The Ever-Increasing Danger of Cyberattacks – With Sean Hoar of Lewis Brisbois

In this episode of CHATTINN CYBER, Marc Schein interviews Sean Hoar, of Lewis Brisbois and chair of the Data Privacy & Cybersecurity Practice. He has extensive experience managing responses to digital crises and effectively marshaling resources to contain and remediate information security incidents. He served as the lead cyber attorney for the U.S. Attorney’s Office in Oregon, and he worked closely with the Computer Crime & Intellectual Property Section in Washington D.C. He holds the Certified Information Systems Security Professional (CISSP), the Global Information Security Professional (GISP), and the Certified Information Privacy Professional/United States (CIPP/US.

Sean served in the US Attorney’s Office for many years where he handled career cases that exposed him to the digital world of electronic surveillance. He believes that cyber hackers have evolved fast and have become more sophisticated over the years, leveraging the systems and applications. Sean explains that as long as cybercriminals are able to monetize data; ransom and other exploits are going to continue, the most dangerous of which right now is extortion. Sean explains how he advises his clients to give information to the FBI who gather evidence across the country and attribute each case to malicious actors, they hold them accountable, and criminally charge them.

Sean explains why security starts with setting up foundational basics in an organization. He also describes the criteria they use to ensure advanced cybersecurity for their clients: they make sure the internal teams understand what they’re supposed to do, and the external teams stay in touch with their obligations. Companies need to put cyber procedures in place to avoid financial consequences in the long run if they are not proactive. “But for me, it’s a matter of helping them really visualize what it will look like, and until they understand that, it’s going to be hard to get them to take action.”

Companies that carry cyber insurance are well educated and have immediate attention and deployment of resources they need to go from one side to the other, which limits the expense and the impact of the attack. Companies without insurance, on the other hand, struggle on who they should call because they don’t have the education and systems in place to go from one side to the other. They contact the wrong people which results in more confusion and expenses.

What You Will Learn:

  • The danger of cyber ransom exploits and extortion in risking data privacy online.
  • Why cybercrimes are only going to increase in the future and become more dangerous
  • How Sean helps his clients visualize their cyber exposure procedure as a long-term financial investment.
  • The difference between companies that carry cyber insurance and those who don’t.
  • The tools that Sean created to deal with information security control assessments and response planning for the private sector.
  • The power of building a stable effective team with the right attitude.

Cybersecurity Across Sectors — Chattinn Cyber with Vince Stewart

In this episode of Chattinn Cyber, Marc Schein interviews retired Lieutenant General Vince Stewart. He is the Chief Innovation and Business Intelligence Officer at Ankura and Founder/CEO of Stewart Global Solutions. In previous roles, he has served as the Director of Intelligence at the USMC, Commanding General of the Marine Forces Cyberspace Command, Director of the Defense Intelligence Agency, and Deputy Commander of the US Cyber Command.

Born in Jamaica, Vince was determined to live the American dream. In 1971, he and his sister joined their mother in the US with nothing but hope and a vision — no titles, no special privileges, only the basics. He learned to play American football and started at Western Illinois University with a scholarship, eventually being recruited into the US Army ROTC program. He was determined to serve and give back to the country that gave him all these opportunities. 38 years later, Vince retired with many medals and distinctions, all of which he modestly credits to the individuals who served beside him.

Vince speaks deeply to his transition from public to private sector and how despite many years of experience, many challenges still emerged. While in the public sector he was executing the budgets, the private sector forced him to maneuver making the budget and consider the margins in order to facilitate it. The heavy reliance on litigation in the private sector was also a learning point for Vince.

Vince strongly advocates for “collective defense” – a collaboration between organizations and government agencies for sharing intelligence and solutions to win the fight against the very real threats in cyberspace.

Around 60% of large companies ($100 million +) never recover from a data breach. Vince explains the misconception that large companies are the only ones at risk – some criminals want $20 million, but some want just $5000! The mere fact that we all have data that we want to protect is a point of great interest to nation-states and criminals. As a company, around 70% of breaches are as a result of insider activity.

Vince talks about the evolution of phishing and how susceptible many people are to those types of schemes. About 5% of people are curious enough to open an email with the subject line “don’t open this email.” What about the other 95%? Smarter criminals are developing socially engineered phishing, in the form of ads tailored to a person’s interests – you see the ad and you click on the link.

To learn more about Vince’s incredible career, from landing in America with nothing but the basics, to climbing the ladder and becoming the Deputy Commander of the United States Cyber Command, listen to this episode of Chattinn Cyber with Marc Schein.