earned him recognition as a leading figure in the cybersecurity community. In the News 1 - https://therecord.media/tracfone-16-million-to-settle-fcc-investigation In the News 2 - https://cyberscoop.com/fcc-tracfone-wireless-reach-16m-cyber-and-privacy-settlement/ The Full Consent Decree : https://docs.fcc.gov/public/attachments/DA-24-481A1.pdf FCC Statement: https://docs.fcc.gov/public/attachments/DOC-404156A1.pdfOWASPI API Top 10: https://owasp.org/API-Security/editions/2023/en/0x11-t10/