AI, Propaganda, and Lessons On Advanced Cybersecurity with Paul Christopher

In this episode of CHATTINN CYBER, Marc Schein interviews Paul Christopher, Senior Social Scientist at the RAND Corporation, where he serves as the principal investigator for various defense and security related research projects. In today’s conversation, Paul talks mainly about AI and the need for introducing/enhancing AI cybersecurity and advancing information technology protection with time.

Paul begins the conversation by discussing cognitive security, or the concept of protecting the safety of ideas and thought processes. From a national perspective, it is about protecting citizens from foreign interference in their right to think and participate in national politics. It is an old concept, rooted in the idea of war being a contest of wills and politics by other means.

Further into the conversation, he discusses AI and how it is affecting propaganda by allowing for automated amplification through the use of bots. As AI becomes more sophisticated, there is a greater danger of it being used for propagandistic purposes. One example is using a Gann, a generative adversarial network, where one AI generates messages and the other detects and prevents them, but in an unethical manner, the second AI could be removed and the messages could be directed at real people. Countries are spending more money on propaganda, but it is still cheaper than traditional military capabilities. The effectiveness of propaganda is difficult to measure, but the power of an integrated physical and informational campaign, as seen in the 2014 Russian annexation of Crimea, is highly effective.

Paul and Marc also discuss deep fakes and shallow fakes—methods of creating fake videos using AI technology and how both these types of fakes can be effective in deceiving people. They also discuss counter propaganda—a method of countering the effects of propaganda by providing counter messaging or a counter narrative to counteract it.

Towards the close of the conversation, Paul highlights the human vulnerability to misinformation and disinformation and how it’s important for everyone to remember that we are challenged cognitively. Humans often think fast and use heuristics, which make them more susceptible to being tricked, manipulated, or deceived. He also mentions the cognitive bias called Blind Spot bias, where people are willing to see vulnerabilities in others but not in themselves. He advises people to be aware of these vulnerabilities, not to believe everything they see and to find ways to improve their media literacy and to use tools to screen disinformation or at least pop up warnings when there’s an uncredible source.


“If you’re countering propaganda, either your counter messaging or doing a counter narrative, where you’re trying to claim the opposite of whatever the propaganda is, or overwhelm it with the truth or counteract it. Which unfortunately, the research in social psychology suggests isn’t very effective, because the first mover advantage is hugely important.”

“There are things that the government can do to pass laws and regulations to make foreign propaganda, either require labels or to be illegal so that you can then indict foreign propagandists and affect them.”

“There’s this thing called Blind Spot bias, where we’re willing to see these vulnerabilities in others but we imagine that we ourselves are special or magical or invulnerable.”


[00:14] – How Paul ended up becoming a senior social scientist at the Rand Corporation

[01:35] – What is cognitive security?

[04:15] – Are countries spending money on propaganda campaigns?

[06:26] – Distinguishing deep fakes and shallow fakes

[12:21] – Understanding counter propaganda and the ways to curb it

[17:24] – Final thoughts

Connect with Paul:


















Navigating Cybersecurity Risks in Modern Communication Platforms With Max Buchan

In this episode of CHATTINN CYBER, Marc Schein interviews Max Buchan, founder and CEO of Worldr. The conversation gets into cybersecurity for communication platforms, hybrid and in-person communication channels, and the factors that might change the way we communicate in the future.

Max tells us how he got into cybersecurity while growing up in a small town in the United Kingdom (Canterbury), and how he revolutionized communication encryption around the world. He also worked as one of Coinshare’s first employees, which helped him learn about data jurisdictional issues and encryption keys. Max has spent the last three years building his own company, Worldr, and has been offering security for communication platforms through it.

Now, this might make you wonder: why is there a need for a company like Worldr for additional security services when most popular communication platforms have built-in encryption and security? Max explains that his company’s products are not for every other user on the internet, but rather for those who do not want to change their communication platform and want to communicate in a more scalable and secure environment with no third-party inference. Worldr works with large corporations having a significant employee strength who want all of their data to be secure.

Max also shared his thoughts on the best way to communicate in the future, saying that he believes it will be a hybrid style because some people prefer in-person communication while others prefer online communication for time efficiency.

Max also addresses the current challenges that the CISO community is facing, as well as how they approached this application. He stated that the CISO community is currently very small and needs to scale and that people and governments all over the world are taking small but progressive steps in this space. He later mentions the concept of zero trust and how it influences product development.

The conversation winds up with Max discussing the ever-changing and shifting cybersecurity space.

Listen to the conversation for more details!


“We’re not building these products for every single user on these platforms. I mean, these are great products, I believe, you know, for instance, Microsoft Teams, I think is approaching 300 million users, which is an incredible number. I mean, we don’t build these solutions for the broad base, we build them for specific industry verticals that have needs that go a little bit beyond a one-size-fits for certain products.”

“I want to caveat this by saying there are no zero-trust products, right? Because I feel like, you know, you go to one of these conferences, I was lucky enough to speak at InfoSec Europe, a month or whenever it was ago. And I mean, just everyone’s got zero trust everywhere. And you know, it’s an important concept. But it’s not a product And again, it all comes down to essentially, least privileged access and building in controls and governance every step of the way, right into your entire policy outlook.”


[00:42] – How did Max, while growing up in the UK, revolutionize communication encryption in not only the US but abroad?

[02:07] – Why is there an additional need for security in various communication platforms when they are already highly encrypted?

[05:29] – The communication styles of the future

[09:12] – Challenges CISOs are facing today?

[12:10] – What is zero trust?

[13:34] – How cybersecurity space is ever-changing and shifting

[15:11] – How to reach out to Max Buchan

Connect with Max Buchan:






How The Russia-Ukraine War Is Bolstering Ransomware Gang Attacks With Sherri Davidoff and Michael Kleinman

In this episode of CHATTIN CYBER, Marc Schein interviews Sherri Davidoff and Michael Kleinman about the rising ransomware attacks in cyberspace and the legal and operational ways to confront them. Sherri Davidoff is the CEO of LMG Security, and the author of three books, including “Ransomware and Cyber Extortion” and “Data Breaches: Crisis and Opportunity.” Michael Kleinman is Special Counsel in the Data Strategy, Security, and Privacy Practice at Fried, Frank, Harris, Shriver & Jacobson LLP.

The Russian-Ukrainian war has given us an open window into ransomware gang operations, thanks to some gangs facing internal discord, like the Conte ransomware gang, which became known for putting a pro-Russia statement and having a gang affiliate steal their internal information and put it out online. If sources are to be believed, the Conte ransomware gang has made at least $2.7 billion in Bitcoin over the past three years – a number drastically higher than any previous ones we’ve seen. The result of the explosive growth of such ransomware gangs is also that law enforcement is getting better at following the money and busting cybercriminals. However, the fight gets tougher as criminals move to more privacy-oriented cryptocurrencies.

With the current geopolitical state with Russia and Ukraine in the way, cyber attacks are focused on more than economic gains, as our guests share. Vulnerabilities and attacks on critical infrastructure are predicted to rise. An interesting point to note is the OFAC advisory on ransomware from September 2021, which tends to assuage the risks towards individuals considering making a ransomware payment and avoid being hit with sanctions violation and the reputational and financial risks associated with that. This new advisory helps you if you implement cybersecurity practices, including those highlighted by Cisco, like having an offline backup, incident response plan, cyber training, and authentication protocols, and cooperating with law enforcement during and after an attack. You might never get a full sign-off, but these would certainly help your company’s image significantly.

The FTC is on the watch, and you need to look for a lock for vulnerabilities and repair or remediate them. If not, you’d land in hot water.

The Ukraine-Russian war has also seen the introduction of new kinds of malware like wiper ransomware that wipe out the complete information from a system. These are known to have been distributed through software vendors like tax software. Though Ukraine is on the receiving end of these attacks at the moment, fears are the attack could extend to more countries.

In situations like this which jeopardize our cyber health, early detection is critical. Also important is the need to have a coordinated industry-wide response to reduce

the damage. As attackers get better at sneaking in and damaging our systems, our defense style also needs to grow from reactive to proactive. Prevention methodologies must also go hand-in-hand with government regulations. For more on this, listen to this episode!

Please note that this podcast was recorded on February 25,2022  prior to the passage of the Cyber Incident Reporting for Critical Infrastructure Act of 2022.


“One of the points from the White House is to bolster resilience to withstand ransomware attacks. And for the past two decades, we’ve seen almost a reticence to push our businesses and organizations too much. Because we recognize cybersecurity as a cost.”

“The new banking law was designed not to be overly burdensome to banks, but to give regulators an early heads up about issues. And that is super important, especially if you’re concerned about large scale operational impact on our financial sector.”

“Now is the time to deploy proactive measures, things like multi factor authentication, endpoint detection and response security training, we have to figure out what is blocking organizations and just jump over those hurdles and make it happen.”

“At an organizational level, we need visibility by installing appropriate detection systems and response systems monitoring. Because the earlier you detect an incident, the better able you will be to prevent it from metastasizing into a bigger problem like ransomware.”


[01:05] – Hot topics in cybersecurity today
[03:55] – How is the US government responding to the increased supply chain kind of cyber attacks?
[09:47] – How to reach out to Sherri Davidoff and Michael Kleinman
[13:03] – About the FTC providing notice about patching up their systems to companies
[15:31] What is meant by wiper malware?
[24:30] Key takeaways from today’s conversation

Connect with Michael and Sherri:

Michael Kleinman:

Sherri Davidoff:


Driving Pay Equity In Workplaces With Maria Colacurcio

In this episode of CHATTIN CYBER, Marc Schein interviews Maria Colacurcio, CEO, Syndio, bringing pay equity in workplaces worldwide.
Maria talks about switching from her liberal arts background to enter the tech space and eventually finding her purpose in leading the movement for pay equity in companies.

A history and political science student, Maria’s entry into tech happened by chance when she met a woman at a dinner party at the height of the tech boom, who suggested she move from nonprofits to tech, and even got her a referral to a marketing role at her company. Maria grabbed the opportunity and worked in the marketing division for the National Museum of American History at the Smithsonian and has over time, switched jobs and moved to technological roles at companies.

At a point while she worked at Starbucks, the company was hyping about their pay equity announcement. Considering such things weren’t mainstream conversation back then, it meant a lot. While exploring more about it during that time, Maria got to know the Head of the Global Employment Law at Starbucks very well, and learned the way that a typical traditional pay equity analysis is done – it wasn’t good. She realized that not only was the system backward-looking and cumbersome, it also didn’t reveal anything about the behaviors or practices that drive the pay gap in the first place. Desiring to make it better, Maria tried to infuse software innovation with proactive research to bridge the pay gap in organizations. She shares that this research has taught her the importance of starting pay in bridging pay gaps – you’ve to make sure it’s done right to avoid pay disparities in the chain of employment roles.

Maria also talks about the rising awareness around ESG commitments, including the perspective of institutional investors from the ESG lens and how they’re trying hard to figure out what it means to have social ESG commitments as a company that has workplace equity embedded in the human capital. Another thing she talks about is how shareholder proposals requiring companies to disclose adjusted and unadjusted pay gaps have been featured in proxy season since 2015. As per statistics, 7 of the Fortune 100 companies face these pay gap disclosure proxies. And at 2 of these companies, it has succeeded. She also discusses pay transparency legislations that are forcing companies to post a good faith range for any new job position to avoid pay disparities.

There are two sides to pay equity – equal pay for equal work and the median pay gap. Our litigation is largely centered around the first and there’s a lot of legal risk to that. Companies also need to focus on the median pay gap, which is a reflection of opportunity – it’s the averages. In California’s SB 1162 – the legislation that just passed the California State Senate, it’s not just about pay transparency on job ranges.

It also includes disclosure of your median pay gap to the state and public reporting of your W2 earnings by EEO category. Companies need to do a full-body scan to adapt their practices to bridging the pay gap.
Towards the end of the conversation, Maria also shares actionable ways to implement equal pay opportunities at workplaces. Tune in to this episode to hear all about it!

“It was this crack in the door, which has been a real consistent theme in my career, seeing sort of a door cracked open, and then just being curious, having that intellectual curiosity to say, I wonder what wonder that leads, and then kicking it open.”“The Head of Global Employment Law at Starbucks, and I started talking about, ‘Is there a way to infuse innovation in software to make this something that is more proactive to make this something that looks at for example, starting pay is the biggest factor in any pay equity analysis?’. So how do you look at starting pay, make sure at that moment in the employee lifecycle that you’re getting it right so that you’re not having this consistent and ongoing backwards looking repeat have the same remediation over and over and over.”
“The median pay gap is really just a reflection of opportunity. It’s the averages. So do you have all of your men, for example, in the highly paid positions at your company? And why (though you may have really good gender diversity) are all your women sort of in the lower levels? If you had to disclose your median pay gap that would become very obvious to the outside world.”
[00:37] – Maria’s early life and advent into the cyberspace [05:04] – Trends in the ESG space
[07:45] – What should companies do to ensure pay equity? [09:31] – Connect with Maria
Connect with Maria:

Building A Secure Career in Cyber Risk Management With Shiraz Saeed

In this episode of CHATTINN CYBER, Marc Schein interviews Shiraz Saeed, Vice President and Cyber Risk Product Leader at Arch Insurance Group Inc. His role involves the strategic direction of Cyber Risk products or services at the company. Today, he talks about his exciting journey, playing multiple roles as a businessman, real estate broker, underwriter, and risk manager, and the people and situations that led him to build that.

Shiraz spent the majority of his life working with his dad, who was a watch dealer. At that time, watch dealerships had a business model very similar to insurance, and hence, growing up, Shiraz was always around credit cards, retail sales and instances of fraud. He pursued his under-graduation in Finance and was interested in finding a career in either banking or Computer Science, which were a hot topic then. But realizing the challenges in the professions, he decided to work with his dad on his business full time.

At a later time in his career, Shiraz also started a CTE course campaign across the country to get brokers, clients, and risk managers to understand risk management. By doing this, he could improve his ability to gain traction and deliver solutions, find policies that work at reasonable terms, and efficiently manage risks. Over the years, he received an opportunity to work with Starr, serving as the cyber product leader. He used the opportunity to learn about cutting edge technologies in the industry and further enhance his skills. He moved from there to work with Arch Insurance, where he serves as the Vice President and cyber risk product leader.

During his conversation with Marc, Shiraz also shares his observations from the cybersecurity industry over the last ten years and what challenges the industry might face in the upcoming year or two. He shares that the frequency of cybersecurity incidents has increased massively over the past ten years and that we need to invest more in cybersecurity practices for more organizational and individual security in the future.

Tune in to the episode today to learn more about cyber risk management from Shiraz!


“If you’re gonna sell something, you have to make sure you know more about that product, that space, that industry than anybody you’re selling it to.”

“He [Shiraz’s father] would always say [that success] it’s 70% hard work and doing all the right things, and 30% luck, or forecasting or opportunity, whatever you want to call it.”

“What has really happened over the past 10 years or so is the level of frequency of the incidents that we’re seeing, has surpassed the amount of expectancy that any of us ever had.”

“People want to maintain a level of sustainability in the marketplace.”

“You got to be the educator, whether they buy it from you or not, whether they do business with you or not, you need to demonstrate or teach them about what it is all about, and why it benefits them and why it doesn’t benefit them. And then, by doing that you automatically improve your ability to get traction, because you help them for real, whether you’ve made the money on it or not.”


[03:49] – Shiraz shares his life’s story with us

[22:12] – Shiraz talks about the person who’s helped the most in his career and life

[23:57] – What Shiraz learns from his dad’s journey in life

[27:23] – Shiraz’s thoughts on cybersecurity in the upcoming one or two years

Connect with Shiraz:


Cybersecurity Compliance For M&A Deals And The Changing Regulatory Landscape With Steven Teppler

In this episode of CHATTINN CYBER, Marc Schein interviews Steven Teppler, co-chair of the cybersecurity and privacy practice of Sterlington. He is also an Adjunct Professor at Nova Southeastern University Shepard Broad School of Law. Before joining Sterlington, Steven was the Chair of Mandelbaum Salsburg’s Privacy and Cyber Security Practice Group. He is an ISACA certified CDPSE (Certified Data Privacy Solutions Engineer) and has been involved in cybersecurity and electronic discovery matters for over 20 years.

Sterlington’s work primarily revolves around private equity and family firms. With a strong litigation department, they also perform transactional work. Steven is involved in developing cybersecurity and assessing cyber risks for clients.

During their conversation, Steven and Marc discuss M&A transactions, the changing cyber regulatory landscape, and mitigating risks on the buy-side and sell-side of the market.

Steven explains that an M&A (merger and acquisition) is a transaction involving both purchase and sale. Both parties undertake a certain amount of due diligence in the purchase-sale environment; there are considerations on both sides with serious implications for liability. Therefore, risk evaluation pre and post-acquisition is necessary for private equity companies. The same principles apply regardless of the type of transaction (mergers, acquisitions, leveraged buyouts, management buyouts, trends offers).

Also, the regulatory landscape in cyber risk is changing fairly dramatically. For instance, now, if an M&A transaction involving a health care type of entity that handles personal health information encounters a lately discovered or latent HIPAA problem. In that case, it violates the Privacy Rule – there’s been a late discovered exfiltration. It could lead to escalations to several regulatory compliance departments.

There should be a baseline security level on the sell-side, so you’re not selling something that can put you into liability or potential liability on the buy-side. You also need protection on the buy-side to get certain representations and warranties from the seller; they ensure you have adequate insurance. You might also want to perform a cybersecurity risk assessment on the proposed acquisition to avoid warnings or trouble later.

Steven explains that cyber diligence should begin at the very outset, because just like any other managed service provider, depending upon the interplay between the private equity company and the portfolio company, there will be an interchange of managed service. Protecting that information is necessary. Any private equity company needs to ensure that its subsidiary or holding companies portfolio companies are equally protected, depending on the type of industry or service they provide.

To conclude, Steven advises avoiding cyber risks, starting with, do not call a number or tap on any unknown link – be conscious. Abide by cybersecurity tips at all times.


“In any purchase and sale environment, there is a certain amount of due diligence that has to be undertaken by the parties. And whether you are a buyer or seller acquisition or the acquired, there are considerations both on the sell-side as well as on the buy-side that can have very, very, very serious implications for liability.”

“Cybersecurity is part of a business. It’s part of your business functionality.”

“Having a protecting on the buy-side means that you get certain representations and warranties from the seller, they also make sure that you have the adequate insurance, and maybe you want to maybe not even take necessarily the word or the representations of the seller, but perhaps you’ll want a separate assessment and a separate cybersecurity assessment risk assessment done on the proposed acquisition.”


[00:46] – Steven’s entrepreneurial journey

[02:27] – Cybersecurity interplay between M&A transactions

[06:47] – The changing regulatory landscape and its effect on M&A transactions

[12:17] – Get in touch with Steven

Connect with Steven:



Cybersecurity For M&A Deals With Steven Kuperschmid

In this episode of CHATTINN CYBER, Marc Schein interviews Steven Kuperschmid, Co-Chair of Cybersecurity and Data Privacy at Ruskin Moscou Faltischek PC. Steven is experienced as a corporate M&A and securities lawyer. During the conversation, Steven shares his knowledge about cybersecurity in M&A deals, how (or whether) it impacts contracts and the different phases to setting an effective buyer-seller deal. He also talks about the growing need for cyber insurance in different industries today.

At what point does cybersecurity integration happen within an M&A deal? Steven explains that it depends on the nature of the target’s business. For the middle and upper-middle markets, like manufacturing and distribution, industrial technology, financial services, and healthcare, cybersecurity needs to be a priority. You must know whether the target business has Personally Identifiable Information (PII) – if so, cybersecurity needs to be prioritized irrespective of the industry.

However, cybersecurity doesn’t change different deal structures. Because a deal is chosen for tax reasons to mitigate the buyer’s risk, cybersecurity is a far bigger problem than the signed contract.

As for the signing of a deal, there are different phases:

  • The discussion phase, where the buyer assesses the value offered by the seller and considers the different risks that might exist.
  • The buyer then assesses the business from a technology point of view, evaluating the seller’s internal policies and cyber hygiene.
  • Lastly, a buyer does a lien search, looking at the lien report to gather more information about the buyer and their underlying debt instruments.

Further in the conversation, Steven covers cyber insurance, explaining its relevance and importance in the cyber security industry. Having a good cyber insurance grasp can ensure the buyer can benefit from them during a data breach.

Listen to the conversation for more details!


“Often, deal structure is chosen for tax reasons. But also, it’s chosen to mitigate risk to the buyer. So you may choose an asset deal, because you don’t want to incur any unknown liabilities that you can avoid by choosing an asset structure.”

“I think the first thing the team needs to look at is the nature of the target, what’s the targets business, you know, certain industries present greater risks than others. So if we were buying a company in the healthcare industry, or the financial services industry, it should be a huge focus, and usually is at this point now, now, four years ago, five years ago, maybe it wasn’t as big a focus as it is today. But in those industries, it should be a huge focus.”

“Every deal starts with a discussion of the business terms – the value of what’s being paid, how it’s being paid.”


[00:53] – Steve’s path to becoming one of the most well-known privacy attorneys in Long Island

[10:47] – Does cybersecurity change different deal structures?

[14:29] – The different phases of a buyer-seller deal

[17:19] – A discussion on cyber insurance

Connect with Steven:























Cybersecurity Risk Assessment For Clients With John Jenkins

In this episode of CHATTINN CYBER, Marc Schein interviews John Jenkins, Senior Editor and Law Firm Partner at and Calfee, Halter & Griswold LLP. During the conversation, John explains his journey to heading one of the most regarded M&A news centres in the US, cybersecurity risk assessment, and effective client management.

Discussing the issues to be addressed in the negotiation of M&A agreements, John explains how smart buyers, from the outset, would be already invested in assessing the post-closing issues, integration, operations, handling contacts and the like. Depending on the nature of the transaction and the parties’ sophistication, different professionals are assigned to clients to handle the cybersecurity assessment. In addition, when dealing with large firms with data breaches in the past, a separate team of forensic consultants is assigned to better understand the client’s needs.

Cybersecurity assessment needs to be the front and center for every buyer and seller. To win buyers, sellers need to showcase an infallible track record. To assess a company in a limited period, you would have to perform a risk assessment and then suitably allocate resources. Unless you do a risk assessment at the outset, resource allocation might not be clear.

Further in the conversation, John explains the latest trends in sealing deals. As he shares, there’s been an increase in deals engaging reps and warranties coverage over the years.

Towards the close of the episode, John shares that cybersecurity assessment is part of a dynamic regulatory environment. Over time, it’s only going to get more complicated for both parties (buyers and sellers) to scope the issues early on in any potential transaction.

Listen in to get a detailed picture of cybersecurity risk assessment with clients.


“What’s the environment we’re dealing with here? How sophisticated is the seller, where its risks, what are its compliance environment?”

“If you’re a cyber person, that’s where you look. But you may have competitive situations where your your due diligence opportunities are going to be somewhat limited and targeted, you’re to get through to next rounds, you may have some more confirmatory due diligence at the end.”

“So you have to do a risk assessment, and you kind of have to allocate resources based on your assessment of the risks, and obviously, the more sophisticated the risk assessor is, the better off that that process can be. So, it is something that needs to be done at the outset. Because unless you do it at the outset, you’re not going to be able to engage in a really fully informed risk assessment process to allocate those resources.”


[01:00] – John’s cybersecurity journey

[02:15] – Cybersecurity and M&A transactions

[09:44] – Front end, Back end, and Due diligence evaluation

[11:58] – Is there an increase in deals engaging reps and warranties coverage?

Connect with John:



















The Threat To Global Cybersecurity Due To The Russian Invasion Of Ukraine With Cory Simpson

In this episode of CHATTINN CYBER, Marc Schein interviews Cory Simpson, a legal advisor, adjunct professor, national security expert, and public policy pioneer. Cory has over two decades of experience advising the most elite organizations in the American military, Congress and Fortune 100 companies on cybersecurity, counterterrorism, emerging technologies and geopolitical risk. He discusses with Marc the state of cybersecurity pre and post-Russian invasion of Ukraine and how to prepare for any risks that might arise in the near future.

The cybersecurity environment pre-invasion was described as VUCA—Volatile, Uncertain, Complex, and Ambiguous. It existed in a context where our political or economic internationalist security spaces were converging and was insecure in its standing.

The illegal invasion of Ukraine is causing economic warfare, and Cory predicts that financial institutions will be targeted robustly; hence, cybersecurity would have to be strengthened in such organizations. But he also adds that large-scale systemic losses might not be observed.

As of the present, Russia appears to be in a problematic situation domestically in terms of enduring starvation and facing higher living costs. A large reason why Ukraine is more transparent about the situation in its country than Russia is because of Russia’s war crimes on the former. They’ve seen to have besieged cities, surrounded them with artillery and armor, cut off all supplies, and then indiscriminately bombed them until the people were dead. The media in Ukraine is taking deadly risks to get news and updates to the rest of the world.

Towards the close of the episode, Cory advises organizations to be prepared to be agile in their plans because they’ll have to adapt to a lot of changes that will happen in the coming years.

For more, tune in to today’s episode!


“If you want to be effective, for the IT/OT, it requires knowledge… physical knowledge of the facility, and that relationship between the IT and the OT, it is hard to do, to get that physical knowledge in the United States, it is probably easier to do in Eastern Europe, where it is known that more Russian actors are doing human intelligence on the ground.”

“I think some of the access and placement of the Intel entities will probably be leveraged in the days and months ahead to inflict harm, but I don’t know how much more replacement access they can they can get once they’ve burned that, because I think they’re just going to be so overwhelmed with other issues.”

“I think we all need to be prepared to be agile in our organizations and in our plans, because I do think we’re going to be asked to adapt to a lot in the environment.”


[01:00] – Russia’s invasion of Ukraine and the associated geopolitical and cyber risks [07:52] – How likely are we to witness a large-scale systemic type of loss due to cyber attack?
[11:23] – Russia and Ukraine’s stance on sharing their message with the rest of the world

[15:03] – Get in touch with Cory

Connect with Cory:


Why Every Organization Needs A Crisis Communication Wing With Jamie Singer

In this episode of CHATTINN CYBER, Marc Schein interviews Jamie Singer, Managing Director FTI Consulting formerly, Executive Vice President at Resolute Strategic Services and Resolute Public Affairs. She is an ​​experienced strategic communications advisor with deep expertise in crisis communications, and has counseled Fortune 500 companies through some of the biggest reputational crises of the past decade. During the conversation, Jamie and Marc explore the need, process, and tips for effective crisis communication in organizations.

Crisis communicators are partners to legal and breach counsel. The latter engages them in a tri-party agreement to protect privilege, helping them act as an interplay and an ongoing dialogue for risk mitigation.

When must an organization have a crisis or strategic communication with an expert? Jamie Singer explains that strategic communications need to start early when an organization engages with its forensics firm and insurance carrier. This is partly due to the increasing number of ransomware cases organizations face today (both internally and externally), rendering their systems inoperable for operations.

However, communicating a data privacy breach or incident with the clients or media should happen only after careful thought and investigation. Because the cyber world is fluid – information and facts change quickly. It’s possible that in the time you communicated an incident, the positions have changed and the risks mitigated; but by then, the organizational trust would have gotten in jeopardy. Organizations must be careful about the cadence and timing of reporting such incidents.

It’s all easy until the media comes into the picture. With the internet always up-to-date with the recent advancements in any space, cybersecurity traders and bloggers are also the first to break any reports of security breaches in organizations. The nature of the news, however, is often ‘report and move onto the next’, a fact that organizations can leverage. Jamie Singer explains that companies can use media to get their key messages to the key stakeholders through written statements (and not LIVE interviews as they might backfire).

What can organizations do to mitigate cyber risks and reduce cyber incidents? Work on the communications aspect – consider your communications protocol, review and improve messaging. It includes finding a way to communicate even when corporate emails are unavailable.

For more, tune in to today’s episode!


“A common pitfall we see is companies saying too much and too quickly – Crisis Management 101 – you should communicate the minute something went wrong as transparently as possible. The problem with cyber is, investigations are quite fluid, information and facts change frequently. And so the early bird doesn’t always catch the worm in these situations, if you communicate too quickly, before your systems are remediated, or before you have all the facts that can actually erode trust.”

“There’s often a lot of focus on what we say to customers and media and external stakeholders, but we continue to see the employee audience being forgotten, and they shouldn’t, because they wear two hats there, they could be impacted by the incident and they interface with customers. So they need to know what’s going on.”

“We approach media typically as a transaction, how can we use media to make sure we are continuing to reiterate our key messages to our key stakeholders, and often that can be accomplished through written statements.”


[01:55] – When must an organization have crisis communication?

[03:21] – Why you must think before communicating with the rest of the world about a potential (or observed) data security breach

[06:19] – Managing the media in the event of a cybersecurity threat

[08:02] – What can companies do to be better prepared in the event of a cyber incident?

Connect with Jamie: