ReimaginingCyber is a series of fireside chats hosted by Rob Aragao and Stan Wisseman, Security Strategists with CyberRes, a Micro Focus line of business. In each episode, we’ll dive into the world of cybersecurity, exploring common challenges, trends, and solutions for today’s CISOs and CIOs. Every two weeks, a new guest—from industry experts to CISOs—will share what matters most to them. Each episode is short and bite-sized, running only 15-20 minutes. CyberRes is a Micro Focus line of business, focused on helping companies protect, detect, and evolve their security framework and helping organizations become more cyber resilient. To learn more, visit CyberResilient.com. Micro Focus is a multinational software and information technology business, headquartered in the UK.
In today's episode, OpenText's Tyler Moffitt (Sr. Security Analyst) delves into 'Operation Endgame,' one of the most extensive coordinated cybercrime takedowns in history. Learn about the multinational law enforcement efforts that targeted critical malware infrastructure, dismantling key botnets and loaders vital to ransomware attacks. Tyler provides an in-depth analysis of the operation's impact on the cybercriminal ecosystem, real-world implications, and predictions for the future of cybersecurity. Don't miss this eye-opening discussion!
In this episode of Reimagining Cyber, Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, delves inro the complex issue of insider threats. He concentrates on the two main types of insider threats: malicious insiders who knowingly abuse their access, and unintentional insiders who fall prey to phishing and other social engineering attacks. The conversation is highlighted by recent high-profile cases such as the Coinbase breach, where a third-party contractor was bribed, and the Scattered Spider group's attack on UK retailers like Marks and Spencer and Co-op. The episode explores the real-world financial impacts of these breaches and offers detailed strategies for defending against insider threats, emphasizing the importance of layered security, strict access controls, and thorough training. Listen to learn more about the evolving landscape of insider threats and how to protect your organization.Links mentioned in this episode:https://community.opentext.com/cybersecFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, Rob Aragao welcomes Matt Gorham, former Assistant Director of the FBI's Cyber Division and current leader of PwC's Cyber and Risk Innovation Institute. Gorham shares critical insights from his 25-year FBI career and discusses the evolution of ransomware—especially the rise of ransomware-as-a-service models and the business-like operations of Eastern European cybercriminal syndicates. He emphasizes the importance of cyber hygiene, incident response planning, and executive-level tabletop exercises. The discussion also covers the often-misunderstood relationship between private companies and law enforcement, as well as the implications of AI, onshoring manufacturing, and the shifting geopolitical cybersecurity landscape. A must-listen for CISOs, board members, and security leaders looking to turn preparation into resilience.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode Senior Security Analyst Tyler Moffitt unpacks the 2025 OpenText Cybersecurity Threat Report. He dives into alarming shifts like a 28% spike in malware infections, the relentless resilience of ransomware group LockBit, and the surge of AI-enhanced phishing campaigns. Tyler breaks down why old-school malware tactics still dominate, how affiliate-driven ransomware-as-a-service is thriving, and why European businesses are increasingly in the crosshairs. Plus, he explores what's actually working—simple, disciplined defenses—and why “eating your cybersecurity vegetables” may be the most powerful strategy of all. Don't miss Tyler's predictions on AI's evolving role in both attack and defense for the year ahead.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this eye-opening episode of Reimagining Cyber, host Tyler Moffitt is joined by Tom Tovar, co-creator of cybersecurity company Apto, to unpack one of the fastest-growing threats in mobile security—deepfakes and biometric bypass attacks.Tom explains why facial recognition, once considered a reliable security measure, was never designed to withstand today's AI-powered spoofing tactics. From simple call interception techniques to sophisticated real-time face-swapping and buffer overrides, Tom walks us through the anatomy of modern biometric attacks. He also reveals why most mobile apps—and even top-tier facial recognition systems—are currently defenseless against these threats.We dive deep into the vulnerabilities hiding in plain sight within mobile frameworks, and why defending facial recognition starts with the app itself, not the authentication system. Plus, Tom gives us a glimpse into how AI is being used to both attack and defend, and what the future of mobile app security might look like.If you think your face is your password, think again.Topics Covered:How attackers bypass facial recognition without even needing a deepfakeCommon tools and techniques used to manipulate authentication flowsThe problem with relying on SDK-based facial recognition vendorsWhy the future of defense lies in app-level perimeter securityHow Apto is using AI to build autonomous, in-app defensesWhether you're a security professional or just fascinated by the evolving threat landscape, this is a must-listen episode.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, Tyler Moffitt, Senior Security Analyst at OpenText Cybersecurity, explores the evolution of fast flux — a once obscure spamming tactic that has now become a serious national security concern. Learn how this evasive DNS technique enables ransomware groups and nation-state actors to stay resilient, hide their infrastructure, and extend the life of their attacks.Tyler breaks down how fast flux works, why it's seeing renewed attention from the NSA and CISA, and what security teams can do to detect and defend against it. From DNS filtering and anomaly detection to the role of ransomware affiliates and cybercriminal business models, this episode delivers deep insights into one of today's most pressing cybersecurity threats.Key topics:Fast flux: what it is and why it matters nowHow it's being used to protect ransomware infrastructure and leak sitesDetection strategies and red flags for defendersThe bigger picture: national security, affiliate models, and the cybercrime economyPractical steps enterprises can take to prepare and protectDon't miss this eye-opening discussion. Be sure to check out Tyler's blog for a deeper dive.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, we set sail into the world of maritime cybersecurity with one of the foremost experts in the field, Dr. Gary Kessler. From GPS spoofing to autonomous vessels, Gary breaks down the evolving threats facing modern ships and ports as they become increasingly digitized and connected. With over 50 years of experience in cybersecurity and a lifelong connection to the water, Gary shares how his career merged passion and profession, leading to groundbreaking research in AIS spoofing and maritime threat mitigation.We explore the real-world cyber risks impacting global logistics, including the infamous 2017 NotPetya attack on Maersk, the rise of ghost and dark fleets, and how pirates are using hacked logistics systems to target high-value cargo. Gary also explains why the term “cybersecurity” may miss the mark—and why protecting the information itself is what really matters.Plus, hear about the upcoming Maritime Hacking Village at DEFCON and how you can get involved. If you're curious about the cyber threats lurking beyond the horizon, this episode is your compass.Links:Maritime Cybersecurity: A Guide for Leaders and ManagersMaritime Hacking VillageFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, host Tyler Moffitt welcomes Tim Armandpour from PagerDuty to explore how organizations can assess and manage their cyber risk in an era of rapid technological change. They discuss the importance of continuous risk evaluation, building a culture of resilience, and the impact of AI on security practices.Tim shares insights on zero trust architecture, lessons learned from major incidents like the CrowdStrike outage, and how businesses can adapt their security strategies to stay ahead. Whether you're a security leader or just interested in the evolving cybersecurity landscape, this episode offers valuable takeaways on managing risk, ensuring operational resilience, and preparing for the future of AI-driven security.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, threat research analyst Tyler Moffitt explores the evolution of cryptocurrency—from a libertarian dream to a key enabler of cybercrime. Tyler shares his personal journey into crypto mining and breaks down pivotal moments in Bitcoin's history, including the rise of Silk Road, the emergence of ransomware, and the infamous WannaCry attack.The discussion also dives into why criminals prefer privacy coins like Monero, how law enforcement is fighting back using blockchain analytics, and whether crypto can ever shake its association with illicit activities. Packed with expert insights and real-world examples, this episode is a must-listen for anyone curious about the intersection of cryptocurrency and cybersecurity.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.
In this episode of Reimagining Cyber, we dive into Europol's latest report, The Changing DNA of Serious and Organised Crime, which highlights how AI is accelerating cybercrime and global information warfare. Rob Aragao, breaks down the report's key findings, including AI-driven fraud, deepfake scams, and automated cybercrime operations.We also explore the broader implications of AI in shaping misinformation campaigns, with major players like China, Russia, and Iran investing billions in disinformation efforts. As law enforcement agencies struggle to keep up, we discuss the challenges of combating AI-powered threats and what this means for cybersecurity on a global scale.Rob also touches on how The U.S. is facing challenges in defending against AI-driven disinformation, as key institutions are shut down. This reduction in information validation and support makes it harder to track and counter adversarial efforts. Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Significant changes are underway at the Cybersecurity and Infrastructure Security Agency (CISA), and the cybersecurity community is paying close attention. In this episode, we break down the recent funding cuts, layoffs, and restructuring efforts that could reshape the agency's mission—and potentially impact national cybersecurity.Join Rob Aragao as he analyzes:
In this episode, we're diving into the world of LockBit, one of the most notorious ransomware groups out there, and how it's keeping law enforcement on its toes. We'll break down their latest moves, the battle between hackers and agencies like the FBI, and what it means for cybersecurity moving forward.Here's what we cover:The Kash Patel Incident: Recently, LockBit took a jab at Kash Patel, the FBI Director, in a post on their leak site. The group congratulated him on his appointment and dropped a hint that they had info that could embarrass the FBI. It's all part of LockBit's strategy to keep itself in the headlines and make sure it stays relevant, even as law enforcement gets serious about shutting them down.LockBit's Operations: LockBit operates on a ransomware-as-a-service model. What does that mean? Well, they provide the tools and infrastructure for affiliates to carry out attacks. And those affiliates don't hold back—LockBit has gone after hospitals, government agencies, and businesses, demanding huge ransoms in the process.Takedowns and Law Enforcement's Response: The FBI has had some wins, like taking down LockBit's leak site during Operation Kronos. But LockBit? It's not exactly slowing down. They've bounced back with new infrastructure and continued to wreak havoc. The group seems to enjoy the back-and-forth with law enforcement, using it to attract more affiliates and keep their operation growing.LockBit's Evolution: The group just dropped version 4.0 of their ransomware, and they're still advertising on their site, offering affiliates big payouts and even luxury cars for successful attacks. Now, they've even started to position themselves as a kind of twisted “pen-testing” service—after they ransom someone, they'll help them find security flaws in their systems. Law Enforcement Struggles: Despite efforts from the FBI and other agencies, ransomware groups like LockBit keep adapting. The Russia-Ukraine conflict has only made things worse, and LockBit has shown no signs of slowing down. While law enforcement is certainly stepping up, the fact remains: no major figures have been caught yet.Practical Tips for Organizations: We've got some actionable advice for businesses to stay ahead of these ransomware gangs. First off, enable two-factor authentication (2FA) wherever you can. Also, don't ignore your software updates—many attacks exploit outdated systems. And if you can, hire a professional red team to conduct penetration testing and find the holes before the hackers do.. LockBit may not be invincible, but they're still a huge threat. The group's persistence and ability to evolve mean that ransomware operations are going to be around for a while. The battle between cybercriminals and law enforcement is far from over, and it's only going to escalate as these groups get more sophisticated and resilient.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber we tackle two seismic shifts in digital security: the fight over encryption and the rise in quantum computing. First up, the UK's aggressive push against encryption. With legislation like the Investigatory Powers Act and the Online Safety Bill, the UK government is pressuring tech giants to create backdoors for law enforcement. But what happens when those backdoors fall into the wrong hands? Cybersecurity expert Tyler Moffitt doesn't mince words: “The moment you create a backdoor for the government, you open it up to everybody—cybercriminals, rogue states, you name it.” Apple initially took a hard stance, threatening to pull iMessage and FaceTime from the UK. But in a move that sent ripples through the industry, they recently scaled back their Advanced Data Protection feature for UK users. Is the result a chilling precedent that other governments may soon follow?If that weren't enough, encryption's future faces another existential threat—quantum computing. Even the strongest cryptographic methods in use today could become obsolete once quantum processors reach critical mass. To explore this, we revisit Episode 43: Inside the Fight to Protect Data from Quantum Computers, featuring veteran cryptographic engineer Terence Spies. He warns that the fundamental rules of encryption could soon change forever. “Unlike other areas of software, cryptography is about proving what can't happen,” Spies explains. “Quantum computing changes that equation entirely.”With quantum breakthroughs on the horizon, governments and enterprises must scramble to adopt post-quantum cryptography—before it's too late. Transitioning away from RSA and elliptic-curve encryption isn't just a technical challenge; it's a bureaucratic and logistical nightmare that could take decades. And yet, with quantum attacks potentially capable of breaking today's encryption in mere hours, the race is on to secure our digital future.Listen to the full episode of Reimagining Cyber and stay ahead of the encryption debate. The stakes have never been higher.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao explores the concept of shadow AI and its implications in cybersecurity. Inspired by the recent AI Action Summit in Paris, Rob delves into core areas such as threat detection, governance, and data privacy. He addresses the growing concerns around unauthorized AI implementations within organizations and emphasizes the importance of collaborative efforts and governance frameworks. Practical solutions like API secure gateways, data sandboxes, and centers of excellence for AI are discussed to mitigate risks and enhance cybersecurity practices.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, new co-host Tyler Moffitt talks about the intersection of blockchain technology and cybersecurity. He discusses the basics of blockchain, its differences from traditional databases, real-world applications, the current rate of adoption, and the challenges it faces. Tyler also shares his personal journey into the world of blockchain and his passion for the technology. The episode concludes with a discussion on the future of blockchain in cybersecurity and a fascinating tale about lost Bitcoin worth millions.Links mentions in the episode:https://en.wikipedia.org/wiki/Bitcoin_buried_in_Newport_landfillFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao explores the role of the Professional Association of CISOs (PAC) with Demetrius Comes, a CISO executive advisor at EVOTEK and a leader within PAC. Comes, who has held cybersecurity leadership roles at companies like GoDaddy and Warner Brothers Games, discusses PAC's mission to support CISOs through professional development, peer collaboration, and industry education.The conversation covers PAC's initiatives, including local chapters, certification programs, and resources designed to help CISOs navigate leadership responsibilities, liability concerns, and emerging cybersecurity threats. Combs also provides insight into broader industry trends, such as the evolving role of CISOs, the importance of cyber hygiene, and the growing impact of AI in cybersecurity.This episode offers valuable information for cybersecurity professionals looking to understand the benefits of PAC and the challenges facing modern security leaders.Links relevant to this episode: Professional Association of CISOs - https://theciso.org/Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, we dive into the world of passkeys and how they're revolutionizing online security. Say goodbye to password fatigue and phishing scams—passkeys promise a more secure and seamless authentication experience. We discuss what passkeys are, how they work, and why major tech companies are adopting them.Topics Covered:What are passkeys and how do they work?The difference between passkeys and traditional passwordsHow passkeys improve security and prevent phishing attacksThe role of biometrics in passkey authenticationHow losing your phone affects access to accountsCross-device authentication and cloud synchronizationWhy big tech companies like Google, Apple, and Microsoft are embracing passkeysThe potential future of cybersecurity beyond passwordsKey Takeaways:Passkeys use cryptographic keys stored on devices for authentication, eliminating the need for passwords.They are more secure than traditional passwords and resistant to phishing attacks.Losing a device doesn't mean losing access—most platforms allow recovery through cloud-based synchronization.Biometrics, such as fingerprint or face recognition, enhance the convenience and security of passkeys.Tech giants are pushing for a passwordless future to improve online security and user experience.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of 'Reimagining Cyber,' Rob Aragao explores major trends and focus areas for cybersecurity in 2025. The discussion includes regulatory impacts, particularly around the Digital Operational Resiliency Act (DORA) and the EU AI Act, the complexities of data privacy with eight new laws in the U.S., and the growing emphasis on compliance automation. Rob also delves into the evolution of identity and access management, the convergence of data and identity, and the critical importance of supply chain security. The episode wraps up with insights into the recent DeepSeek incident and its implications for national security and data privacy.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Reimagining Cyber's Rob Aragao dives into the World Economic Forum's recently released Cybersecurity Outlook for 2025. Key areas highlighted include the impact of geopolitical tensions on cyber espionage, the persistent threat of ransomware, the dual role of AI in bolstering cybersecurity and amplifying cyber attacks, and the ongoing cybersecurity skills shortage. The discussion also covers the importance of resilience in cybersecurity strategy and the critical need for improved collaboration across industries and with the public sector. The episode is packed with practical insights for C-suite leaders, particularly in how these findings can inform and strengthen organizational cybersecurity programs.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Join Reimagining Cyber's host Rob Aragao as he as they talks about the evolving role of the CISO in aligning cybersecurity with business objectives. Rob emphasizes the importance of integrating security early in development processes to foster business agility and protect customer trust. He highlights key strategies for CISOs to effectively communicate with executive leadership and align security initiatives with financial and operational goals. Tune in for expert advice on driving growth and efficiency through a robust cybersecurity framework.00:00 Introduction and New Year Greetings00:59 Reflecting on Past Episodes and Setting the Agenda02:09 The Evolving Role of the CISO03:03 Integrating Cybersecurity with Business Operations03:37 Enhancing Business Agility and Reducing Friction05:55 Protecting Customer Trust and Data Privacy06:46 Mitigating Financial Losses from Security Incidents07:36 Operational Efficiency and Early Security Integration07:52 Communicating Cybersecurity to Stakeholders13:08 Financial Literacy and Budget Justification14:34 Challenges in Cybersecurity Communication17:22 Concluding Remarks and FarewellFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao welcomes Dr. Andrew Reeves, a cyber psychology expert from the University of New South Wales Institute for Cybersecurity. They discuss Andrew's groundbreaking national study on mental well-being in the cybersecurity sector and the high burnout rates among cybersecurity professionals. Dr. Reeves compares these rates to those in other industries, notably frontline healthcare workers, and highlights the lack of appreciation and support for cyber professionals. He shares an example of a colleague who experienced a severe panic attack due to job stress, leading to early retirement. The episode explores systemic issues and potential resources for mental health support within the cybersecurity industry.00:00 Welcome and Introduction00:34 Exploring Cyber Psychology00:44 Comparing Cybersecurity to Other Industries02:47 Burnout in Cybersecurity05:27 Personal Stories and Experiences11:18 Resources and Final ThoughtsLinks/resources mentioned this episode: University of New South Wales Institute for Cybersecurity.https://www.unsw.edu.au/research/ifcyberCybermindzhttps://cybermindz.org/University of Adelaide Defence and Security Institutehttps://www.adelaide.edu.au/defence-security/Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Join Rob Aragao in this unique edition of Reimagining Cyber, as he takes you on a retrospective journey through the most impactful podcast moments of 2024. This episode features highlights from discussions on major topics, including the EU's Digital Operational Resilience Act with Dominic Brown, election defenses with Dr. Ben Adida, MasterCard's cyber defense efforts with John Brickey, global cybercrime insights with Craig Jones, NASA's cybersecurity approaches with Tiffany Snyder, and the advancements and challenges of AI in cybersecurity with Ashley Jess. Don't miss this comprehensive review and stay tuned for more exciting content in 2025!00:00 Welcome to Reimagining Cyber00:46 Inside DORA: EU's Cyber Resilience Path04:12 Securing the Vote: Election Defenses07:27 MasterCard's Cyber Defense Collaboration09:52 Global Cybercrime Insights with Interpol14:02 NASA's Cybersecurity in Orbit17:38 AI and Deepfakes: New Cybersecurity Challenges20:38 Conclusion and Future EpisodesFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Join Reimagining Cyber for a festive special filled with cybersecurity Christmas wishes from industry experts. Hear from Mike Echols on the importance of human error management, Ashley Jess on combating sophisticated scams with AI, Jim Routh's call for passwordless authentication and improved identity access management, Brett Thorson's plea for simplified cybersecurity products, Arun DeSouza's emphasis on IoT security, and Tammy Klotz's reflection on vigilance and proactive protection. Rob Aragao wraps up with thoughts on the convergence of identity and data, as well as the role of AI in enhancing threat detection and responses. Tune in for thoughtful reflections, expert insights, and a look back at the major cybersecurity themes of 2024.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, Rob Aragao revisits the critical topic of cyber threats to critical infrastructure. Rob shares recent alarming developments involving Iranian state-sponsored hacking group 'CyberAv3ngers' and their targeted attacks on U.S. and Israeli IoT and OT devices. The episode underscores the importance of security hygiene and the latest guidance from U.S. governmental agencies.Rob also takes time to reflect on significant cybersecurity events and themes from 2024. Stay tuned for next week's festive episode where past guests share their cybersecurity wish lists for Santa!Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Rob speaks to Dr. Andrew Reeves, expert in cyberpsychology and current Deputy Director of UNSW Institute for Cyber Security.They discuss the intersection of human psychology and cybersecurity. Andrew shares insights from his groundbreaking research including the first national baseline study on mental well-being in the cybersecurity sector.The conversation explores three critical human dimensions in cybersecurity:The Target: Everyday employees vulnerable to social engineering and how organizations can strengthen their awareness to mitigate risks.The Attacker: Understanding the cognitive biases and decision-making processes of hackers to develop effective deterrent strategies, including the surprising power of deception announcements.The Defender: Cybersecurity professionals facing immense pressures, often leading to burnout. Andrew highlights strategies to build resilience and improve both workplace systems and personal well-being.Packed with actionable advice and fascinating psychological insights, this episode is a must-listen for anyone in cybersecurity or interested in the human side of digital defense.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob welcomes Tony Gonzalez, Principal at Inner Vision Services LLC and former CISO for QBE North America. They delve into the topic of third-party risk management, exploring its evolution from a checkbox approach to a comprehensive part of an organization's risk posture. They discuss the challenges and responsibilities involving third, fourth, and even fifth-party risks, especially within large organizations across various sectors like financial services, insurance, and biotech. Regulatory influences such as NYDFS and PCI are also examined, along with practical advice for prioritizing and improving third-party risk assessment processes, highlighting the importance of strategic partnerships and efficient communication.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob is joined by Roland Cloutier, a principal at The Business Protection Group and former CISO at TikTok, to discuss key priorities for organizations in cybersecurity as they move into 2025. The conversation focuses on three major areas: the impact and evolution of AI, the importance of compliance and operational sustainability, and the critical need for enhancing cyber and digital resiliency. Roland emphasizes the convergence of data defense and identity access, providing insights on addressing emerging AI-driven threats, improving business continuity, and leveraging new technologies to better prepare for future challenges. The episode is filled with practical advice and strategic recommendations for security leaders.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this week's episode of Reimagining Cyber, host Rob Aragao (live from Las Vegas!) dives into the convergence of identity security and data protection—a critical topic reshaping the cybersecurity landscape. Rob unpacks the key drivers behind this shift, including regulatory mandates like GDPR and CCPA. The conversation emphasizes the need for organizations to bridge gaps, improve communication, and collaborate across teams for better security outcomes.Tune in for insights on:Why identity and data convergence is essential for both compliance and cybersecurity.Real-world examples of attacks exploiting identity weaknesses to access sensitive data.Practical steps organizations can take to adapt to this paradigm shift.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In Episode 123 of Reimagining Cyber, Rob and the team dives into the complex world of cybersecurity for Industrial Control Systems (ICS) and Operational Technology (OT). Reflecting on insights from recent conversations with industry experts like Eric O'Neill and Tiffany Snyder, the show explores the evolving risks, vulnerabilities, and essential security measures in these critical infrastructure environments. They discuss the role of threat intelligence, the growing need for tailored incident response plans, and the challenges of securing legacy systems against modern cyber threats. Rob also unpacks findings from the latest SANS ICS/OT Cybersecurity Survey, shedding light on current trends such as cloud adoption, AI integration, and the ongoing struggle to bridge IT and OT security gaps. With potential threats looming, this episode underscores the urgent need to strengthen defenses across critical industries.SANS ICS/OT Cybersecurity Survey:https://www.sans.org/white-papers/sans-2024-state-ics-ot-cybersecurity/Previous episodes mention in this edition:From Espionage to Cybersecurity: Lessons from an FBI Legend - Ep 120 with Eric O'Neill Critical Infrastructure Under Siege: Cyber Threats and Counterintelligence - Ep 121 with Eric O' NeillCybersecurity in Orbit: NASA's Digital Defense - Ep 117 with Tiffany SnyderNew Perspectives in Cyber - Ep 23 with Brett HarrisEnergizing Cybersecurity - Ep 60 with Virginia 'Ginger' WrightFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao is joined by Tyler Moffitt, Senior Security Analyst at OpenText, to dive into key findings from the 2024 Threat Hunters Perspective report. Tyler, a veteran in malware analysis, shares insights on the latest adversary tactics, cybercrime trends, and the methodology behind their research. They discuss the complex interplay of nation-state actors like Russia and China, who are leveraging cybercrime gangs to bolster their offensive campaigns, and explore the alarming regularity of DDoS attacks on critical infrastructure in response to geopolitical events.The conversation also covers intriguing case studies, including real-time attacks on Western railway networks after public support for Ukraine, coordinated cyber disruptions during election cycles, and incidents where threat actors demonstrated insider intelligence on military shipments. Tyler offers predictions for the future, warning of an intensifying cyber arms race and the growing impact of generative AI on social engineering, deepfakes, and misinformation.The episode wraps up with practical advice for improving cybersecurity hygiene, emphasizing the importance of patch management, multi-factor authentication, and understanding supply chain vulnerabilities. A compelling listen for anyone interested in staying informed and prepared in the evolving cybersecurity landscape.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Rob Aragao sits down with cybersecurity expert and former FBI operative, Eric O'Neill, to discuss the looming cyber threats to critical infrastructure. Eric delves into the vulnerabilities of the U.S. power grid, water systems, and communications networks, emphasizing how these vital sectors are targeted by hostile actors like Russia, China, North Korea, and Iran. He shares eye-opening examples of past attacks, probes, and the intricate nature of these digital threats, from the infamous Ukraine blackout to ongoing reconnaissance efforts.As geopolitical tensions rise, Eric warns of the potential for catastrophic attacks on critical infrastructure and the growing risk of combined cyber-kinetic strikes. They explore how adversaries infiltrate SCADA networks, the importance of evolving cybersecurity measures, and the necessity of shifting from perimeter defense to active threat hunting.Eric also gives a sneak peek into his forthcoming book, Invisible Threat, which teaches readers how to think like a spy and defend against modern cybercrime. Packed with real-world insights and practical advice, this episode is a must-listen for anyone concerned with the future of cybersecurity and national security.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, Rob Aragao sits down with Eric O'Neill, former undercover FBI operative, national security attorney, and bestselling author. Eric shares his gripping experience as the key operative in bringing down Robert Hanssen, the most damaging spy in U.S. history. Hanssen's betrayal spanned over two decades, during which he sold highly classified information to the Soviet Union and Russia, affecting national security on an unprecedented scale.Eric recounts how his undercover mission within FBI headquarters helped uncover Hanssen's espionage, an operation that also highlighted the emergence of cyber espionage. Hanssen was a pioneer in cyber spying, meticulously stealing sensitive data through compromised systems, and his actions ultimately set the stage for modern cybersecurity challenges.The discussion evolves to focus on today's cyber threats, particularly the intersection of espionage and cybercrime. Eric details how tactics used in traditional espionage have now infiltrated the digital world, with cybercriminals and state-sponsored espionage groups employing sophisticated techniques, including spear phishing and ransomware. The conversation also delves into notable cyberattacks like the SolarWinds and Kaseya incidents, highlighting the shared strategies between espionage and organized cybercrime.With his extensive background in counterintelligence and cybersecurity, Eric offers a unique perspective on the current landscape of cyber threats, stressing the critical importance of understanding the attackers' mindset to effectively safeguard digital infrastructures.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
“We took what we know about nation-state actors... and we found that it was a really effective program. The program has about 1,000 companies enrolled in it to date, and it's blocked 7 billion malicious domains since we started it.”This episode features Kristina Walter, a key figure behind the NSA's Cybersecurity Collaboration Center (CCC), as she discusses the initiative's origins, mission, and future vision. Kristina shares insights into the challenges of protecting critical infrastructure, particularly the defense industrial base, and explains how the CCC bridges the gap between the public and private sectors to combat nation-state cyber threats. She highlights the success of cybersecurity services like DNS protection, attack surface management, and threat intelligence collaboration, as well as key partnerships, including a notable case with Viasat during the Ukraine conflict. Kristina also reflects on her role in the NSA's Future Ready Workforce Initiative and how it aims to evolve the agency's talent pipeline in the face of modern challenges. Tune in for a deep dive into how collaboration, innovation, and partnerships are crucial to advancing national cybersecurity efforts.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, we are joined by Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance (NCA), to discuss the NCA's mission, current initiatives, and the importance of cybersecurity education. They highlight key programs, their collaboration with CISA on cybersecurity campaigns, and their efforts to simplify cybersecurity for the public and businesses. The conversation touches on challenges in public awareness, the role of AI in cybersecurity, and special initiatives for small businesses and historically Black colleges and universities (HBCUs). Tune in to learn how cybersecurity affects everyone from teens to seniors, and what you can do to stay safe online.Key Takeaways:The NCA's Mission: The NCA focuses on educating people of all ages, especially those entering or leaving the workforce, on simple yet impactful cybersecurity practices.“Our mission is really around public education… those not yet in the workforce—maybe in their teens or 20s—and folks no longer in the workforce.”Collaboration with CISA: The NCA values its partnership with CISA, which has amplified cybersecurity messaging through larger campaigns and public service announcements (PSAs).“They've put more budget behind things like PSAs and developing the campaign.”Simplifying Cybersecurity for the Public: The NCA's focus is on encouraging a few basic, effective security behaviors, such as enabling multi-factor authentication (MFA).“If we could get large portions of the public to make a couple of simple changes, what would make the biggest dent in global cybercrime?”Cybersecurity and Small Businesses: The NCA's Cyber Secure My Business program helps small business owners treat cybersecurity as a business risk and improve conversations with their IT service providers. “Teaching them how to manage security as a business risk and have a quality conversation with their MSP or IT provider.”Educating First-Generation College Students at HBCUs: NCA has launched programs to help first-gen students at HBCUs discover cybersecurity career opportunities.“We focus on all the different cybersecurity roles to help them find something they'll be happy doing.”AI and Cybersecurity Concerns: The podcast explores public trust in AI and generational differences in perception, with older individuals being more skeptical of AI technologies.“[Unsurprisingly] it turns out older folks don't trust it as much as younger folks!”Supporting Aging Adults Against Cybercrime: Lisa and Rob talk about the challenges older adults face with cybercrime and how the NCA is working to educate seniors and their caregivers. “The data on cybercrime losses with aging adults is just gutting…”The Kubicle campaign: A humorous yet educational series showing how hackers work like regular employees, aimed at making cybersecurity relatable to a broader audience. “The campaign had over 8 million views… showing people that hackers are sitting in cubicles like the rest of us.”Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao is joined by Tiffany Snyder, the Deputy Chief of Cybersecurity Mission Integration at NASA. Tiffany delves into her journey from the Air National Guard to leading cybersecurity efforts at NASA, where she oversees the protection of one of the most technologically advanced organizations in the world. She highlights the unique cybersecurity challenges NASA faces, including safeguarding mission-critical systems that power space exploration and scientific discovery. Tiffany discusses the importance of collaboration across government agencies, international partners, and industry experts to strengthen NASA's cybersecurity posture.The episode covers key areas such as supply chain security, ensuring the integrity of systems that support both space and ground operations, and how NASA handles massive amounts of data securely. Tiffany also touches on the role of emerging technologies, including artificial intelligence and machine learning, in enhancing NASA's cybersecurity framework. Tune in to hear how NASA is navigating the complex landscape of cybersecurity in space and beyond.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Rob Aragao talks about a recent joint cybersecurity advisory highlighting People's Republic of China-linked actors compromising routers and IoT devices for botnet operations. The advisory points to over 260,000 IoT devices, impacted by a botnet called Raptor Train.It's being alleged that Integrity Technology Group (Integrity Tech) are behind the incident. The report says “[Integrity Technology Group is a] company based in the PRC with links to the PRC government. Integrity Tech has used China Unicom Beijing Province Network IP addresses to control and manage the botnet described in this advisory. In addition to managing the botnet, these same China Unicom Beijing Province Network IP addresses were used to access other operational infrastructure employed in computer intrusion activities against U.S. victims. FBI has engaged with multiple U.S. victims of these computer intrusions and found activity consistent with the tactics, techniques, and infrastructure associated with the cyber threat group known publicly as Flax Typhoon, RedJuliett, and Ethereal Panda.”Detected by Lumen's Black Lotus Labs, the advisory was issued by the FBI, NSA, and Cyber National Mission Force.Rob explains that the botnet leverages code from the notorious Mirai malware, designed to exploit IoT devices running Linux-based systems, which has been in circulation for nearly a decade. He breaks down the architecture of the botnet, including its three-tier structure, and the role of compromised IoT devices, command-and-control servers, and management layers.Additionally, the discussion explores China's growing focus on cybersecurity talent recruitment, including the Matrix Cup, a hacking competition co-sponsored by Integrity Technology Group. The episode also offers recommendations for mitigating IoT device vulnerabilities, such as strong password management, patch updates, and network segmentation.Don't forget to rate, review, and subscribe to stay updated on future episodes!Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In the latest episode of Reimagining Cyber, Rob interviews Bindu Sundaresan, Director of Cybersecurity Solutions at Level Blue, about the evolution and significance of cyber resilience. Bindu, with over 20 years in cybersecurity, discusses how the field has shifted from a focus solely on prevention to a broader approach that includes resilience and recovery.Key points from the conversation:1. Historical Focus: Traditionally, cybersecurity strategies concentrated on preventing attacks. However, the current threat landscape necessitates a shift towards resilience, acknowledging that breaches are inevitable.2. Modern Approach: Organizations are now integrating business continuity planning and disaster recovery with cybersecurity efforts. This holistic approach ensures that operations can continue and recover swiftly after an attack.3. Business Alignment: Bindu emphasizes that cybersecurity should be seen not just as a technical issue but as a business problem affecting overall operations. This shift in perspective helps align cybersecurity efforts with business outcomes and improves the strategic value of cybersecurity roles.4. CISO's Role: For Chief Information Security Officers (CISOs), successfully integrating resilience into their programs involves understanding and prioritizing risks based on business impact. This requires effective communication with other business units and aligning cybersecurity investments with broader business goals.5. Evolution of Cybersecurity: The conversation highlights the shift from compliance-driven approaches to risk-driven and resilience-focused strategies. This evolution is crucial for achieving digital resilience and 6. Identifying Sensitive Data: Organizations must first identify what constitutes sensitive data for their specific context, considering regulatory requirements, business use, and industry standards. Without this understanding, investments in data protection might be misallocated.7. Data Classification and Flow: It is crucial to classify sensitive data and map how it flows within and outside the organization. This helps in applying appropriate security controls and prevents unnecessary complexity and expense.8. Continuous Review: Data classification and protection are not one-time tasks. Organizations need to regularly update their data inventory and classification as their data environment evolves9. Incident Response and Resilience: Organizations should develop tiered recovery plans that prioritize critical business functions during incidents. Regularly updated tabletop exercises should simulate realistic and current scenarios to test response plans effectively.10.Cross-Functional Involvement: Effective incident response involves cross-functional teams, including IT, legal, PR, and executive leadership. Establishing what constitutes minimum viable operations helps prioritize recovery efforts and resource allocation during an incident.11.Evolving Practices: The goal is to continuously refine incident response and recovery practices to improve resilience over time. Embracing a lifecycle approach to security and resilience can turn digital resilience into a competitive advantage.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of "Reimagining Cyber," host Rob Aragao continues his insightful conversation with Craig Jones, former Director of Interpol's Global Cybercrime Directorate. They delve into the countries most targeted by cybercrime and the regions where these crimes often originate. Craig highlights the challenges of combating cyber threats in areas with limited law enforcement capabilities and underscores the critical need for international cooperation. The discussion explores successful regional collaborations, the development of international cybercrime conventions, and the importance of resilient infrastructures, especially for SMEs. Craig also emphasizes the need for security by design in technology, regular preparedness drills within organizations, and ongoing global efforts to enhance cybersecurity through awareness campaigns and private sector partnerships. Despite the challenges Interpol faces, the episode underscores the importance of operational relevance, capacity building, and community engagement in the fight against cybercrime.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of "Reimagining Cyber," host Rob Aragao interviews Craig Jones, the former Director of the Global Cyber Crimes Directorate at Interpol. Jones provides a comprehensive overview of Interpol's role in combating cybercrime, emphasizing its unique position as a non-executive body that facilitates international law enforcement collaboration among 196 member countries.Jones discusses the structure and function of Interpol, noting how it connects various national police forces to coordinate cybercrime operations, despite being unable to directly run investigations. He explains how Interpol's cybercrime efforts are organized around prevention, detection, investigation, and disruption, aiming to reduce the global impact of cybercrime and protect communities worldwide.The conversation also delves into the challenges of dealing with borderless cybercrime, such as ransomware, business email compromise, and data theft. Jones highlights the complexities of international cooperation, especially when cybercriminals operate across different jurisdictions. He also touches on the recruitment process for Interpol's cybercrime division, stressing the importance of diverse backgrounds and expertise.Finally, the discussion explores the evolving landscape of cybercrime, the rise of the cybercrime economy, and the critical role of cyber resilience in protecting organizations. Jones and Aragao underscore the importance of involving board-level executives in cybersecurity decisions and the need for a comprehensive approach to cyber resilience, emphasizing the long-term benefits of such strategies in the face of ongoing cyber threats.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Roland Clouthier, former CSO of TikTok and cybersecurity expert, explores the role of AI in cybersecurity, the evolving landscape of cloud security, and the critical importance of identity management. Roland shares insights on how to effectively allocate security budgets, the importance of understanding risk tolerance, and the need for transparency in AI governance. Tune in to gain valuable tips on future-proofing your organization's cybersecurity strategy in the face of emerging challenges.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of "Reimagining Cyber," Rob Aragao hosts a conversation with Tammy Klotz, a best-selling author and current CISO at Trinseo. Tammy discusses her career trajectory, which includes leadership roles at Covanta Energy and Versum Materials, and shares insights from her recent book, Leading with Empathy and Grace: Secrets to Developing High-Performing Teams. Additionally, she addresses the challenges women face in cybersecurity, offering advice on building confidence, taking risks, and overcoming barriers in a male-dominated field. The episode provides valuable takeaways for aspiring leaders and women looking to enter or advance in the cybersecurity industry.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, hosts Rob Aragao dives into the intersection of sports and cybersecurity, inspired by a cyber attack at the recent Paris Olympics.The conversation takes a deep dive into the cyber threats that have historically plagued the Olympics, from the 2016 Rio Games to the 2018 Winter Olympics in Pyeongchang. They discuss the frequent denial of service attacks, ransomware, and phishing campaigns that target such high-profile events. The Tokyo 2020 Olympics saw an astounding 450 million cyber events, setting the stage for heightened vigilance at the Paris Games, where over 3 billion cyber threats were anticipated.Rob and Ben explore the potential motivations behind these attacks, ranging from geopolitical tensions to the desire for disruption or financial gain. They emphasize the importance of rigorous preparation, including ethical hacking and advanced security measures, to protect such significant global events.Tune in to hear how the world's largest sporting event has become a prime target for cybercriminals and what it takes to defend against these sophisticated threats.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, we dive deep into the world of cybersecurity with Jon Brickey, Senior Vice President at Mastercard. With extensive experience across military, government, and corporate sectors, Jon offers unique insights into the evolving landscape of cyber threats and defenses.Jon shares how Mastercard is at the forefront of fostering a culture of collaboration and partnership in cybersecurity. He highlights the company's commitment to collective defense, emphasizing the need for global consistency and innovation in building a future-ready cyber workforce. Learn about Mastercard's pivotal role in organizing the tri-sector cyber defense exercise, which unites the energy, telecom, and finance sectors with government agencies. This initiative aims to enhance cyber resilience through strategic collaboration and shared best practices.Throughout the conversation, Jon underscores the importance of agile industry responses to cyber threats and the critical synergy between government and industry in addressing these challenges. He delves into the ways Mastercard is preparing for future cyber threats, from developing cutting-edge technologies to implementing robust training programs for their teams.Listeners will gain valuable insights into the strategic initiatives that are shaping the future of cybersecurity. Jon's perspective on the importance of public-private partnerships, the role of innovation in cyber defense, and the need for a proactive approach to cybersecurity provides a comprehensive understanding of the current and future state of the industry.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this riveting episode of "Reimagining Cyber," host Rob Aragao continues his deep dive into the shadowy world of cyber threats with Ashley Jess, Senior Intelligence Analyst at Intel 471. As a follow-up to their previous discussion, Ashley delves into the alarming rise of deepfakes and disinformation.Ashley sheds light on the evolving tactics of cybercriminals, from sophisticated "Know Your Customer" (KYC) bypass methods to the increasing use of AI in creating convincing deepfake videos and misinformation campaigns. She discusses the implications of these threats for both private and governmental organizations, emphasizing the importance of vigilance and proactive defense measures.Listeners will learn about the significant risks posed by AI-generated content, the psychological impact of pervasive deepfakes, and the crucial role of basic cybersecurity hygiene in countering these advanced threats. Ashley also offers a glimpse into the future of cyber threats and the ongoing battle between cybercriminals and defenders.Don't miss this insightful episode, and be sure to catch the first part of this conversation for a comprehensive understanding of the current cyber threat landscape.Key Topics:Deepfakes and their impact on the Summer OlympicsEvolution of AI-enabled KYC bypass methodsDisinformation campaigns targeting elections globallyThe psychological and practical challenges of detecting AI-generated contentEffective cybersecurity practices to defend against emerging threatsFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode of Reimagining Cyber, host Rob Aragao interviews Ashley Jess, a senior intelligence analyst at Intel 471. Ashley discusses her transition from the FBI to her current role, highlighting her expertise in malware trends and AI abuse. The conversation explores the rise of info stealers, the decline of drainer malware, and the increasing use of AI by cybercriminals for social engineering and fraud. Ashley also delves into specific cases like Worm GPT, illustrating the evolving tactics of threat actors.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
The latest episode of Reimagining Cyber dives into the recent major data breaches that have rocked the telecom sector, focusing on the latest AT&T incident. It begins by reflecting on the historical context of cyberattacks in telecom, noting T-Mobile's previous breach involving 85 million records and a hefty $500 million settlement.Host of the show Rob Aragoa details the chronology of AT&T's breaches, starting with a lesser-known incident from 2021, where the hacker “ShinyHunters” initially infiltrated AT&T's systems. Despite early warnings, AT&T dismissed the threat, leading to a subsequent data dump on the dark web in early 2023, exposing over 73 million records. Fast forward to the latest breach disclosed last week, impacting a staggering 110 million customers, with call and text message records from May to October 2022 being compromised.Rob explains the intricate balance between national security concerns and public transparency, highlighting the role of the Department of Justice in delaying the breach announcement.The discussion then shifts to the broader implications and accountability within the telecom industry. Rob references the FCC's recent update to their data breach notification rules, which were 16 years old, underscoring the urgent need for regulatory improvements.Rob concludes by examining the steps AT&T and its cloud data provider, Snowflake, are taking to prevent future breaches, such as implementing mandatory multi-factor authentication. They stress the importance of basic cybersecurity hygiene and the necessity for ongoing vigilance in protecting sensitive customer data.This episode offers a comprehensive look at the complexities and challenges in securing the telecom sector, leaving listeners with critical insights into how these breaches occur and the measures needed to prevent them. Tune in for an engaging and informative discussion on one of the most pressing issues in cybersecurity today.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
Join hosts Stan Wisseman and Rob Aragao as they engage with Martin Roesch, CEO of Netography and creator of Snort. With over 25 years in cybersecurity, Martin discusses network security evolution, especially in network observability. He explains the shift from traditional deep packet inspection (DPI) to leveraging metadata for network analysis due to the rise of encryption and dispersed networks. This metadata approach offers a broader view of network activities, overcoming DPI limitations.The conversation explores the complexities of maintaining security across different environments and the inefficiencies of disparate security tools for on-premises IT, AWS, Azure, and OT environments. Martin stresses the need for a unified security strategy adaptable to modern network architectures. He highlights metadata-based analysis for effectively detecting anomalies and reducing false positives, offering a clearer network activity picture.Martin also addresses the challenge of tracking lateral movement within and across cloud environments. Current security tools often fail to monitor these movements in real time, complicating threat response. Adopting a metadata-centric approach enhances understanding and mitigation of lateral movements, bolstering security posture.Rob Aragao further asks about emerging threats and key technologies in multi-cloud security. Martin emphasizes the promise of data security over identity as a perimeter and the need for unified, frictionless toolsets in multi-cloud environments to reduce operational friction. As enterprise networks expand, these low-friction architectures are vital for scalable, efficient security solutions, presenting opportunities for companies providing seamless multi-cloud capabilities.Tune in to gain deeper insights into the current and future state of network security from a leading expert.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, we delve into the recent cyber attack on CDK Global, a leading technology provider for the automotive industry. This incident, which disrupted operations for thousands of car dealerships across the United States, serves as a stark reminder of the vulnerabilities in our interconnected digital landscape.Join us as we explore the immediate and long-term impacts of the attack, including significant operational disruptions and financial consequences that are expected to linger for months, if not years. We discuss the crucial lessons learned from this incident, highlighting the importance of robust cybersecurity measures, proactive threat detection, and the continuous evolution of security best practices.We also examine the broader implications for operational continuity and resilience. Discover why it's essential for businesses to prepare for potential threats, implement redundancy and alternative strategies, and demand better security assessments and visibility from their service providers.Furthermore, we address sector-specific challenges faced by automotive dealerships, such as the variability in resources and support structures, and the role of manufacturers in providing alternative software solutions.Finally, we touch on the regulatory and legal landscape, including SEC breach disclosure requirements and related lawsuits, underscoring the necessity of compliance and transparency in cybersecurity.Tune in to gain valuable insights into the critical importance of cybersecurity in today's digital age and learn how organizations can stay vigilant and proactive in protecting their operations and data.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Stan Wisseman and Rob Aragao welcome Justin Young to explore the transformative role of Software Bill of Materials (SBOMs) in enhancing software supply chain security. Justin shares his extensive experience and insights into how SBOMs contribute to the maturation of the software industry, drawing parallels with the auto and food industries' approaches to defect and ingredient tracking.The discussion delves into the regulatory landscape, highlighting the FDA's SBOM requirements for medical devices, the U.S. National Cybersecurity Strategy, and various compliance mandates from CISA, DORA, PCI, and the EU CRA. Justin explains the importance of shifting liability to software vendors and away from end users and open-source developers, emphasizing the need for actively maintained and secure software components.Listeners will gain an understanding of the different SBOM formats, Cyclone DX and SPDX, and their respective advantages. Justin also addresses the challenges organizations face in managing SBOMs, including procurement, validation, and the necessity of a dedicated SBOM program manager.Finally, the episode explores the practicalities of SBOM implementation, from storage and cataloging to enrichment and vulnerability management, offering a comprehensive guide for organizations aiming to bolster their software security practices.Tune in to learn how SBOMs are reshaping the software industry, driving transparency, and enhancing security across software supply chains.Relevant Links:Episode 88: Open-Source Software: Unlocking efficiency and innovationEpisode 41: Do a little dance, Time for some SLSAEpisode 26: Log4j Vulnerabilities: All you need to know and how to protect yourselfEpisode 4: SolarWinds: Bringing down the building… Software Supply-Chain Pressure PointsWhitepaper: The need for a Software Bill of MaterialsSoftware Supply Chain Hub pageFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this podcast episode, hosts Rob Aragao and Stan Wisseman are joined by Arun DeSouza, a renowned expert in connected vehicle security and former CISO at leading automotive companies. Arun begins by highlighting the critical challenges facing connected vehicles, emphasizing the importance of security by design throughout the development lifecycle. He stresses the need for rigorous vulnerability assessments and penetration testing to prevent vulnerabilities that could lead to remote hacking or data breaches.Arun discusses the vital role of infrastructure connectivity and encryption in securing data transmission between vehicles and the cloud. He emphasizes the necessity of secure over-the-air software updates to patch vulnerabilities promptly. Addressing the risks associated with peripheral devices connected to vehicles, Arun advocates for robust system interface protections and micro-segmentation strategies to isolate critical systems from non-critical ones.Privacy and data security emerge as central concerns, with Arun emphasizing the importance of adhering to privacy-by-design principles. He discusses the implications of GDPR-like standards for protecting sensitive data collected by connected vehicles and underscores the need for user consent frameworks in data handling practices.The conversation extends to the complex automotive supply chain ecosystem, where Arun stresses the importance of implementing robust security measures across third-party suppliers. He highlights the role of continuous security assessments and collaborative efforts within the supply chain to mitigate cybersecurity risks effectively.Concluding the episode, Arun offers practical advice for consumers considering connected vehicles, suggesting they seek transparency from manufacturers regarding cybersecurity features. He encourages leveraging industry networks and expert advice to make informed decisions about vehicle purchases in 2024.Join us for an insightful exploration of the evolving landscape of connected vehicle security.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com
In this episode, Rob Aragao and Stan Wisseman look at the intriguing transition from Chief Information Security Officer (CISO) to Chief Technology Officer (CTO). Drawing from a recent sidebar conversation among CISOs and an insightful article from Dark Reading, they examine why this trend is becoming more prominent. With examples from organizations like Bank of America, Fifth Third Bank, and Equifax, Rob and Stan discuss the key attributes that make this career move logical and beneficial.The conversation highlights the importance of collaboration, strategic thinking, and the deep understanding of both technology and business impact that CISOs bring to the table. They delve into how the roles of CISO and CTO overlap, particularly in driving innovation, increasing revenue, and embedding security by design into business solutions.Rob and Stan also consider the broader influence a CTO has on an organization's technology strategy, the operational experience both roles share, and the potential motivations behind CISOs seeking to transition—whether to escape the increasing personal liability associated with security breaches or to pursue new professional growth opportunities.Additionally, the episode touches on the challenges CISOs might face in this transition, such as the need for expertise in product development and the software lifecycle. As discussed in this episode: https://www.darkreading.com/cybersecurity-careers/ciso-as-a-cto-when-and-why-it-makes-senseFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com