Into the Breach by IBM

Cyber leaders: Stop being your own worst career enemy. Here’s how.

Mon, 10 Jul 2023 16:00:00 GMT

Technically proficient people often face challenges when looking for (or being elevated to) leadership roles.

In the cyber realm, this can become even murkier. We have hackers, who often view rules as guideposts (or even challenges, for that matter); incident responders and threat intelligence officers who tend to have great regard for rules and a well-developed (if not regimented) approach to unraveling mysteries; and product engineers who are astute at design and technical issue resolution.

The net is this: Cyber brainiacs are really good at solving problems. And less good at inspiring (or even allowing) others to solve them.

In this episode, host Mitch Mayne talks with Brian Donovan, author of "Leadership Is Changing the Game - The Transition from Technical Expert to Leader." They explore some of the critical components of cyber leadership—including Donovan’s perspective that the trick isn’t to develop an entirely new skill set—or superpower, as he puts it—but to hone your existing superpower and learn how to influence and inspire.

If you’ve ever wondered how to get out of your own way and transition into cyber leadership, this may be the episode for you.

Take a listen—and venture Into the Breach.

Things to listen for:

[00:05 - 01:20] Introduction
[03:05 - 05:34] Mitchs' journey to leadership in the cyber world
[06:07 - 07:42] Challenges technically smart people might run into when stepping into a leadership role
[08:24 - 12:43] Turning your strengths into superpowers in leadership
[18:09 - 20:50] Imposter syndrome within cyber leadership
[29:02 - 31:10] What Brian learned from his best manager
[32:20 - 34:49] Advice to be a great leader in cyber

The Quantum Quandary: How researchers are bridging the supercomputer security concerns

Mon, 03 Jul 2023 20:00:00 GMT

Quantum computing relies on quantum physics for computational power and computes much faster than classical computers. It’s predicted to provide major breakthroughs across society, science and business. At the same time, it poses a risk to key cryptographic algorithms we depend upon for the safety of our digital world. Meaning, it has the potential to render existing communications as insecure as if they weren’t encoded at all.

In this episode, host Mitch Mayne talks with one of the scientists working on quantum-safe encryption algorithms. Dr. Walid Rjaibi has spent considerable time experimenting with these algorithms and creating prototypes for transitioning current software to quantum-safe standards.

They talk in-depth about the security risk quantum poses, how researchers are addressing that risk, how policy can (or should) shift to make standardization a reality, and what organizations might struggle with as they shift toward quantum—and how some of those struggles might be addressed.

Things to listen for:

[00:05 - 01:34] Introduction
[03:55 - 06:05] An overview of quantum computing
[06:45 - 11:30] Cyber risks associated with quantum
[15:03 - 18:42] Algorithms that are quantum-safe
[19:09 - 21:54] Encryption algorithms, RSA deep dive
[25:18 - 26:15] Effective policy regulations
[26:42 - 29:30] Where to begin when learning about quantum

Threat sharing evolution: How groups offer less risk and better intelligence to members

Wed, 28 Jun 2023 20:12:56 GMT

It’s been eight years since the Cybersecurity Information Sharing Act was signed into law, and today we have a thriving network of public/private threat sharing groups—like the Joint Cyber Defense Counsel (JCDC) and National Artificial Intelligence and Cybersecurity ISAO (NAIC/ISAO), offering platforms where member organizations can both share threat information and gain access to the larger collection.

Yet, perception challenges still exist for threat sharing groups. These include both liability and confidentiality concerns, with some organizations wondering if information shared in a group could be traced back to—and used against—the organization that shared the data in the first place.

In this episode, host Mitch Mayne talks with Michael Thiessmeier, Co-founder and Executive Director of the NAIC/ISAO, about the history of threat sharing and how the “public good” has benefitted. They also explore the perceived hurdles to entering threat sharing groups and explore whether or not those are legitimate concerns.

Things to listen for:

[00:05 - 01:41] Introduction
[03:23 - 05:54] Notable wins as a result of groups sharing intelligence
[06:19 - 07:23] What information to consider sharing in an information-sharing group
[11:00 - 14:03] Has trust been restored that the government does the right thing in terms of privacy and surveillance?
[20:09 - 21:23] Michaels information products
[22:15 - 23:20] Why threat sharing is important

Your private information is probably being sold on the dark web. How can criminals use it?

Thu, 06 Apr 2023 15:56:08 GMT

Late last year, a well-known ride share app and a gaming company were hacked using well-crafted social engineering attacks. Stephanie Caruthers—known online as “Snow,’ is a professional hacker herself and has a solid working theory on how the attacks happened. Stephanie’s take: the criminal may have purchased already stolen credentials of users off the dark web, used that data to research the target victims, and then combine those sources of information to engineer highly targeted attacks.Which raises the question: Is your information out on the dark web, and how can it be used by a criminal?Let’s find out. Join us as we venture, Into the Breach.

Things to listen for:

[00:05 - 01:36] Introduction
[01:55 - 02:30] The genesis of online name Snow
[05:42 - 06:41] Spearfishing vs. social engineering
[07:21 - 08:21] What Snow knows about Uber and Rockstar hacks
[08:45 - 10:37] Snow's thoughts on TeaPot purchasing credentials from the dark web for who they were targeting
[11:04 - 12:20] What Snow looks for to find information from a social media perspective
[19:37 - 22:43] Advice on how to avoid being attacked
[21:00 - 22:43] How the attacks happened
[23:38 - 24:38] For the average citizen: What to do or not to do

Operational Technology: The evolving threats that might shift regulatory policy

Thu, 23 Mar 2023 15:15:41 GMT

Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022—a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure.

Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are behind us, and the threats to OT and ICS are real and ongoing.

Roya Gordon and her team at Nozomi Networks keep a close eye on these kinds of threats, and recently released their biannual OT/IoT Security Report that examines what’s happened in the landscape for this sector in the latter half of 2022.

She joins me in this episode to talk in-depth about what her team found—including the latest on the types of attacks hitting OT and IoT, what effect increased regulation may have on industries in this sector, how Russia’s invasion of Ukraine continues to change the landscape, and what may be on the horizon for cyber insurance. And maybe most importantly, she helps us understand what OT/IoT organizations can do to stay safer.

Join us—and together we’ll venture Into the Breach.

Things to listen for:

[00:05 - 00:44] Introduction
[01:00 - 02:50] Important pieces from Nozomi's security report
[03:23 - 05:21] Threat actors Roya sees at Nozomi
[06:16 - 08:10] Roya explains being anti-cyber insurance
[11:40 - 15:21] Sector-specific plans: What do we know and are they needed?
[16:19 - 17:21] International efforts for a safer sector
[20:45 - 23:06] Advice for loT and OT friends

The threat landscape 2023: Top targets, top attack types, top geographies

Wed, 01 Mar 2023 21:47:10 GMT

Every year, the IBM Security X-Force team of cyber experts mine billions of data points to reveal today's biggest attack trends and patterns. In this episode, host Mitch Mayne is joined by Michael Worley, one of this year’s primary authors, and digs into the guts of the X-Force Threat Intelligence Index 2023 to uncover the continuously changing cybersecurity landscape and understand how to defend against the latest threats. Join us as we journey into 2023 — and Into the Breach.

Things to listen for:

[00:05 - 00:35] Introduction
[01:04 - 03:17] What changes were made to the X-Force Threat Intelligence Index for 2023
[03:48 - 04:37] How Michael's background shaped how he examined data for this years report
[05:00 - 06:04] The biggest aha moment from this year's report
[11:10 - 13:39] Phishing and other vulnerabilities
[15:20 - 16:30] Steps to to take to protect yourself

2023 Cybersecurity Predictions

Tue, 21 Feb 2023 20:42:12 GMT

In this episode, we’ll use 2022 as a lens to foretell what this year may have in store for us. Joining me is Dan Lohrmann, a well-known voice in cybersecurity whose resume boasts an impressive list of positions in cyber leadership in both the public and private sector, in addition to authorship of three books on cybersecurity.

Dan publishes an annual review of top cyber organization predictions (check out Part One and Part Two). Think of them like a content analysis of over two dozen industry leading reports. Among those surveyed is the 2022 IBM Security X-Force Threat Intelligence Index and our annual predictions blog published just last month. And of course, I’d miss the chance to humble-brag if I didn’t tease the fact that we’ll be releasing our 2023 Threat Intelligence Index in early February, too, so stay tuned for that one.

Given the hours he’s devoted to analyzing the market predictions, Dan’s view is both broad and deep. We’re going to utilize his expertise to focus on a few hot topics for 2023:

· Ransomware: How it will evolve, and who may be targeted

· Social engineering: How increased sophistication (including attempts to bypass MFA) may impact business

· Cyber insurance: Will it become more difficult to get in 2023

· The Ukraine war: What fallout we might expect this year

· Crypto and social media: Given the tumult in 2022, what we might see changing both on a market and a policy front

Join us, and together we’ll venture Into the Breach.

Things to listen for:

[00:05 - 01:17] Introduction
[07:21 - 08:58] What we got right in 2022
[09:52 - 12:29] What we might see for ransomware in 2023
[13:50 - 16:33] What we might see in terms of social engineering, and what will be the role of deep fakes?
[17:37 - 19:55] Insurance providers in 2023
[25:06 - 26:08] Changes in crypto, and will there be a push to regulate?
[29:07 - 30:17] Potential positives to look for in 2023

Curse of Cassandra or Hype of Chicken Little? Sorting Out Fact From Fiction On Operational Technology Security Risks

Wed, 16 Feb 2022 00:00:00 GMT

Attacks on operational technology (OT)--gas pipelines, electrical grids, banking services—are on the rise. In this episode, we speak with Chris Kubecka about how these incidents can affect economies and public safety in every geography, and how we might defend against them. Chris is the Chair of the Cyber Program at the Middle East Institute (MEI) and has brought Operational Technology safety front and center across the globe. She details how these incidents can be a serious breach affecting economies around the world.

Key Takeaways:

00:06 - 01:07 Intro to episode

01:40 - 03:17 The Middle East Institute

04:34 - 05:22 The difference between information technology and operational technology

11:39 - 13:08 Motives behind attacks

13:20 - 14:33 How we should think about operational technology security, that we aren't considering today

14:33 - 17:26 Do we need the government in order to follow cybersecurity safeguards?

18:47 - 19:57 Ideal state for operational technology security

20:26 - 24:38 Chris shares a recent, and very interesting experience

25:42 - 27:38 What keeps Chris awake at night when it comes to operational technology

Now You See Me, Now You Don't: How Cryptocurrency Regulation Can Make it Harder For Cybercriminals to Escape

Wed, 09 Feb 2022 00:00:00 GMT

Cryptocurrency has become the favored tender for ransomware groups. Because of the intricacies of blockchain technology, it is often difficult for law enforcement to trace criminals who demand cryptocurrency payments. But is there a way to regulate cryptocurrency in a way that provides fewer hiding places for criminals—but doesn’t disrupt the market? We speak with Megan Stifel, Policy Officer at the Global Cyber Alliance, who as part of the Ransomware Task Force, issued the recommendation to closely regulate cryptocurrency—but still preserve the market.

Key Takeaways:

00:08 - 01:15 Intro to the episode

01:37 - 03:00 How easy is it for threat actors to hide funds and cover their trail?

05:28 - 08:14 The scale and scope of ransomware

12:00 - 14:25 Regulation that allows the market for investors to remain but also helps locate criminal actors

15:04 - 17:06 Blacklisting: Target known accounts or try to regulate the entire market?

17:33 - 19:16 Are sanctions effective, and why is it being used? How will it work?

19:57 - 24:48 Cryptocurrency mixing services

I'd Like to Buy a Vowel: The Price of Poor Communication During a Data Breach

Wed, 02 Feb 2022 00:00:00 GMT

When there is a cyber incident, the focus is often the technical side of the attack and remediation. Another important aspect of breach management—communication—often takes a back seat. When communication is done badly, consumers can lose trust, brands can erode, and corporate names can become synonymous with high-profile attacks. Loren Dealy Mahler has built a career on creating organization-wide communication plans, and talks about the importance of having the right people using the right words at the right time.

Key Takeaways:

00:05 - 01:18 Intro to episode

01:32 - 03:06 Advice to a CEO on how to handle a data breach from a communication perspective

03:36 - 07:06 Crisis response plan vs a cyber communication plan

08:19 - 11:55 Missteps in communication: The Atlanta cyber attack in 2018

11:55 - 16:08 Missteps in communication: The Equifax breach

17:30 - 19:58 An example of communication gone well

22:52 - 24:12 What can we expect to see a new cybersecurity executive order do to communication?

Cybersecurity Superheroes Next Gen: How Higher-Ed Helps Them Find Their Crime-Fighting Niche

Wed, 26 Jan 2022 00:00:00 GMT

Criminals don’t seek degrees in cybercrime from universities. So where do they learn their skills? And what is the role of higher ed in helping keep smart minds on the right side of the law and preparing them to defend against attacks? Minnesota State University professor Chris Veltsos has more than two decades of teaching and mentoring the next generation of cybersecurity professionals. He unpacks what he teaches in the classroom, what he wishes could be taught, and what higher ed can do to help keep bright minds on the right track.

Key Takeaways:

00:05 - 00:59 Intro to episode

02:01 - 03:42 How Chris because a professor focusing on a niche subject

03:56 - 05:30 How to stay current with the cyber landscape

05:59 - 07:42 Does university prepare students for a cyber career?

14:01 - 16:08 The role of mentorship at university and within the workplace

20:02 - 22:14 What would Chris include in his curriculum that he thinks is missing today?

23:09 - 26:22 Advice to those who are interested in becoming a mentor

Lured To The Dark Side The Criminal Hacker Journey Pt. 2

Wed, 19 Jan 2022 00:00:00 GMT

Part 2 of this two-part episode looks at the flip side of criminal hacks —the defense. Law enforcement and private security teams work diligently to defend against cyber threats. And they often work better together. We speak with Nick Rossmann, former head of IBM X-Force with a background in both the CIA and FBI. He explains how threat intelligence is evolving to keep pace with the booming cybercrime industry, and how the dark side of the industry is becoming a full-service economy.

Key Takeaways:

00:05 - 00:40 Intro to this episode

01:12 - 03:14 Threat Intelligence: What is is, how it's gathers, and what it's used for

03:21 - 06:38 What the cybercrime industry is like right now

07:03 - 08:42 Ransomware as a service

12:08 - 14:48 Nick's experience at the CIA and the FBI before joining private industry

17:43 - 19:45 What businesses can do to help make a legitimate cyber career more interesting than a dark web cyber career

21:30 - 25:03 Advice for those interested in a cyber career

Lured To The Dark Side: The Criminal Hacker Journey Pt. 1

Wed, 12 Jan 2022 00:00:00 GMT

In Part 1 of this two-part episode, we dive into the mind of the criminal hacker —what motivates them, how they get started, who they target, and whether they deserve a second chance. Former BBC journalist, Chris Quevetra, sits down with us to discuss an organization he investigated that takes young criminal threat actors and turns them into contributing members of society —and turns them into valuable security assets for companies.

Read Chris's article on teen hackers here.

Key Takeaways:

00:06 - 00:52 Intro to the episode

01:15 - 01:48 How Chris landed on this story of The Criminal Hacker Journey

02:16 - 04:04 How teen boys end up as a criminal hacker, before having and education in cyber

09:31 - 10:35 The potential future of these teens if they hadn't been caught and ended up at Blue Screen IT

12:40 - 13:53 Lessons learned for the cybersecurity industry

14:23 - 15:17 Emotions that came up while writing this story

16:12 - 17:44 The ironic interaction between the arrester and the arrestee

19:12 - 21:04 Chris shares what he's learned during his cybersecurity journey

21:04 - 22:57 Mitch's story about what he's learned during his cybersecurity journey

Into the Breach - Trailer

Fri, 24 Dec 2021 11:25:30 GMT

Whether you are an individual who is always on your phone, an IT professional who lives through your laptop, or an organization that
manages a vast amount of clients and services, a security breach can happen at any moment. Many of us think that we are prepared, but are we
really? On this podcast, you’ll hear from a variety of cybersecurity professionals to better understand the underground world of cyber and you’ll walk away better prepared with tales, tools, and support to help you thrive in the face of uncertainty…

Join your host Mitch Mayne, IBM X-Force Public Information Officer and former journalist and, together, let’s venture into the breach.