Automation and AI in Cybersecurity: Enhancing Response Capabilities with Billy Gouveia

Summary

In this episode of #ChattinnCyber, Billy Gouveia, the CEO of Surefire, a prominent cybersecurity firm stops by to chat. Billy chats about quantifying the costs associated with data breaches. He shares what it was like growing up in Boston and becoming the CEO of a renowned cybersecurity company.

Billy acknowledges the significance of #cybersecurity in today’s world, stating that the work being done in the field will have a lasting impact on future generations. He highlights the exponential growth of the tech industry, which is enabled by cybersecurity, and emphasizes the importance of addressing issues such as IP theft and the normalization of cybercrime.

Billy explains that he recognized structural disincentives for current market participants to embrace technology in a different way. He wanted to reframe the role of incident response experts and leverage technology to provide better outcomes for clients. By automating workflows and utilizing technology effectively, Surefire aims to provide faster outcomes, reduce costs, and make clients’ lives better during cyber events. The conversation then delves into the role of automation and #artificialintelligence (AI) in incident response. Billy clarifies that while AI has a role to play in automation, the current focus is more on automation itself. He discusses the advancements in technology and tools for detection, containment, forensic investigations, and restoration.

Billy emphasizes the importance of talent in the field and how automation can streamline processes, allowing experts to focus on guiding clients through business decisions. Billy tells our listeners about cybersecurity controls that provide the best return on investment (ROI). He suggests starting with endpoint detection and response capability, along with multi-factor authentication (MFA) and backups. He explains that the prioritization of controls may vary depending on the nature of the business, such as protecting intellectual property or ensuring uptime.

The discussion then shifts to the challenges of MFA bypass techniques, where threat actors find ways to bypass or degrade MFA controls. Billy explains examples such as MFA fatigue and token theft, highlighting the need for multiple controls and a thoughtful approach to cybersecurity.

In conclusion, Billy reflects on the dynamic and challenging nature of the cybersecurity domain. He emphasizes the importance of seeking guidance from experts like Marsh McLennan Agency #MMA to navigate the complexities of cybersecurity.

Key Takeaways

  1. The Significance of Cybersecurity: Billy Gouveia emphasizes that cybersecurity is among the defining issues of our time, with the work being done in the field expected to impact future generations. The tech industry, enabled by cybersecurity, is a trillion-dollar industry, but it also faces challenges such as IP theft and the normalization of cybercrime.
  2. Reframing the Role of Incident Response: Surefire aims to reframe the role of incident response experts by leveraging technology and automation to provide better outcomes for clients. By automating workflows and utilizing tools effectively, they can provide faster responses, reduce costs, and improve clients’ experiences during cyber events.
  3. Automation vs. Artificial Intelligence: While artificial intelligence (AI) has a role to play in automation, the current focus in incident response is more on automation itself. Automation can streamline processes and allow experts to focus on guiding clients through business decisions. AI’s role in incident response is expected to grow over time.
  4. Prioritizing Cybersecurity Controls: When it comes to cybersecurity controls, Billy suggests starting with endpoint detection and response capability, multi-factor authentication (MFA), and backups. The prioritization of controls may vary depending on the nature of the business, such as protecting intellectual property or ensuring uptime.
  5. Evolving Cybersecurity Challenges: Threat actors are constantly finding ways to bypass or degrade cybersecurity controls. MFA bypass techniques, such as MFA fatigue and token theft, pose challenges. It is crucial to have multiple controls in place and to stay vigilant in adapting to evolving cybersecurity threats.

Key Quotes

  1. “In many ways, cyber is among the defining issues of our time… The stuff we work on now will affect our kids and our grandkids.”
  2. “…if we have automation putting the puzzle together, then what our team can do is focus more on helping the client orient to the picture the puzzle creates, and then guiding our clients through a set of business decisions.”
  3. “I’m hopeful AI can make the offense-defense matchup a lot more symmetric… Maybe AI can close that.”
  4. “Having a response take three days in duration versus three weeks makes their lives better, reduces business interruption.”
  5. “Four or five years of a hard insurance market has done more to improve security controls than 20 years of security professionals howling at black hat or RSA or any of the security conferences.”

About Our Guest

Billy Gouveia is the CEO and Founder of Surefire Cyber, one of the most well-known cybersecurity firms in the country. With over 20 years of experience in cyber, intelligence, and technology, Billy has become a respected figure in the field. His passion for addressing the challenges of cybersecurity and his belief in the importance of technology in incident response led him to establish Surefire Cyber. Billy’s expertise lies in reframing the role of incident response experts and leveraging technology to provide better outcomes for clients. He is dedicated to helping organizations navigate the ever-changing cyber landscape and is committed to making a positive impact in the field of cybersecurity.

Follow Our Guest

LinkedIn | Surefire Cyber

About Our Host:

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

Follow Our Host:

WEBSITE | LINKEDIN

 

Unleashing the Power of Blockchain: Transforming Transactions and Process Engineering

Summary

In this episode of Chattinn Cyber, Marc Schein sits down to chat with Paul Dowding, co-founder and head of design at L4S Corporation, focusing on blockchain technology and its real-world applications. Paul, an authority on digital assets, begins by demystifying blockchain for novices, describing it as a distributed ledger system that eliminates reliance on central authorities for transaction validation. He explains the intricate process of trust-building within blockchain through mathematical hashing, emphasizing its potential to revolutionize peer-to-peer transactions and reduce errors.

The dialogue delves into Paul’s journey into blockchain, revealing his unique background in operational infrastructure and encryption. He recounts how his expertise in engineering and global banking operations converged, leading him to explore blockchain’s capabilities and limitations. Paul’s insights shed light on the challenges faced by early blockchain solutions and the development of Tapestry X, a distributed ledger designed to meet scalability, interoperability, and real-time processing needs.

Marc and Paul explore the intersection of blockchain with AI, highlighting opportunities for algorithmic inference and auditable record-keeping within blockchain networks. They envision a future where blockchain simplifies transactions to the extent of communication protocols, ushering in an era of seamless peer-to-peer interactions. Paul underscores the potential of blockchain in diverse sectors like capital markets, supply chain management, healthcare, and identity verification, showcasing the versatility and adaptability of L4S Corporation’s offerings.

The conversation concludes with Paul extending an invitation for further engagement through LinkedIn and TapestryX.com, emphasizing the accessibility of blockchain technology for businesses and individuals alike. His closing remarks underscore the transformative nature of blockchain as a process engineering and operational control innovation, urging listeners to perceive it beyond mere technological novelty. The dialogue encapsulates the profound impact of blockchain on transactional efficiency, trust-building, and future digital economies, setting the stage for continued exploration and innovation in this dynamic field.

Key Takeaways

  • Blockchain is a distributed ledger technology that allows peer-to-peer transactions without a central authority. It uses cryptographic hashing to ensure data integrity.
  • Blockchain has the potential to simplify transactions, reduce errors, and enable near real-time settlement. It could be as transformative as the internet protocol.
  • Paul got involved with blockchain in 2014-2015 when enterprises were starting to explore it. He saw limitations in early solutions which led to developing Tapestry.
  • There are opportunities to use blockchain to track what data AI bots have absorbed, creating an auditable record. AI could also potentially help drive what gets recorded on a blockchain.
  • Tapestry is a configurable, scalable blockchain solution focused on accounting to enable real-time transactions. It is industry-agnostic and can be used for supply chain, healthcare, voting, and more.

Key Quotes

  • [00:03:10] “So there’s a mathematical way to give your own ledger so that you can trust other people based on what you see, not what they present to you. And then there’s a method of agreeing it across the ledger. And so this allows, rather than you transacting through central authorities, what bitcoin really showed the world was you could transact peer-to-peer, or b-to-b, without that central authority, which then means you can settle in hours, minutes, or not seconds.”
  • [00:06:15] “The […] origination of what became Tapestry X was going back to the basics and saying, okay, let’s take the blockchain concepts, but design a distributed ledger that meets the requirements, configurability, scalability, high capacity, real time with accounting and interoperability.”
  • [00:08:04] “The Internet protocol made the Internet. No one could imagine Netflix streaming, Amazon, Airbnb, Uber before the Internet existed […] once it’s really implemented at scale and universally, [blockchain is] going to open up ideas and services that we can’t even imagine today.”
  • [00:11:31] “Blockchain is not technological innovation. It’s a process engineering and operational control innovation. And that’s how people need to think about it.”

ABOUT OUR GUEST:

Throughout his career, Paul Dowding’s goals have been to develop and improve the global financial services industry commercially and operationally while making it intuitively accessible. Combining an engineering background with practical global operational industry experience and academic research, he has been able to affect innovative change collaboratively. Paul focuses on reducing risks and costs while improving the revenue opportunities, quality, accessibility and speed of innovation within the transactional industries via a differentiating approach to Distributed Ledger Technology (DLT), which he devised and helped design. He created TapestryX from an understanding of process engineering and control, encryption techniques and lay-interest in meta-mathematics.

 

FOLLOW OUR GUEST:

WEBSITE | LINKEDIN

ABOUT OUR HOST:

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

FOLLOW OUR HOST:

WEBSITE | LINKEDIN

How to Prevent Ransomware Attacks in 2023 with Jason Rebholiz

2023 is a totally different year from 2022 when it comes to ransom attacks. Based on the activities on the dark web associated with ransom actors, the numbers are going up. Last year, Russia-Ukraine had the numbers go down, but this year, we have a 102 % increase.

In this episode of the Chattinn Cyber podcast, we have the pleasure of hosting Jason Rebholiz. He is the chief information security officer at Convus Insurance and owns a YouTube Channel called Teach Me Cyber. Jason’s passion for data security is peerless, and his knowledge of the industry is something we should all want to hear. His career started at Mandiant, where he tried different things and came to learn his passion was in data security.

Jason and Marc Schein have an in-depth conversation on Ransomware and data security. Jason brings us up to speed with the current ransomware trends in 2023, the groups that are giving data security experts sleepless nights, the effects of AI on data security, and how organizations can keep their data safe.

Would you like to learn more on how to prevent ransomware attacks? Listen to this episode.

Key Talking Points of the Episode:

[02:20] How Jason got into security

[07:31] Jason’s advice to people who want to join the cybersecurity industry

[10:22] Ransomware trends in 2023?

[13:34] Most common ransomware groups

[16:48] How safe is MFA?

[20:04] How can organizations beef up their data security?

[22:01] How is AI impacting data security?

Standout Quotes from the Episode:

“Understanding the type of MFA is going to become critically important in the future.”

“When companies can go in and create this baseline of the security controls, they are going to be more protected against ransomware and other attacks than somebody that does not have that.”

Connect With Jason Rebholiz:

LinkedIn: https://www.linkedin.com/in/jrebholz/

YouTube: https://www.youtube.com/@teachmecyber

 

 

The Rise Of AI And AI Cybersecurity: How To Future-Proof The Technology of Tomorrow With Vickram Kooblall

In this episode of CHATTINN CYBER, Marc Schein interviews Vickram Kooblall, CIO and CISO at Scahill Law Group. Vickram is in charge of managing the firm’s operations and directing its technology infrastructure. He investigates and analyzes the firm’s digital transformation and cybersecurity resilience initiatives.

Vickram tells us about his upbringing and what led him to a career in cybersecurity. He reveals that the internet was never designed with security in mind, but as it grew, we realized how important it is to manage, secure, and protect data.

Vickram also describes how artificial intelligence has become the digital transformation means of law firms and many other organizations. AI and ML have greatly aided attorneys in many areas, including contract management, document management, due diligence, legal research, behavioral prediction, and so on, allowing them to become better litigators. According to Vickram, law firms deal with sensitive data daily, so data security is critical. He also shared some basic hygiene tips, like, using a strong password and multi-factor authentication.

Internal and external threats are treated equally by law firms. Internal threats are prevented/curbed with utmost employee care, especially during times like the great resignation or big quit, because data is the most important threat then. To ensure data security, many organizations today use zero trust. Encryption is also critical.

Towards the close of the episode, Vikram emphasizes the importance of focusing on AI security because of the numerous native adversarial attacks specific to AI. So, it is important that organizations using data and developing an AI model must also ensure its security.

Listen to the conversation for more details!

Highlights:

“Well, certainly in terms of zero trust is becoming, you know, one of those big, you know, big things that we’re seeing organizations do more and more, we are certainly seeing user rights and access management, being something that is looked at very closely and monitored, you know, who should have access to what and when. Also, I think the timing is very important when you’re working on a large case or a particular matter. Those individuals that don’t need access should not have access to those specific cases. During that time. And, you know, it’s going to come back to encryption.”

“You know, in terms of some basic hygiene, one of the biggest things it comes back to is also employee training. That has been one of my focuses, you know, in the last two years ensuring that the employees themselves are very well versed and understand threats that come their way. You know, in terms of strong passwords, that’s been some of the basic hygiene that every organization should implement, and more so many law firms. I have seen at least, maybe once or twice during a week of some law firm email being compromised due to exactly that not having a strong password, we have multi-factor authentication, which is certainly a must-have for any organization, especially, you know, law firms in this space..”

“I think, AI has become the digital transformation that we’ve been looking for. Look, law firms are very slow in adopting new technology and trying to, you know, get a, you know, trying to, it’s always been such a labor-intensive type of practice.”

Time-Stamps: 

[00:29] – How Vickram became executive director of the most prestigious law firm in the Northeast

[03:38] – Why is Artificial Intelligence important for law firms?

[05:38] – The best practices in law firms to secure data

[07:12] – Is Vickram concerned more about internal threats or external threats?

[08:49] – How to mitigate some of the internal threats inside an organization?

[10:15] – How is AI security important?

Connect with Vickram:

 

LinkedIn: https://www.linkedin.com/in/vickramk/