How to Prevent Ransomware Attacks in 2023 with Jason Rebholiz

2023 is a totally different year from 2022 when it comes to ransom attacks. Based on the activities on the dark web associated with ransom actors, the numbers are going up. Last year, Russia-Ukraine had the numbers go down, but this year, we have a 102 % increase.

In this episode of the Chattinn Cyber podcast, we have the pleasure of hosting Jason Rebholiz. He is the chief information security officer at Convus Insurance and owns a YouTube Channel called Teach Me Cyber. Jason’s passion for data security is peerless, and his knowledge of the industry is something we should all want to hear. His career started at Mandiant, where he tried different things and came to learn his passion was in data security.

Jason and Marc Schein have an in-depth conversation on Ransomware and data security. Jason brings us up to speed with the current ransomware trends in 2023, the groups that are giving data security experts sleepless nights, the effects of AI on data security, and how organizations can keep their data safe.

Would you like to learn more on how to prevent ransomware attacks? Listen to this episode.

Key Talking Points of the Episode:

[02:20] How Jason got into security

[07:31] Jason’s advice to people who want to join the cybersecurity industry

[10:22] Ransomware trends in 2023?

[13:34] Most common ransomware groups

[16:48] How safe is MFA?

[20:04] How can organizations beef up their data security?

[22:01] How is AI impacting data security?

Standout Quotes from the Episode:

“Understanding the type of MFA is going to become critically important in the future.”

“When companies can go in and create this baseline of the security controls, they are going to be more protected against ransomware and other attacks than somebody that does not have that.”

Connect With Jason Rebholiz:

LinkedIn: https://www.linkedin.com/in/jrebholz/

YouTube: https://www.youtube.com/@teachmecyber

 

 

Cybersecurity Risks And The Rising Demand For Chief Information Security Officers With James Kim

In this episode of CHATTINN CYBER, Marc Schein interviews James Kim, the Vice President and Director of Cybersecurity Strategies and Programs at City National Bank in Florida, about the roles and responsibilities of a cybersecurity professional, leveling up into a CISO (Chief Information Security Officer) role, and managing cybersecurity risks in an organization.

James begins by discussing his path to his current position, attributing his success to luck, ambition, and grit. He started as a help desk technician at a bank and worked his way up over the years, focusing on risk management and developing business acumen. He realized that there was a gap between the technical aspects of cybersecurity and business, which led him to focus on improving the relationship between the two areas. He believes that this focus on developing relationships and maintaining partnerships is critical to his role and cybersecurity more broadly.

James’s day-to-day responsibilities involve incident reviews, working with governance, risk and compliance teams, reviewing policies and controls, managing projects, and tracking various initiatives. He enjoys the variety of tasks and the opportunity to work across the entire spectrum of cybersecurity, including governance, risk and compliance, security architecture, identity and access management, and business continuity and vendor risk management.

James discusses the future of the CISO role and where he sees himself in five years. He believes that the CISO role will continue to expand in prominence, with more emphasis on managing cybersecurity risks for the organization.

He concludes the conversation by advising young professionals interested in cybersecurity to know the many different aspects of the field, including governance, risk and compliance programs, cybersecurity auditing, and security engineering and analysis. He also stresses the importance of work-life balance, given the challenging and stressful nature of the work.

 

Highlights:

 

“We all have similar responsibilities around maintaining a robust information security or cybersecurity program, ensuring that we have proper processes, procedures in place to report incidents; and at the end of the day, having the appropriate safeguards in place to protect client information or patient information.”

 

“If you’ve been kind of following along with current events, I feel that within the next five years, the CISO role will continue to expand and gain more prevalence with management and the board.”

 

Time-Stamps:

 

[00:50] How did James get into cybersecurity?

[02:38] James’s day-to-day responsibilities as a security operations manager.

[04:04] Working across the entire spectrum of cybersecurity.

[06:06] Where do you see the Ceo role in five years?

[08:07] How to promote awareness internally and externally within the organization.

[10:13] Advice for young professionals trying to enter cybersecurity.

[12:14] Challenges in the future of cybersecurity.

 

Connect with James:

 

LinkedIn: https://www.linkedin.com/in/james7kim/

 

 

 

 

 

 

 

The Rise Of AI And AI Cybersecurity: How To Future-Proof The Technology of Tomorrow With Vickram Kooblall

In this episode of CHATTINN CYBER, Marc Schein interviews Vickram Kooblall, CIO and CISO at Scahill Law Group. Vickram is in charge of managing the firm’s operations and directing its technology infrastructure. He investigates and analyzes the firm’s digital transformation and cybersecurity resilience initiatives.

Vickram tells us about his upbringing and what led him to a career in cybersecurity. He reveals that the internet was never designed with security in mind, but as it grew, we realized how important it is to manage, secure, and protect data.

Vickram also describes how artificial intelligence has become the digital transformation means of law firms and many other organizations. AI and ML have greatly aided attorneys in many areas, including contract management, document management, due diligence, legal research, behavioral prediction, and so on, allowing them to become better litigators. According to Vickram, law firms deal with sensitive data daily, so data security is critical. He also shared some basic hygiene tips, like, using a strong password and multi-factor authentication.

Internal and external threats are treated equally by law firms. Internal threats are prevented/curbed with utmost employee care, especially during times like the great resignation or big quit, because data is the most important threat then. To ensure data security, many organizations today use zero trust. Encryption is also critical.

Towards the close of the episode, Vikram emphasizes the importance of focusing on AI security because of the numerous native adversarial attacks specific to AI. So, it is important that organizations using data and developing an AI model must also ensure its security.

Listen to the conversation for more details!

Highlights:

“Well, certainly in terms of zero trust is becoming, you know, one of those big, you know, big things that we’re seeing organizations do more and more, we are certainly seeing user rights and access management, being something that is looked at very closely and monitored, you know, who should have access to what and when. Also, I think the timing is very important when you’re working on a large case or a particular matter. Those individuals that don’t need access should not have access to those specific cases. During that time. And, you know, it’s going to come back to encryption.”

“You know, in terms of some basic hygiene, one of the biggest things it comes back to is also employee training. That has been one of my focuses, you know, in the last two years ensuring that the employees themselves are very well versed and understand threats that come their way. You know, in terms of strong passwords, that’s been some of the basic hygiene that every organization should implement, and more so many law firms. I have seen at least, maybe once or twice during a week of some law firm email being compromised due to exactly that not having a strong password, we have multi-factor authentication, which is certainly a must-have for any organization, especially, you know, law firms in this space..”

“I think, AI has become the digital transformation that we’ve been looking for. Look, law firms are very slow in adopting new technology and trying to, you know, get a, you know, trying to, it’s always been such a labor-intensive type of practice.”

Time-Stamps: 

[00:29] – How Vickram became executive director of the most prestigious law firm in the Northeast

[03:38] – Why is Artificial Intelligence important for law firms?

[05:38] – The best practices in law firms to secure data

[07:12] – Is Vickram concerned more about internal threats or external threats?

[08:49] – How to mitigate some of the internal threats inside an organization?

[10:15] – How is AI security important?

Connect with Vickram:

 

LinkedIn: https://www.linkedin.com/in/vickramk/

 

 

 

 

Investing in Internal Infrastructure To Mitigate Cyber Risks with Nadav Aharon-Nov

In this episode of CHATTINN CYBER, Marc Schein interviews Nadav Aharon-Nov, VP of Cybersecurity at R-MOR, Israel. He is experienced in Organizational and Regulatory Compliance, Information Security Management, Auditing and Governance, among many other areas of cyber risk management. During the conversation, Nadav shares getting into cybersecurity, leading a cybersecurity firm in Israel, the differences and similarities of the threats observed in Israel and America, the importance of investing in internal systems for any company, and how to mitigate cyber risks by thinking from the point of view of the attacker.

Nadav explains that due to the constant cyber-attacks faced by Israel, the country has learned to be creative on the cybersecurity front. They’re always thinking outside the box to figure out ways to keep their civilian life safe. The majority of the threats faced by the companies in Israel is due to ransomware attacks. Cybersecurity firms like his’ continually level up their attempts to study the attacking group’s moves and intelligence and try to get them from the inside without them knowing.

He also talks about the importance of assessing a business’ infrastructure from the outside – from the viewpoint of the attackers or hackers. While internal assessments are fairly common, external assessments could give a firm a competitive edge. Another critical piece of information shared is about automation. Attacking groups tend to use more manpower and less automation to analyze issues and make decisions quickly.

The present times have highlighted the importance of cybersecurity more than ever. Working from home, with not more than a VPN connection as security, the security offered by office spaces is quashed. Nadav explains that his company offers two unique departments – web analytics and cybersecurity to create a strategic platform that collects information from all three layers of the web to understand the hacker’s perspective, security gaps in the existing technologies and products, and to assess a company’s internal infrastructure thoroughly. A company must invest in their internal systems more than anything else, especially in today’s times.

Tune in to the episode now!

Highlights:

“There’s a big blind spot when it comes to businesses, seeing their infrastructure from the outside in. So they’re usually looking from the inside out, doing internal assessments,  (…) they’re forgetting about the other point of view. And that is the external point of view – how a criminal or a hacker or someone with malicious intent looks from the outside-in.”

“The problem is you have nothing to secure yourself at home other than a VPN connection. And most of the infrastructure at your house is either a simple modem, no firewalls, no true security on your endpoints, and everything is very exposed. So the comfort that you had in your infrastructure back at the office is literally smashed and you have nothing to get home.”

“(Every company) needs to invest in internal systems, because the criminal could be either from the outside (or) from the inside. Everyone could have criminal intentions when it comes to manipulating data, stealing data.”

Time-Stamps:

 

[02:19] – The threats faced by Israel vs. America in cybersecurity

[03:23] – How Nadav got into cybersecurity

[05:24] – How COVID has caused a rise in the need for cybersecurity

[10:19] – Where should a company invest more to mitigate cyber risks (other than cybersecurity teams)? 

Connect with Nadav

Website: https://www.linkedin.com/in/nadav-aharon-nov-62a8b5a/?originalSubdomain=il

 

 

 

 

 

 

 

Layered Security And Protection Against Ransomware Attacks With Greg Edwards

In this episode of CHATTINN CYBER, Marc Schein interviews Greg Edwards, the Founder of Canauri, a well-known cybersecurity firm, to discuss the growing threat of ransomware attacks and how businesses can safeguard against them.

Greg has been involved in the backup and disaster recovery industry since 2007. In 2012, as ransomware attacks rose, he observed that many of his off-site backup clients were affected and needed full recovery. Recognizing that this could escalate into a greater issue, he founded Canauri and decided to address this threat using deception technology.

According to Greg, the rise of ransomware coincides with the increased use of cryptocurrency. He believes that cybercrime, in general, gained momentum in 2012 when Bitcoin became mainstream. He emphasizes the significance of layered security and recommends that businesses configure and manage all layers of defense effectively.

During this discussion, Greg also talked about how MSPs (Managed Service Providers) can fall prey to ransomware, and the devastating impact it can have on their clients. Greg narrated an incident where an MSP’s RMM (Remote Monitoring and Management) was hit by ransomware, causing 80 of their clients to be affected simultaneously.

With the shift towards remote work, Greg suggests that businesses must secure all endpoints, including laptops, desktops, and mobile devices, and ensure that the networks they use are secure. He also stresses the importance of patching systems as the most crucial action people can take to defend themselves against ransomware.

In conclusion, Greg shares valuable insights into the increasing prevalence of ransomware, the importance of layered security, and the measures businesses can take to protect themselves from ransomware attacks.

 

Highlights:

 

“If you look back again to 2012, the rise of ransomware coincides with the use of cryptocurrency. So not (that) I’m a fan of cryptocurrency, personally, but the rise of ransomware and cybercrime in general, all started to take off around that 2012 mark. And that’s when that’s when Bitcoin became really big and started to become mainstream.”

 

“In the pandemic, everyone said, go home, go work from home, here’s your laptop, or even people were carrying desktops in their monitors out of the office to go work from home, and then connecting remotely in any fashion that they could. And so that inherently just opens up lots of additional vulnerabilities and attack surfaces for the attackers. So what has to be done is all of those endpoints, laptops, desktops, even mobile devices, need to be properly locked down, and then also need to make sure that the networks that they’re on got to have the proper security now, across all of those remote workers, and manage them, just like you would if it were in an old corporate network environment.”

 

Time-Stamps:

 

[00:50] Greg’s experience starting an off-site backup company in 2007.

[02:37] The rise of ransomware coincided with the rise of cryptocurrency.

[03:56] Layman’s understanding of layered security.

[06:01] Ransomware attack on remote monitoring and management.

[07:16] Advice on how to better protect yourself.

[08:41] What to do to protect yourself from ransomware?

 

Connect with Greg:

 

LinkedIn: https://www.linkedin.com/in/gedwardswpd/

The Challenges To Cybersecurity In Critical Control Systems With Joe Weiss

In this episode of CHATTINN CYBER, Marc Schein interviews Joe Weiss, the Managing Partner at Applied Control Solutions LLC, Managing Director at ISA99 ICS Cyber Security Pioneer and keynote speaker. The discussion revolves around cybersecurity challenges in control systems, with a focus on those in critical infrastructure like nuclear plants. Joe was formerly a control system engineer who worked on instrumentation controls, primarily control and safety systems in nuclear plants.

Joe notes the different challenges in implementing effective cybersecurity measures in control systems. The first, he shares, is the cultural gap between engineers and IT personnel. He explains that these two groups have different mindsets and concerns, which makes it challenging to work together. For example, IT personnel might need to upgrade a computer or perform maintenance, but engineers might resist because taking a workstation down could cause the entire plant to shut down. Joe suggests that doughnut diplomacy, which involves getting engineers and IT personnel together to work out their differences over doughnuts and coffee, has not worked in bridging this cultural gap.

Another challenge is the technical gap in control systems. Joe explains that many control systems are older systems that have been upgraded from a very insecure base. Legacy devices lack basic security features like passwords, authentication, and encryption, which makes them highly vulnerable to cyberattacks. He provides an example of how some brand-new digital sensors installed at a petrochemical plant in Abu Dhabi did not have any passwords in their vendor spec sheets. Therefore, there was no way to send calibration data to the cloud securely.

Joe adds that control systems are very different from traditional IT systems, and security measures that work in one domain might not work in the other. For example, while data is the main focus in traditional IT systems, physics is the primary concern in control systems. Control systems are designed to manipulate physical processes, and the closer they get to the edge, the more efficient the processes become. This makes it difficult to implement traditional security measures like zero trust, which assumes that nothing can be trusted until proven otherwise.

Joe concludes the conversation by suggesting that insurance companies and credit rating agencies can play a significant role in driving improved cybersecurity in control systems. These organizations are highly risk-averse and can convince boards to take cybersecurity more seriously. He believes that control system cybersecurity is not going to be solved by the government and requires a concerted effort from all stakeholders involved.

Highlights:

 

“The general rule is that these big control systems are 1980s, 1990s technology that have been in a funny sense upgraded. But they’ve been starting with a very, very insecure base.”

 

“To a sensor controller in real time, this thing is happening in milliseconds, it’s 100% trust. What’s worse, these devices are built in backdoors, directly to the internet. So everything you’re trying to say not to do on the network side is exactly what’s in this most critical of all of our critical devices.”

 

Time-Stamps:

 

[01:53] Joe’s journey into cybersecurity

[04:10] Everything is about data and data processing.

[05:52] The engineers and the network people don’t get along.

[09:04] Calibrating the sensors

[10:39] Zero trust is 100% trust

 

Connect with Joe:

 

LinkedIn: https://www.linkedin.com/in/joew1/

 

AI, Propaganda, and Lessons On Advanced Cybersecurity with Paul Christopher

In this episode of CHATTINN CYBER, Marc Schein interviews Paul Christopher, Senior Social Scientist at the RAND Corporation, where he serves as the principal investigator for various defense and security related research projects. In today’s conversation, Paul talks mainly about AI and the need for introducing/enhancing AI cybersecurity and advancing information technology protection with time.

Paul begins the conversation by discussing cognitive security, or the concept of protecting the safety of ideas and thought processes. From a national perspective, it is about protecting citizens from foreign interference in their right to think and participate in national politics. It is an old concept, rooted in the idea of war being a contest of wills and politics by other means.

Further into the conversation, he discusses AI and how it is affecting propaganda by allowing for automated amplification through the use of bots. As AI becomes more sophisticated, there is a greater danger of it being used for propagandistic purposes. One example is using a Gann, a generative adversarial network, where one AI generates messages and the other detects and prevents them, but in an unethical manner, the second AI could be removed and the messages could be directed at real people. Countries are spending more money on propaganda, but it is still cheaper than traditional military capabilities. The effectiveness of propaganda is difficult to measure, but the power of an integrated physical and informational campaign, as seen in the 2014 Russian annexation of Crimea, is highly effective.

Paul and Marc also discuss deep fakes and shallow fakes—methods of creating fake videos using AI technology and how both these types of fakes can be effective in deceiving people. They also discuss counter propaganda—a method of countering the effects of propaganda by providing counter messaging or a counter narrative to counteract it.

Towards the close of the conversation, Paul highlights the human vulnerability to misinformation and disinformation and how it’s important for everyone to remember that we are challenged cognitively. Humans often think fast and use heuristics, which make them more susceptible to being tricked, manipulated, or deceived. He also mentions the cognitive bias called Blind Spot bias, where people are willing to see vulnerabilities in others but not in themselves. He advises people to be aware of these vulnerabilities, not to believe everything they see and to find ways to improve their media literacy and to use tools to screen disinformation or at least pop up warnings when there’s an uncredible source.

Highlights:

“If you’re countering propaganda, either your counter messaging or doing a counter narrative, where you’re trying to claim the opposite of whatever the propaganda is, or overwhelm it with the truth or counteract it. Which unfortunately, the research in social psychology suggests isn’t very effective, because the first mover advantage is hugely important.”

“There are things that the government can do to pass laws and regulations to make foreign propaganda, either require labels or to be illegal so that you can then indict foreign propagandists and affect them.”

“There’s this thing called Blind Spot bias, where we’re willing to see these vulnerabilities in others but we imagine that we ourselves are special or magical or invulnerable.”

Time-Stamps:

[00:14] – How Paul ended up becoming a senior social scientist at the Rand Corporation

[01:35] – What is cognitive security?

[04:15] – Are countries spending money on propaganda campaigns?

[06:26] – Distinguishing deep fakes and shallow fakes

[12:21] – Understanding counter propaganda and the ways to curb it

[17:24] – Final thoughts

Connect with Paul:

Website: https://www.rand.org/about/people/p/paul_christopher.html

https://2018.cybersecforum.eu/en/speakers/christopher-paul/

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Underwriting and The Future Of Cybersecurity With Marcin Weryk

In this episode of CHATTINN CYBER, Marc Schein interviews Marcin Weryk, Head of Business Development at Coalition Inc. The duo get into underwriting, cyber risks, and the future of cybersecurity, among other discussions on business and the changing world.

Marcin began by providing background on his upbringing, sharing that he was born in Poland and raised in Brooklyn. He also mentioned his journey to becoming a renowned cyber underwriter after graduating from St. John’s University with a major in finance and later participating in a training program at CNA to gain knowledge in the insurance industry. The training program ultimately led to his placement on CNA’s cyber tech NPL team and his entry into the field of cyber insurance.

Marcin stresses the importance of having a strong underwriter in the team who’s knowledgeable in both analytics and marketing. The key for underwriters is to not only be creative and thorough but also reliable and trustworthy. It is also critical to learn to interpret and analyze data in cybersecurity.

Further in the conversation, Marcin mentions Coalition and introduces it as the most innovative insurance company for reasons including its careful and correct analyses of data and the risk selection and prevention mindset of its employees. At its core, Coalition is a technology company that uses data more effectively than other insurance companies.

Marcin also shares two concerns businesses will face in the coming years. One is the need to improve the quality of data collection and utilization to reduce cyber risks. The second was about the data currently being used to underwrite better from a loss perspective, which leads to many issues. Business controls are essential in underwriting and risk mitigation.

He wraps up the conversation by highlighting the future of cyber issues, focusing on two of the most pressing issues: the exposure of systemic failure and privacy concerns.

Listen to the conversation for more details!

Highlights:

“I think what’s different about Coalition is the ability to understand that learning from data is important. And learning from data is even more important in the ever-changing space of cybersecurity. I think we at Coalition differentiate in that we are continuously making sure we look at risk selection and risk prevention. From a forward-looking perspective, not a backward-looking perspective.”

“And I think that’s the big differentiation is, most people are stuck looking backward, Coalition is good at looking forward. And I think that is what drives our value. The other part that’s been imperative to the growth and success of Coalition and others in this space that is leaning on data better, is the concept of continuous monitoring.”

“One is the systemic failure exposure that we’re all dealing with. I personally think that the marketplace will evolve into a space where there will be standard coverage, and yet also separate catastrophe cyber coverage. I don’t think that that’s that far in the future. Just for clarity purposes, I think many people will be interested in that type of cover. The other one that some people have started to speak about, but I don’t think it’s getting as much attention as it should is privacy as a peril.”

Time-Stamps:

[01:08] – How did Marcin become a cyber underwriter and how did he get involved in cyber?

[02:53] – Important roles of an underwriter

[04:43] – What is so unique about Coalition and how they are the most creative insurance company?

[07:42] – What made Marcin go to the technology from phenomenal insurance carriers?

[10:33] – Challenges and cyber risks businesses are going to face in the next two years that concerns underwriters

[13:52] – How important are controls for a business?

[16:10] – Some of the future issues we may be facing

Connect with Marcin:

LinkedIn: https://www.linkedin.com/in/marcin-weryk-828a1a6/

 

Economic Sanctions, Cyber Law Enforcement, And Private-Government Collaboration For Cyber Protection With Emil Bove

In this episode of CHATTIN CYBER, Marc Schein interviews Emil Bove, Trial and Investigations Lawyer at Chiesa Shahinian Giantomasi (CSG). Emil has extensive experience working in both the public and private sectors, starting his career as an assistant United States attorney specializing in cyber risk. Today, he speaks about the new sanctions announced against Russia following the invasion of the Ukraine, why Russia might push its financial transactions and assets into the crypto space, cyber enforcement trends pertaining to the same, and the recent collaboration of the private sector and the government sector for speedy cyber law enforcement and protection.

Recently, in the aftermath of the Russian invasion of Ukraine, the US Treasury department announced a lot of sanctions against Russia. One result of that is that banks are trying to comply with the sanctions on both US financial institutions and international institutions, identifying their exposure to the sanction parties, sanction relationships, and figuring out how to address that exposure – whether that’s blocking assets in some instances, or ending client relationships in others. Secondly, we’re anticipating mechanisms for any sanction party to engage in sanctions evasion and access the international financial system and even the US financial system directly through correspondent accounts. Sanction parties need to innovate. Russian parties are also expected to push financial transactions and assets into crypto.

Emil also discusses the trends in cyber enforcement. With Russia likely to venture into the crypto space, care needs to be taken while enforcing sanctions as not everybody is a Russian actor. Clients have to be sensitive to sanctions compliance. Recently, the OFAC has been sanctioning crypto service providers, some of which are based in Russia, who are non-compliant with US expectations for transparency and staying away from ransomware. Both on the regulatory and criminal sides, the government will be looking at public examples of non-compliant actors who are not seeking to implement the sanctions intended to choke back on Russia’s access to the financial system.

Another thing Emil talks about is the private sector’s collaboration with the government in connection with the above sanctions. He predicts that the partnership will be significant because the technological expertise of the private sector can help speed up the government’s work. The technologies used so far have repeatedly shown themselves reliable and trustworthy and have generated accurate results.

For more, tune in to today’s episode!

Highlights:

“There’s a cyber component to the banks trying to comply with the sanctions to both US financial institutions and really international institutions, taking a look at what OFAC is doing. And identifying their exposure to these now sanctioned parties and sanction relationships, and figuring out how to address that exposure, whether that’s blocking assets in some instances, or ending client relationships in others.”

“There are a few understood mechanisms for any sanction party to engage in sanctions evasion, to access the international financial system, and sometimes even the US financial system directly through correspondent accounts. Sanction parties are going to need to take some new steps to do some innovation. And I think that one way that we’re going to see that is Russia as a sovereign, and also just sanctioned Russian parties over there are going to push financial transactions and assets into the crypto space.”

“There’s then now a public opinion that sort of authorizes and endorses law enforcement collaboration with the private sector and use private sector tools in a sophisticated and developing space where government technology, especially in the law enforcement side, may not be quite as up to speed as where the more well resourced private sector parties are endorsing that and I think you’ll see that going forward.”

Time-Stamps:

[00:43] – The journey to becoming an assistant United States attorney
[19:45] – About the US Treasury Department announcing sanctions against Russia [21:49] – The biggest things around cybersecurity being ignored right now
[29:58] – Closing thoughts

Connect with Emil:

Website: https://www.linkedin.com/in/emil-bove-0113347/

The Russian-Ukrainian War Is A Lesson On Information Security and Leverage With Greg Radabaugh

In this episode of CHATTIN CYBER, Marc Schein interviews Gregory Radabaugh about his wide range of experience in the military and information security, what the Russian-Ukrainian war illuminates about information security, and the essential practices civilians and security forces must equally adopt to strengthen cybersecurity.

Retired Air Force veteran of 30 years, Greg comes with a repertoire of wealth that ranges beyond overseas reconnaissance missions. He has experience as a DOD civilian, a Defence Intelligence Agency analyst, senior Information Operations planner for the Air Force ISR agency (Intelligence Surveillance Reconnaissance), Director of the Joint Information Operations Warfare Centre, and many high-importance controlled defence and intelligence roles. But after finally retiring from the Department of Defense after 44 years, Greg has founded his own consulting company, Greg Bear Consulting.

With the ongoing Russian-Ukrainian war always keeping world tensions high, Greg suggests you give “Unrestricted Warfare by Colonel Qiao Liang and Colonel Wang Xiangsui” a read for learning in depth about permanent warfare and the absence of a difference between civilian and military targets in the Ukraine-Russia war. Noting from the war updates, Greg shares that although Russia seems to be focussing on justifying their actions to their internal audience, making them see that all is being done to protect them, Ukraine is focussing on the external audience, primarily the West, trying to gain support from the US, NATO, and others providing material, financial, and medical support. He also discusses how both the countries are gathering and making use of commercially available data for warfare – from tracking locations, to cellphone ranges, and a whole lot more. Everything happening in the war is striking from an information perspective.

The civilian sector, he adds, must prepare for war at this point as they could be used to incite or escalate conflict. There could be Denial Of Service attacks, deception, and other planned operations to impact the military by attacking people relevant to its personnel. Families of military personnel are especially targeted by these attacks. This is a side most people aren’t prepared for.

In conclusion, Greg shares that the civilian private sector needs to start thinking about security the same way the military does – for operational security. Using mobile phones and cameras in essential meeting places, not considering the secondary and tertiary access points in places, are a couple of the many things that go unnoticed. For more about it, tune in to this episode with Greg!

Highlights:

page1image12665408 page1image12665984

“The Western concepts of the law of armed conflict relying on Westphalian concepts of chivalry, interior, and territorial integrity, and what constitutes an armed attack don’t apply to our adversaries and potential adversaries in the information environment.”

“Think about how to provide operational security to your business. And then think about how do you shut down our second and tertiary information leakages and then decide, how do I mitigate this threat by doing things, for example, having an offline backup of my network, or having a secondary network that’s offline that can go online immediately, if your primary one goes down?”

“A greater awareness of these operations in the information environment is crucial to private sector success of industrial control systems, security is going to be absolutely critical to maintaining our first world environment that we live in and enjoy today.”

Time-Stamps:

[00:40] – Greg’s early life and founding Greg Bear Consulting [05:29] – Where to connect with Greg
[06:26] – What’s happening with the Russian-Ukrainian war?
[15:19] – Should the civilian sector prepare for a conflict at this point?         [20:42] – What can you do to protect yourself from cyber attacks?

Connect with Greg:

Website:

https://www.af.mil/About-Us/Biographies/Display/Article/108843/gregory-c-rada baugh/