Podcasts about colonial pipeline

  • 1,138PODCASTS
  • 1,776EPISODES
  • 39mAVG DURATION
  • 1EPISODE EVERY OTHER WEEK
  • Apr 16, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about colonial pipeline

Show all podcasts related to colonial pipeline

Latest podcast episodes about colonial pipeline

Cyber Crime Junkies

Cyber Crime Junkies

Play Episode Listen Later Apr 16, 2025 58:42 Transcription Available


What if the hackers are actually the heroes?In this mind-blowing episode, host David Mauro sits down with Matt Toussain, elite military cyber warrior, DEF CON speaker, and Founder of Open Security, to reveal how offensive security and real-world hacking tactics are helping businesses reduce risk, fight cybercrime, and stay ten steps ahead of threats.

Microsoft Threat Intelligence Podcast
The Professionalization of the Ransomware Criminal Ecosystem

Microsoft Threat Intelligence Podcast

Play Episode Listen Later Mar 19, 2025 40:37


In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by ransomware experts Allan Liska from Recorded Future and Jonathan Braley, Director of Threat Intelligence for IT-ISAC, to get a pulse check on the current state of ransomware.   They discuss how ransomware has shifted from simple attacks, like Locky, to more sophisticated, high-stakes campaigns targeting entire networks and demanding millions of dollars. Allan and Jonathan also highlight the rise of ransomware-as-a-service, the emergence of big game hunting attacks, and the increasingly professionalized criminal ecosystem surrounding ransomware. The conversation further explores the psychological aspects of cybercrime, focusing on the mindset of ransomware operators—particularly in Eastern Europe and Russia—where the line between crime and business can often be blurred.  In this episode you'll learn:       Why attackers now target entire networks instead of just single machines  How cybercriminal groups turned ransomware into a profitable business model  The unique challenges healthcare employees face during ransomware attacks  Findings from IT-ISAC's recent ransomware reports    Some questions we ask:        How did the Colonial Pipeline attack lead to real-world actions?  Will paying the ransom restore the organization's data and operations?  What are the differences between ransomware from 10-12 years ago and ransomware today?    Resources:   View Allan Liska on LinkedIn   View Jonathan Braley on LinkedIn   View Sherrod DeGrippo on LinkedIn     IT-ISAC Ransomware report  Food and AG-ISAC Ransomware report  Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

@BEERISAC: CPS/ICS Security Podcast Playlist
Rethinking IT and OT: Lessons from the Colonial Pipeline Cyber Attack

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 13, 2025 21:22


Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Rethinking IT and OT: Lessons from the Colonial Pipeline Cyber AttackPub date: 2025-03-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow tackles the ongoing debate of IT versus OT attacks, using the example of the Colonial Pipeline incident to illustrate his point. Aaron argues that focusing on whether an attack is an IT or OT issue misses the bigger picture - the real impact on operations.  Through engaging stories and industry insights, Aaron emphasizes that asset owners ultimately care about operational continuity, revenue, safety, and risk management, rather than rigid definitions.  Join us as we explore why understanding the broader business risks is crucial and how organizations can better protect themselves in this evolving landscape. Key Moments;    04:48 Key Role of OSI PI in Utilities 09:05 New Domain Issue: Same Name, No Access 11:26 IT vs. OT Asset Management Dilemma 15:28 OT Cybersecurity: Beyond Securing PLCs 18:47 Blurring Lines Between IT and OT 19:36 Business Risk and Cyber Protection Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co  The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

AZ Tech Roundtable 2.0
Cybersecurity Response Plan w/ Frank Grimmelmann of ACTRA - AZ TRT S06 EP03 (264) 2-9-2025

AZ Tech Roundtable 2.0

Play Episode Listen Later Feb 25, 2025 49:14


  Cybersecurity Response Plan w/ Frank Grimmelmann of ACTRA   - AZ TRT S06 EP03 (264) 2-9-2025                 What We Learned This Week ACTRA Arizona Cyber Threat Response Alliance Cyber threats affect everyone from Gov't to business to private and growing Companies need to be responsive with speed to be effective + share information of attacks ACTRA has members from both government and private sector ACTRA helped create a state cybersecurity response model that other states can use     Guest: Frank Grimmelmann https://www.actraaz.org/actra/leadership President & CEO/Intelligence Liaison Officer   Mr. Grimmelmann also serves as Co-Chair (together with Arizona's Chief Information Security Officer) for the Arizona Cybersecurity Team (‘ACT'), created through the Governor's Executive Order signed in March 2018. He also serves as a Founding Member of the National Leadership Group for the Information Sharing & Analysis Organization Standards Organization (‘ISAO SO') at the University of Texas San Antonio (UTSA), created under the President's Executive Order 13691 in February 2015. As ACTRA's leader, Mr. Grimmelmann was invited as the first private sector representative in the Arizona Counter Terrorism Information Center (ACTIC) and served as its first private sector Executive Board representative from 2014-2019. He presently acts as ACTRA's designated private sector liaison to ACTRA's Key Agency and other non-Member Stakeholders.    Mr. Grimmelmann served four terms as AZ InfraGard's President from 2009-2012, serves today on numerous academic advisory boards, co-Chairs the Greater Phoenix Chamber's Cybersecurity Workforce Collaborative initiative, and is an engaged Member of the Arizona Technology Council's Cybersecurity Advisory Board.  In 2019, Mr. Grimmelmann was honored by the FBI, and the Board of Directors of both ACTRA and Arizona InfraGard as the first recipient of Arizona InfraGard's ‘Visionary Award' for creating the ACTRA framework  over his last 2 terms as Arizona InfraGard's President, and ACTRA's resulting collaboration between law enforcement/ intelligence agencies/USCYBERCOM, and its public, private and academic organizations over the past 7 years.   He was simultaneously recognized by the FBI's then Deputy Director for his contribution over the years. He remains an active Member of InfraGard since 2003 and an active Lifetime Member of the FBI Citizens Academy since 2006.   Since 2002 he has devoted his full-time attention to protecting our nation's critical infrastructure and national security interests, through eliminating unnecessary silos that hinder communication, allowing  us to respond to today's increasing threat from our cyber adversaries, and in turn permitting ACTRA's Member Organizations to protect their critical infrastructure and our national security interests, while protecting their organization's assets .   Educationally, he holds a dual MBA in International Business and Finance from the University of California at Berkeley and brings decades of experience as a senior executive in finance, healthcare and government, prior to focusing on Cybersecurity in response to 9/11.          Notes:   Seg 2   Cyber threats affect everybody, business, personal, and government. Cyber crime is a fact of life that we need to live with it, but stay ahead.   Criminals are on the offense and only have to be correct 1% of the time. Everybody else is playing defense and has to be right 100% of the time.   AI is an advanced tool that is turned out to be a two edge sword, can help and hurt. AI can only catch so much but can give a few of what is going on.   This is a matter of national security, dealing with homeland security and many other departments of the government.   You have threat intelligence to determine roles on how you're going to handle hackers and ransom ware. Hackers can be local or foreign.   All companies need a cyber policy and some sort of rapid tactical response.   Cyber attacks are an ever growing threat to people and businesses, and continue to surge in 2024. There was 107% surge in malware attacks.   These are on corporate computers, computers at work or home computers or even Home devices like Ring. You get a text through devices, phishing attacks.   Company business email can be compromised in an attack, people's passwords come out and it leads to millions of dollars in losses. Elderly people are very vulnerable, 353,000 attacks.   You have supply chain threats by terrorist and nation state actors. There was a recent attack on United Healthcare for 100 million. People‘s information was exposed. This led to a $22 million ransom payment.   Cyber attacks cause $2.9 billion in damages. Companies are paying ransom to faceless criminals. Very tough for the FBI to be tracking down on these criminals and try to fend off the extortion of stolen data.   Payments for ransom could be made through Bitcoin, which is difficult to trace, though it leaves somewhat of a forensic trail. Constant need for regulation and oversight from the government.   Famous incident last year was not even an attack, but the Crowdstrike software update. ACTRA had a quick response that day. One that helps clients and partners recover fast. In a similar instant, Delta was down for weeks with computer problems.   When you think about what goes on with banks back to 2008 - what loans they have on balance sheet and then off balance sheet securitized - not regulated like normal loans.   Issues with underwriting standards on loans. Not even sure what can be affected in a Cyber attack. Off balance sheet loans and debt is similar to crypto or Bitcoin where it is not being regulated.   PPD-41 was a directive to show responsibilities of government agencies and dealing in cyber. You had homeland security as a defensive arm to protect the nation's assets.   Enforcement is done in the US by the FBI. Overseas it's done by US Cyber Command.     Seg 3   Frank background in the 1990s in private business, worked in healthcare. Then was the chief info officer and the only 2000s at clinical in Stanford. Healthcare is very vulnerable.   Post 9/11 he worked with FBI outreach program called InfraGuard on how to share intelligence with cyber threats. Needs to be treated like terrorism or criminal acts, though they're taking stolen IP. Need to move to a more stable world.   2011 study was done by government organizations to review the process and make recommendations on how to deal with counterterrorism and cyber.   90% of the critical infrastructure in the US is in the private sector. They do need Fed level help, but have also have a local response. Cyber threat actors move quickly and act like a terrorist organization.   General Stanley McChrystal had a great quote, ‘It takes a network to defeat a network.' Cybersecurity is everyone's problem. You need education and organization. This is a 5th generation problem and you have to be adaptive.   ACTRA is a nonprofit dealing with cyber security. They've got pillars of empowerment, trust technology and intelligence. Need for the private companies to develop to train and recruit to handle this threat.   They created a model which allows to bring the fight on offense - and all work together sharing information. Virtual response team, small and big with the private sector as a partner.   ACTRA is a hub for info, and keeps its member information private. Some members are public like Arizona State. Actual model can be used for the rest of the nation. Government and private cannot do it alone. Not all states have this type of organization, but probably need it.     Seg 4   ACTRA started in January 2013. Give U.S. states a model for cyber security. Collective defense and share information with public and private organizations. The goal is to breakdown silos between government and the corporate world.   Not just a thing tank, has an active model. Review of ACTRA model is best in the country and a good hub for response and info.   In 2015, they helped Wisconsin create their own state organization for cyber threats. Soon after, Maryland created one using ACTRA as a model. Needs to be an effort of collaboration, merge the construct of entrepreneur spirit to take action.   So the government cyber threats are handled nationally at a Fort Meade, where the NSA is.   Frank's background in business in finance and healthcare fields.   Info is useless if not used for action. You need actionable intelligence that is current to take down a threat. You need more than continuing education and certificates for people, must go beyond this.   Virtual response team like a local militia who can help protect assets. Going after cyber criminals can be a little bit like a whack a mole.   Overtime, hopefully there will be a national strategy for info sharing. A type of decentralized and local organization that work with government.   The private sector owns the vast amount of data so they have to determine who they're going to share it with and how.   Defend vs Cyber fast while still working within the spirit of the law.       Seg. 1 Clips from Related Shows: Cybersecurity, Disruption, Blockchain & Terrorism w Ari Redbord of TRM Labs - BRT S02 EP31 (78) 8-1-2021     What We Learned This Week Cybersecurity is extremely important industry for national security TRM Labs startup in cyber-security, monitors blockchain OFAC - Gov't administers economic and trade sanctions Ransomeware – specific breach, takeover of a computer system, holds data hostage Programatic Money Laundering – bad guys create new addresses, create ‘shell' companies   Guest: Ari Redbord, Head of Legal and Government Affairs w/ TRM Labs https://www.linkedin.com/in/ari-redbord-4054381b4/ https://www.trmlabs.com/post/trm-labs-appoints-ari-redbord-as-head-of-legal-government-affairs   Ari is formerly a US Attorney, and worked in the Treasury Department, now advises the Government on cybersecurity, and Blockchain. Cybersecurity is a fast growing and extremely important industry for national security, and corporate interests. There are Nation States acting as bad players in the cyber realm and targeting the US Government and US business. We discuss the advancements in technology on cyber crime, blockchain, crypto, and online fraud. How is the FBI dealing with Ransomware, and other cyber attacks on prime targets like the Colonial Pipeline, or other big corps. What Regulations are coming in banking, and Fintech, with KYC (Know Your Customer), plus the big banks like JP Morgan Chase and Goldman are on board.  What the blockchain ledger can help solve in security, to monitor criminal activity in real time with the help of crypto exchanges like Coinbase.  Lastly, what TRM Labs does for clients, how they advise, operate, and who they work with.   Full Show: HERE     Phishing, Malware & Cybersecurity - Try Not to Get Pwned - BRT S02 EP47 (94) 11-21-2021   What We Learned This Week:   Have I been Pwned? Means have I been breached / hacked – did someone hack my email or website Phishing – most common type of email threat, like when you receive a strange email with a link – Do Not Open – DELETE (and alert other office staff of the email) Ramsonware – hack your website, or data – hold it hostage for an extortion ‘ransom' payment Dark Web – where stolen data, & info is being bought & sold VPN Connections – direct and secure   Guests: Vince Matteo, Seven Layer Networks, Inc. https://sevenlayers.com/ Vince Matteo is a certified penetration tester, a security researcher, and a senior consultant at Seven Layers (.com) where he focuses on securing small businesses.  Vince is the author of "Hacking 101 – A Beginner's Guide to Penetration Testing", he's a bug bounty hunter with 17 published critical vulnerabilities, and he's presented talks on offensive hacking at security conferences -- most recently GrrCON in Grand Rapids, MI and BSides in College Station, TX.  Outside of work, Vince is an accomplished endurance athlete, an Ironman age group champion, and in his spare time, you can find him in the desert -- training for the next hundred-mile ultramarathon.    Full Show: HERE     Biotech Shows: https://brt-show.libsyn.com/category/Biotech-Life+Sciences-Science   AZ Tech Council Shows:  https://brt-show.libsyn.com/size/5/?search=az+tech+council *Includes Best of AZ Tech Council show from 2/12/2023   Tech Topic: https://brt-show.libsyn.com/category/Tech-Startup-VC-Cybersecurity-Energy-Science  Best of Tech: https://brt-show.libsyn.com/size/5/?search=best+of+tech   ‘Best Of' Topic: https://brt-show.libsyn.com/category/Best+of+BRT      Thanks for Listening. Please Subscribe to the AZ TRT Podcast.     AZ Tech Roundtable 2.0 with Matt Battaglia The show where Entrepreneurs, Top Executives, Founders, and Investors come to share insights about the future of business.  AZ TRT 2.0 looks at the new trends in business, & how classic industries are evolving.  Common Topics Discussed: Startups, Founders, Funds & Venture Capital, Business, Entrepreneurship, Biotech, Blockchain / Crypto, Executive Comp, Investing, Stocks, Real Estate + Alternative Investments, and more…    AZ TRT Podcast Home Page: http://aztrtshow.com/ ‘Best Of' AZ TRT Podcast: Click Here Podcast on Google: Click Here Podcast on Spotify: Click Here                    More Info: https://www.economicknight.com/azpodcast/ KFNX Info: https://1100kfnx.com/weekend-featured-shows/     Disclaimer: The views and opinions expressed in this program are those of the Hosts, Guests and Speakers, and do not necessarily reflect the views or positions of any entities they represent (or affiliates, members, managers, employees or partners), or any Station, Podcast Platform, Website or Social Media that this show may air on. All information provided is for educational and entertainment purposes. Nothing said on this program should be considered advice or recommendations in: business, legal, real estate, crypto, tax accounting, investment, etc. Always seek the advice of a professional in all business ventures, including but not limited to: investments, tax, loans, legal, accounting, real estate, crypto, contracts, sales, marketing, other business arrangements, etc.  

The Founders Sandbox
Resilience: Deeptech, Female, Veteran, Bipoc

The Founders Sandbox

Play Episode Listen Later Feb 11, 2025 55:27 Transcription Available


On this episode of The Founder's Sandbox, Brenda speaks with Chasity Lourde Wright. Chasity is inventor and founder of Infiltron  Software Suite LLC. Infiltron operates in the cybersecurity space; a Service disabled-Veteran owned and women-owned small business. Infiltron offers quantum-resistant cybersecurity solutions for decentralized digital identity, digital assets, and AI governance, utilizing proprietary post-secure encryption. Its patented technology integrates AI, blockchain, and quantum-resistant encryption to provide advanced cyber resilience, compliance enforcement, and real-time threat mitigation across multiple industries, including aerospace & defense, fintech, smart cities, and EVs.   Chasity, as inventor, speaks about her team and how creativity in the work place is necessary for  enhancing innovation on really tough problems like Cybersecurity. As the CEO of Infiltron, Chasity Lourde Wright is also a former USAF Aerospace Engineer, Intel Officer, and Cybersecurity Instructor with extensive experience in cybersecurity, AI governance, and national security. She was part of the team that developed reconfiguration capabilities for the USAF C-130 and contributed to the creation of the CMMC framework since its inception in 2019. Additionally, she has engaged in high-level cybersecurity and AI governance initiatives, including industry collaborations, government advisory roles, and proprietary innovations in quantum-resistant encryption, AI security, and blockchain-based compliance solutions. Her expertise extends beyond participating in NIST challenges, encompassing leading-edge cybersecurity development, policy influence, and defense sector innovations. You can find out more about Chasity and Infiltron at: https://www.linkedin.com/in/infiltronsoftwaresuite/ https://infiltron.net/     Transcript: 00:04 Hi, I'm pleased to announce something very special to me, a new subscription-based service through Next Act Advisors that allows members exclusive access to personal industry insights and bespoke 00:32 corporate governance knowledge. This comes in the form of blogs, personal book recommendations, and early access to the founder's sandbox podcast episodes before they released to the public. If you want more white glove information on building your startup with information like what was in today's episode, sign up with the link in the show notes to enjoy being a special member of Next Act Advisors. 01:01 As a thank you to Founders Sandbox listeners, you can use code SANDBOX25 at checkout to enjoy 25% off your membership costs. Thank you. 01:19 Welcome back to the Founder's Sandbox. I am Brenda McCabe, your host of this monthly podcast in which I bring entrepreneurs, founders, corporate directors, and professional service providers who, like me, want to effectuate change in the world by building resilient, scalable, and purpose-driven companies. I like to recreate a fun sandbox environment with my guests. And we will touch on not only their purpose, 01:47 and what has driven them to create their own businesses. But also we're going to touch upon topics such as resilience, purpose-driven, and scalable sustainable growth. Today, I am absolutely delighted to have as my guest Chasity Wright. Welcome, Chasity. Hey. Thank you for having me. 02:13 Super excited to talk about how Infiltron has evolved and the lessons learned and how we're preparing to relaunch in 2025. Excellent. And it's perfect timing because I've known you for a couple of years now. Yeah. Right. So Chasity is CEO and founder of Infiltron Software Suite, a company that's headquartered out of Atlanta. 02:40 She is oftentimes in Los Angeles because she's working largely in the defense market and cyber security. So I wanted to have you on my podcast because you have gone further in building your business. So you and I met, I want to say back in 2022, you came out of the Women Founders Network cohort. 03:08 kind of very early stage. One of the events that I was a host of was the Thai So Cal Women's Fund. And you weren't yet ready for investing, but we struck up, I would say a friendship and I admire many things about you as, and we'll get into it in the podcast here, but you touch. 03:35 quite a few or check of quite a few boxes for my podcast. You says, so you are a woman owned veteran and women owned business. You are a veteran of the Air Force. You're in deep tech and you're by park and queer. And so there's many many boxes that you check and it was difficult to kind of hone in on what I really wanted to bring into the podcast today, but we're going to we're going to start from here. 04:05 I always like to ask my guests to start with kind of their origin story. I, when I first met you, right, in private conversations, got to hear your origin story and why you do what you do, what your firsthand experience while on missions, right, that really informed your aha moments to create infiltrant. 04:33 as a cybersecurity company. So tell us a bit about your origin story, Chasity. So, I mean, my origin story has, if you can imagine all of these different paths kind of streamlining into one path. So one of those paths would be a little black girl born in Georgia, still seeing dirt roads and... 05:01 being able to go to the country and work on a farm and, you know, just still having that connection to the past, you know, and not necessarily the past in a bad way. So athletic, played ball in college, went to Clark Atlanta University, you know, the HBCUs are a big hurrah right now, but they've always been one. 05:29 I grew up with one in my backyard, Fort Valley State, which is in Fort Valley, Georgia. So, you know, roughed it with the boys, played in the backyard with the boys, always been a boys girl, cousins, neighbor. We're all still close. We all still play sports when we meet. So it's like an adult play date, so to speak. But also, you know, 05:58 raised religiously, you know, I'm in Southern Baptist Church, two parent household, maybe lower middle class, but middle school was very transformative for me because they decided to mix in everybody. So it was my first time, you know, being in a more diverse population in school. 06:25 And, you know, music is a big thing for me as well. I DJ, I make music. That's the creative part of me. And I found a lot of people in deep tech to do something with music. So, yeah, so, you know, that's my like early years background. And then coming through, I decided to go into the Air Force. I actually took off between my junior and senior year at Clark Atlanta. 06:52 Um, there I was majoring in global leadership and management. Okay. And went in and I was in for eight years. I was an aerospace engineer, uh, got deployed several times, uh, to different places, and that kind of brings us to why Infiltron exists and, um, on one of those deployments, I was a part of a network takedown. 07:21 And it was, whoo. I mean, I don't mean to quote the pitch deck story, but it is what it is. I wrote it because that's the way it felt. It was catastrophic. So just imagine the city of Los Angeles losing power out of nowhere. The rail stops working, Sinai has no power, so all of the medical equipment is no longer working. 07:49 The internet's completely gone and not rebooting like it normally would. Your energy grid is down. That is what I experienced in one of those deployments. And I was a part of Iraqi freedom and Afghanistan. I was a part of both of those wars. And when we came, you know, we got everything back. Thank God we were smart enough to ship. 08:19 brand new equipment. Okay, you know, so you know, we weren't able to get there. Yeah. I mean, I mean, that's part of our job. We're engineers. And when you're in the middle of nowhere, there's no calling HP. There's no calling Cisco. Like you got to know how to do what needs to be done. There was there was a lot of makeshifting. I can be I came out of Air Force, I could be a mechanical engineer to 08:45 because we had to figure out how to make components on the fly. It was just so many things. Innovation, right? Like you had to be innovative. You had to be adapt quickly while keeping the mission as a focus. So just imagine something that catastrophic and something similar has happened. I feel like Colonial Pipeline was something that is known now in the US for sure. 09:15 that had similar elements of what we experienced in being deployed. Yeah, and that was two years back. And SolarWinds is another one. I generally refer to those because people generally gasp, even non-technical people, because they know how damaging it was. So we can reuse. Normally, when the equipment goes down, 09:44 Unplug, right? Plug back in. Reboot. Yeah, reboot. But that was not happening. And what we found out in the debrief was that quantum was used. So quantum simplistically is about frequencies in this context. It's about frequencies. And frequencies matter in so many aspects of life, from spirituality all the way through tech like what Infotron has. So... 10:14 What they did was they basically zeroed out the frequencies of our satellite communications. And I believe that they created some frequencies that damaged other equipment. So these are things that again we found out in the debrief. And I wasn't really able to talk to that probably when we met because I wasn't sure if it was unclassified yet. 10:42 But as soon as Biden started talking about quantum initiative, which was back in 2022, when we were in, I was like, everything's hitting it the right time because we were literally in Techstars LA space. And Biden pushed the quantum initiative. And I'm like, see, told you, because a lot of people, a lot of people doubted what I was saying because of the year that I said it had happened. And as. 11:09 we started to grow out our team. There are other veterans on our team from different branches. And of course we war story swap all the time. And those other two people work for like NSA and they did kind of the same thing, telecommunications. And I'm telling the pitch desk story and they're sitting there like, yep, yep. That happened to us too. And I'm like, when? 11:38 And they're saying different years. So at that point, we understood it. It happened more than once. So that's why Infiltronic. So what's Infiltronic? So let's bring it back to, Yeah. So you leave, you leave service after eight years after also experiencing that. I still feel like I'm a part of it because I do consult them still. Right. So it'd be great. So. 12:08 And once in the Air Force forever? Always. Well, I really would have been in Space Force. Yes. Yeah. Well, you heard that here on the Founder Sandbox. The next, yes. So for my listeners, again, you check a lot of boxes. Deep tech, women in STEM. What is it exactly that? 12:37 your suite of services. All right. So Info-Trans software, right, has two patents now. And on your landing page, it says, our patented solutions, solutions utilize adaptive artificial intelligence, advanced quantum encryption and blockchain technology to deliver real-time cybersecurity for a wide array of applications. Later on, we'll get into smart cities, but 13:06 including the internet of things, smart devices, legacy systems, hybrid data, signals and devices. All pretty, pretty understandable, but what is it that Infiltrion software is able to do that others are not? So we're able to create a easier way for businesses to migrate their devices. 13:36 and their software, so their applications that they use, maybe they've developed them themselves, we provide a way for them to easily migrate those entities over into a more quantum-proofed infrastructure. So we created what we've trademarked as quantum encapsulation. So just imagine something being encapsulated. And basically we've created, 14:05 a brand new method of leveraging quantum, the AI, we leverage it for the pro-activeness. So in lieu of just waiting for threats to happen to our clients, we go look for the threat. So we want to go be where the bad guys are and find out and bring that information back and update the solution in real time to provide protection for all of our clients in real time. 14:33 That's how we leverage the AI. The blockchain is kind of leveraged to kind of make sure that people, things like devices, aren't on networks that shouldn't be. So it's kind of, I mean, we use it for what blockchain was pretty much basically developed for, and that's a ledger. So keeping up with the transactions of what's happening. 15:03 in a client's infrastructure. Fantastic. So it's largely a B2B business, yours, right? We do. We have B2B, but we've been approached several times here recently by consumers. Because now, because of the biometric protection aspect of our solution using the quantum encapsulation, we can protect, say, 15:32 Halle Berry from deep fake, being deep faked, or, you know, protecting her likeness from being used without her knowledge in movies, CGI'd into movies. So it's kind of getting a little bit more consumerish as we iterate, right? Yeah, and we were briefly speaking before the podcast recording, Chasity and I, and... 15:59 I've known her for years. She's a very private person, would not allow photographs. So I told my producer, I'm certain Whitney Chastity's not going to be sending us a picture, but you said yes, that you might, because you do have biometric, artificial intelligence, safeguards that can actually discover deep fakes, right? Yes, yes. Yep, if it didn't come from us, if it wasn't checked back from us, 16:29 It wasn't approved by the person. So it's kind of pretty much that simple. Amazing. Well, later on in the show notes, we will have how to contact you at Enfield Tron. So you are in the startup ecosystem. Again, you travel a lot. You're between Washington DC, Atlanta, Los Angeles, and actually the Bay Area. Yeah, the Bay Area. Right. So. 16:58 Revenue can be elusive, right? How? Especially in tech, and especially in these really large markets that I call deep tech. Deep tech and leading edge, bleeding edge, right? People don't know what they're actually buying, right? Or what they don't even, they probably don't even know that they have a need, right? What's been your strategy at Infiltron to keep the revenue flowing while maintaining also a pretty playful, innovative culture? 17:27 You talked about your team and so talk, that's kind of two questions. So how have you kept revenue coming, right? While not going out for dilutive funding yet, but tell us a little bit about how, what's your business model? So the business model in itself is set up for B2B and we also have a licensing element there. So if they, for instance, 17:56 a Fortune 500 company who has a cyber team, right? They have an internal cyber team. If they want to license out the patents that we have and kind of customize it or create or build off of those, use it as a baseline for what they need for their systems, we offer that as well. But let me just put it out there. But back to your question, how do we keep it fun? So the team... 18:25 The original team members, should I say. So we met about seven years ago at a place called the Gathering Spot in Atlanta. So the Gathering Spot is a community and they just opened one in LA and I do go to the one in LA too when I'm there. But it's a community of people, creatives from creative people to deep tech people like myself and everything in between. 18:55 We went to a black tech event at the gathering spot and found ourselves not being able to get into the actual room. So we ended up, because they have a bar and everything at the gathering spot. It's a social club too. It has a club aspect to it too, but you can network there, have meetings there, meet all types of people. I mean known people, I mean it's a great 19:25 great concept, shout out to Ryan. But we found ourselves at the bar, and we're looking at each other. We knew each other because we had been introduced by the Hellbrella person, Tracy. Yes, yes. Because they had done some things for her with a previous startup that she had, development-wise. So we're all sitting at the bar, and we're looking at each other like, but we're the real tech people. 19:55 We do it. It's like we don't really take people. Um, we can't even get in there. We like, we know the organizers and personally and everything. So let's start a company. Well, what we did was we launched, um, what we launched kit labs. And it was literally right down the street from the 20:23 and connect to the community. So we had, it's not far from the AUC and the AUC is where Morris Brown, Morehouse, Spelman and Clark Atlanta are. Got it. So a lot of times you would come in there and find some of the founders, cause this was founded by myself and like six or seven other black tech founders. The ones that were outside. Drinking like, you know. 20:53 That's where we had that conversation. You know, the conversation started at the bar, being outside of that first Black Tech meetup, so to speak, with Joey Womack, who is a part of Goody Nation, who we did get a 50K grant from back in 2020 through Google for Startups. Let me just say this so much. We were so interconnected. I mean, Atlanta is Wakanda. Don't let anybody tell you anything different. 21:21 It's definitely Wakanda. But literally, not even a mile away from the Gathering Spot, we opened up Kit Labs. It's a smart lab where we can tinker with stuff. We're engineers. We're tech people. We need something. We need a makerspace. We don't necessarily need a space that is compared. The Gathering Spot was a little bit more buttoned up. 21:46 And then what we needed, we needed to be able to throw things and make things. We had everything from like 3d printers to, um, VR, AR headsets. I mean, you, anything in tech. Innovative fun. It was in, is in that lab. Um, but that's where around today. So we dissolved it. So it's been dissolved. What one of, one of the founders, he unfortunately transitioned. Um, 22:15 So, you know, and he was kind of like the pillar of it. And it kept going for a while, but it was just a lot of people like myself, it was two female founders, Dr. Nashley Cephas, who herself is from Jackson, Mississippi. I'm shouting out everybody, right? She's from Jackson, Mississippi, and she bought 10 acres in downtown Jackson, Mississippi and started a nonprofit called Bean Pad. And he basically took the concept of what we were doing at Kit Labs and brought it to our hometown. So. 22:44 Um, and it's so funny. She actually founded it on my birthday. So I was like, okay, I can dig that. Um, uh, but, but no, but we're still connected. Everybody still works with each other. You know, if I have to come in and do some things around cyber for a contract or, you know, commercial or whatever client that they have, I do like we, we all kind of still work together on each other's things. So that has allowed you to bring in some revenues, right? 23:14 through its service context. Yeah. Oh, for sure. For sure. Consultant wise, cause they're like, I think people may look at Infotron and think that there's not a human touch piece there, but if you're dealing with me, there's always gonna be a human touch point there because we have to consult the client. We can't assume, you know, we cannot assume. 23:41 what you need, we have to actually have a conversation with our clients throughout the process, even after we possibly have set up the platform for you, trained your people on it, there still needs to be an element of communication, human communication, right? But the team, we've been working together for about seven years. Yes. 24:10 Infiltron has been around for five, going on six years now. So, you know, I mean, respect, mutual respect, we're still kids at heart. I mean, we grew up wanting to be engineers. So, you really can't take the light of innovation out of an engineer unless they're just at the point of not wanting to do it anymore. So we're always, what I've found is most people in any engineering discipline are very, 24:39 curious and forward thinking. So we, and we kind of, we're kind of like a community. We are community and not kind of like, but we are community of folks that contribute to each other's, you know, projects. Yeah. Mm-hmm. And not just, not just business-wise, but personally, like we, I mean, we've been around each other for almost a decade, so. 25:04 there's been kids born and like I just said, one of our founders transitioned, like we've been through some things together that have brought us closer together. And you can, I believe when you have a team like that, and we're all diverse, you know, we have a team like that that cultivates innovation, for sure. You know, I've had a few guests to my podcast and I also write about this, 25:35 Creativity is only possible or it's greatly possible when you create a fun environment and make games out of things and have, right? And set up teams. So I think a shout out to you and what you've set up at Infiltron and in its earlier rendering at Kit Labs, just creating an environment that allows for what ifs, right? Is key. There are a lot of what ifs in cyber. 26:04 I bet you there. So I have a boatload of questions here. One is, before we get into your fundraising path, again, I mentioned earlier you have two patents that have been issued. What is post-quantum encryption technology in layman language? Post. 26:32 Quantum encryption technology. So there is definitely confusion out there that has been addressed. And because there is a difference between post secure quantum and encryption. There's a difference. So. Excellent. 27:02 Post quantum encryption, it is designed to protect data from quantum computers. So. And that's done through the encapsulation? For us, that is how we provide the protection, the encryption. That is the quantum encapsulation is a method of encryption with Involtron. So the current encryption. So you have things like RSA. 27:32 elliptical curve, which elliptical curve is more widely used and kind of being marketed as quantum encryption. It is, it is, it's on the list of quantum protections, right, or quantum methods of encryption protection. So companies like Okta use ECC a lot. But what's happening is that quantum computers are being built now. Yes. Like right now, there's no... Yeah, the cost is going down. 28:02 Yeah, there's no waiting five years from now. Like I urge anyone under the sound of my voice to prepare now for quantum computer attacks. The same thing that I describe happening to us when we were deployed, it's gonna happen. And again, I alluded to feeling like 28:33 situations like Colonial Pipeline and SolarWinds were, I feel like they were tests because there were so many different elements of what we saw in the deployment that happened in those two cases. Yeah, because I'm sitting there and think it's like 2020, 2021, 2019 actually, it started. I think this didn't know, but. 28:59 And it's still going like 20, SolarWinds was still going, the last time I checked SolarWinds was still unraveling. Like it's still, still going. But back to the question. So for us, quantum encapsulation for us is breakthrough. So NIST has had these challenges, right? Where they put out bidding for companies, 29:27 researchers, because a lot of people that are in the quantum space, whether it's physics, mechanics, are generally found in academia. They're not at Infiltron. They're not at QED. They're just not there, right? It's very far in between, and we generally have to lure them. Or we have to do something like partner with them on... 29:53 grants, like the STTR grants. Like that's the only way, generally the only way that we can probably connect with the academia or pierce them and have them work with us. And they usually through that take all the funding, but it's, you're still. Exposed, right? You're exposed, but you're also getting the expertise that you possibly need and can't rightly find in the freelancing world. Yeah. So it generally works out in the long run. 30:23 Um, but so our encapsulation is a, is a breakthrough method because I look at it like this, NIST is holding these challenges and nothing against NIST. We're connected. I contribute to NIST and everything, but they are holding these challenges. And basically they're telling the hackers what people are going to the framework. 30:49 what people are gonna have to adhere to when they create their quantum algorithms to protect their devices and data. You know, you're giving away the secret ingredients. So like, even if they don't know specifically your algorithm, they know what you've based it off of. And that gives it like a tiny thread can unravel a whole t-shirt, right? So I look at it like that. So... 31:15 And even before, you know, we were already developing things before NIST put out these challenges. We are in alignment. We can adhere and do it here to the framework that they're putting out because, you know, you have the DOD space who definitely follows their framework, especially when it comes to the risk management framework. So they're going to follow NIST regardless. They're going to follow their framework, whatever they put out about cybersecurity protection. 31:44 The DOD space and all of its agencies are gonna follow that. However, being in the cybersecurity space every day, seeing what is happening and knowing that you've given some clues, some contextual clues to the malicious hackers about what you're using as a baseline to build your algorithms will, guess what? What we have is not that. Like we are... 32:12 One of the things that differentiates us right now, because I'm sure as quantum cybersecurity continues to grow legs, so to speak, people are gonna start using the more, less susceptible to hacks by quantum computers method. So you have things like multivariate hash code. So these are some of the 32:40 quantum properties that you can use that are not generally hackable by a quantum computer. They won't be hackable by a quantum computer. So we leveraged some of that. It was like, if I'm built, I looked at it like this, I've been in cyber, I've been in tech for almost 20 years. I know I don't look it. I get it all the time. You don't have to say it. I've been in tech for almost 20 years. I've been, and when I was in the air force, we call it InfoSec. It's the same thing. And that dates me. 33:08 If I say, if you hear somebody say InfoSec, trust me, they've been in cybersecurity for at least 20 plus years. So, but it's cybersecurity, that's what it is. And I've seen the changes and I've paid my dues too. Like I didn't, when I got out of the Air Force, I was just, side note, like I cut grass and loved it. I would go back and do it if I can make these results. So then like, it's very, it's very fulfilling. Don't let anybody fool you. Like I love, but I like being outside, but. 33:38 Um, my first tech job though, I literally went through the phone book. Cause this is like still, you know, internet was not quite what it is now, of course, but it was like still growing. And I went through the yellow pages and went through the aerospace companies and called all of them and was like, Hey, let's just get out of the air force, look for a job. I don't care if it's an intern or co-op and L3 L3 before they merged with Harris. Uh, 34:08 they created me a co-op. And, but again, still in touch with, cause you know, L3 is a huge government contracting company, right? And in the satellite communication space, cause they're in line with my background. And so I've seen it all. I've seen the changes of InfoSec into cybersecurity. And now we're entering a new frontier with quantum cybersecurity. So I've been here, 34:37 maybe at the latter part of the info set, but definitely through the cybersecurity and here for and to forge some guidelines and pathways in the quantum cybersecurity space with Inflotron. So when you know Inflotron was founded in 2019, I was like, okay, if I'm gonna start 35:03 something new in cyber and we hadn't even gotten to the quantum piece yet. They hadn't even gotten to me yet. Like it started like I was getting downloads. Yeah. Because I'm, I always, I'm a reader. I wake up looking at cyber news and just staying in the know because I need to know what's going on so I can protect my clients, whether that was me in a government contracting position or me as a consultant in my businesses. So. 35:33 I need to know what's going on. And if I'm going to build something new, why am I going to build it with compromised parts? Right. That's a great way to describe it. Yeah. Forget the tech. It didn't make logical sense. If I'm going to build something new, a SaaS product that's going to integrate and be flexible and adaptable and proactive. 36:01 Why would I use RSA encryption when I know what's coming? Got it. That will be one of the snippets that I share in my YouTube channel as well as the podcast. That is excellent. Why build something with compromised parts? Frontier technology, quantum cybersecurity is what Epfiltron is about. 36:30 Next generation. Talk to me a little bit more for us, less tech savvy listeners about the use of Infiltron in a SelleGov's program for smart cities. That kind of brings it more home and more tangible. How is technology used for smart cities? So first, SelleGov through leading cities. Yes. 36:59 It connects companies like ours with municipalities to tackle urban challenges. So for us, it's infrastructure, security, and sustainability. So we were a finalist in leading cities global competition back in 2021. And we've worked through them. You know, we've been able to work with city leaders to secure IOT systems and critical infrastructure. 37:28 And quick shout out to Michael Lake. Okay. He's the founder of Leading Cities, amazing guy. Another keep in touch, answer the email quickly person. He's based in Boston, but he's built a very supportive ecosystem. So shout out to Michael Lake. But as a part of this program, 37:56 We're offering smart cities our enhanced quantum vulnerability assessment. And this is to help the smart city leaders identify areas that need better quantum protections now. We've just had a session on November the 11th, Veterans Day. And the second one is coming up December the 5th. So you. 38:24 If you're a smart city leader or see so small, medium, large enterprise, no matter what market you in, you're in, definitely tap in. You can register for it on the leading city's website or on our website at Infotron.net. Yeah, that's on December 9, 2024 at 1pm. Is that Eastern? December 5th. December 5th? No, it's the 9th, because I have it here. And that's my cousin's birthday. So yeah, it's December 9th. 38:53 Did you get to influence those dates? Yeah. So let's jump into your startup. You've taken in very little dilutive funding. How much money have you raised to date? And how have you, what is the next phase, right? In terms of outreach for fundraising. So we've raised 120K and that was through Techstars, LA Space. 39:23 Still counting. I do not take a salary. I could take one, but I'm just, it's the long game for me. And I still consult. Don't let these people tell you not to quit your job and be an entrepreneur. Don't let people do that. Especially if you have a family. Don't let these people, don't let these people try to guilt you or shame you because you still have a job while you're building your startup. Don't let, don't do it. 39:53 Because I do have a company that I started called Right Tech Solutions and we still, that's why I said I still feel like I'm in the Air Force because I still consult them. So I can, you know, the revenue that we do and we've hit 500K in revenue. So you know, I could easily take a salary, right? But I just, it's the long game for me. It's the global expansion. 40:22 um, you know, more IP and patents, uh, protections, right? Because we do have global count clients. And, um, one of the things that I wanted to make sure of before we even took on the clients was that we had legal backing there. So IP trademarks, um, at least patent, at least the application is pending, but you know, like I want to, I want to, I want it to at least have that. And we have great attorneys. Um, shout out to Malika Tyson. 40:52 and Matthew and Dorian who have, they took over because I had a, I had an attorney, IP attorney that would, had her own boutique firm and then she had to go back, you know, she just couldn't do the entrepreneurship, it's not for everybody, but we still stay in contact as well. But she introduced me to McAndrews, they're based out of Chicago. 41:20 And they are the legal team for Impletron. I always tell them that when we're on calls, like you are the legal team. Like, yeah, anything that I need from them legal, legal wise, they do it. I literally just sent a partnership NDA over to Malekka this morning and she just sent it back to me. So like, that's not IP and trademark, right? But they do, they do it. And I always tell them how much I appreciate them because... 41:49 IP and trademarks are not free and they're not inexpensive. So, and then imagine, you know, we have one pending now in Japan. We just got one in Canada. So yeah, like it's expensive, you know, it's expensive. So a lot of the funding that we get now is going to be allocated to pay them, you know, even though they work with us. But it's going to be paying them. 42:18 doing some iterations, we have a partnership where there's some hardware that's gonna be involved. We're definitely tapping into the hardware. So we'll be forging our way there because people like things they can touch. SaaS isn't necessarily something that you can touch, although put it into a platform makes it a little bit more tangible for people, visual at least. So in the- 42:48 Yeah, I mean, hardware has always been a part of the vision. FBGAs, we have another colleague of mine, he has developed a cryptocurrency mining machine, and it leverages quantum. So it's mining at exponential speeds, right? Because generally what quantum does is speeds things up. It speeds exactly, in simplified terms. 43:18 Definitely still going after Sivers traditional government contracts globally. We participated in Fintech down in the Bahamas last October. Cause we are in the Fintech space and there's a lot of similarities between Fintech and Space Tech. Because when you're talking about fault zeros and being able to detect anomalies. 43:46 both of those markets need that and they need it quick. So we've been able to, yeah, like we've been able to leverage some of the things that we're learning in both of those for each other. So we've been able to participate in some conferences. We actually getting ready to go to Barbados in January for Fintech Islands, I'll be speaking about 44:14 the kind of the intersection of the quantum age and what's coming in respect to the fintech space, cryptocurrency, web three, traditional finance and AI, because we do leverage AI. And we've been in the AI space, Impletron has been in the AI space from the beginning. One of our advisors is an AI evangelist at AWS. I did say her name earlier on this podcast, but. 44:42 She's amazing. She's a Georgia Tech grad. We do have a few Georgia Tech people on the team, but she's amazing. And I'm able to tap her. I've been able to tap her because she was one of the Kit founders. So I've been able to tap her about AI and machine learning very early on. So all of the LLMs and the SLMs that everybody's kind of talking about, we've been doing. 45:11 Like even as small as we are, we've been. 45:16 Yeah, so, Chasity, how can my listeners contact or get information about Infotron? So, yeah, of course the website. So, infiltron.net. You can follow us on all of our socials at Infotron Software Suite. It might be, I think on Twitter is Infotron app. We wanted to keep it short. 45:41 And then, or you can email us at mfultronapp at gmail.com. And I know people are gonna be like, why you use Gmail? That's another filter. And that's an email that everybody on the team can look at and not be bombarded with, cause spam and it's just, everybody has their own email address, but. So you probably, it's a test environment for all of you. 46:09 beautiful quantum encryption that you're working on. Yes. And that's it all. One better way to start. Yeah, Gmail, right? Google knows a lot more about us than we'd like them to. Oh, Google knows everything. That's tough. Even when you turn location off. Oh, Instagram. I just posted something about Instagram. So Instagram's new. They just updated their policy maybe a month ago, maybe. 46:38 Okay. Whether you want to or not, they now have access to your photos, your GPS location, everything even if you say no, even if you turn it off, they still contract. 47:00 Just putting it out there guys. Yeah. So if you do platform. So there's cause to the platform. Right? Yes. Thank you. All right. We're coming down to the section of the podcast where I like to ask each of my guests what the following three words mean to you. Because this is what I do with my consulting business. 47:24 In addition to my podcast, I work with founders that are really building resilient, purpose-driven and scalable businesses. What's resilience mean to you, Chasity? Man, that's a word that I use. Uh, I mean, I'm, I mean, you gotta think about it. I'm black trying to raise money. It's hard for black people to raise money on top of that. I've been, you know, um, I've come face to face with people that didn't believe that I wrote my own patents. Like. 47:53 you know, as if black people didn't invent a lot of things, like that we still use today. Like, come on. I mean, it's just the truth. Resilience. Resilience for me is bending, but never breaking. Bending, but never breaking. Yeah. It's about, you know, adapting to challenges. I just mentioned some and facing them. Like you can't, you can't, and I'm about to sound 48:23 run from the pain, you gotta run towards it. So you can come out stronger on the other side. And it's not necessarily about survival, it's transformation. That's transformation. It's transformation. And that transformation is preparing you for what's next. And you'll be standing taller than you were before. Amazing, thank you. Purpose-driven, what's a purpose-driven? 48:53 Enterprises or? Yeah. I'm a visionary. So like, there's a lot of founders that I've met. If I have the opportunity to get close to them or kind of hear them speak about what they're building to include myself, because I do talk to myself about the things that I'm building. I counsel myself. I'm sure my ancestors are around me. 49:23 Purpose is, it should be intentional. I think that it's kind of interchangeable for me. But in the context of the question that you asked on purpose driven enterprise, so it's the heartbeat in what we build here at Infotron. I can definitely say that. It's creating meaningful solutions that solve real problems. And in solving those real problems, 49:52 you're still staying true to the mission. I still bring the aspect of the military into Infiltron. We are mission focused. We have fun. We do all the fun things, right? Because again, that cultivates innovation too. And it keeps it spicy. You need to let things be spicy because in a regular deglar cybersecurity job, you're probably bored. Like. 50:19 I mean, let's just be real. Like you're probably bored. You're probably looking at Excel spreadsheets and creating a report by hand from that. Like it's boring. Like, but you know, it's also making moves that matter. And it's solving problems that for me leave a legacy and just never losing sight of why we started in the first place. 50:48 So never lives in sight. Excellent. What about scalable? So how does- That's one of those BC's favorite words. That's right. Because that's what they want to see. How will you scale? That's right. I mean, I'm an investor too guys. Don't get it twisted. Like, I think that was a question that I did ask with one of the investors I had. Like, how are you going to get over that challenge? Like, before I give you this money. 51:18 Scalable. So growth, like we can think about growth in so many different ways, like growth, personal growth, because if you embark on the entrepreneur trick, you are going to be, and need to be open to growth. To me, entrepreneurship is a spiritual journey. Beautiful. 51:45 about the Southern Baptist roots, but I'm not spiritual. I'm a yoga, meditating, put my feet in the sand, grass grounding person nowadays, but still bringing that element of praying. And it's all the same to me. They just changed the name of God, right? Just that's my perspective, but growth isn't just about getting. 52:14 bigger. It's about getting better. And me speaking about the personal aspect, that is what growth is. It might not feel good, you know, while it's happening. But, you know, once you get through it and you can get in a reflective mindset and look back with what you just came through and be grateful, like find gratitude in it, you know. 52:43 That's how I look at growth. It's expanding mindfully and staying grounded in your values and making sure that every step that you take going forward strengthens the foundation that you've already built. And it's... 53:11 Like I said, it's moving with intention. And while you're moving with intention, you're also preserving the quality and the vision that define you. Which goes back to purpose-driven. Yes, thank you. Last question, Chasity. Did you have fun in the sandbox? Oh yeah, I mean, it's you. You know, we already have a great rapport. 53:38 I'll say this, one of my favorite memories of you is when you brought Ty to the table to kind of see if they were, could invest in Infiltron and it was too early. But we had to sign an NDA, it was some type of contract, but it was during Mercury retrograde. You said it before I said it, I was like, I wonder if she's onto this type. 54:05 Cause I wasn't going to sign it. I was going to try to delay it as much as possible, but you're like, no, let's wait, let's wait. So after Mercer, that's your great. Well, I was like, oh, these are this. She's my people. And I was like, and I think I responded like, let's wait five days. So it is no, it's like clear. So, um, that's a little fighter for me with you. Oh, I love it. I love it. Generally hear that in business. No, no. 54:32 And the Founder Sandbox again is a pretty eclectic podcast, bringing in deep tech founders like Chasity Wright that are on the frontier, bringing in what the future, will, it's the future's here. It's here. That's right. So to my listeners, if you like this episode with Chasity Wright, CEO and founder of Infiltron, sign up for the monthly release of 55:01 this podcast where founders, business owners, corporate directors, and professional service providers share their own experiences on building with strong governance, a resilient, scalable, and purpose-driven company to make profits for good. So signing off for this month, thank you, Chasity. Thank you, Brenda, so much. I hope to see you soon.  

RIMScast
Cyberrisk Trends in 2025 with Tod Eberle of Shadowserver

RIMScast

Play Episode Listen Later Jan 21, 2025 35:23


Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware.   Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers.  [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Tod Eberle, Shadowserver Foundation   Production and engineering provided by Podfly.  

Transport Topics
Transport Topics (Jan. 15, 2025)

Transport Topics

Play Episode Listen Later Jan 15, 2025 3:27


Transport Topics is the news leader in trucking and freight transportation. Today's briefing covers Daimler Truck resuming diesel sales in Oregon, United Rentals acquiring H&E Equipment Services, and Colonial Pipeline shutting down its major fuel line over a potential leak. Learn more about your ad choices. Visit podcastchoices.com/adchoices

The Cybersecurity Defenders Podcast
#184 - Hacker Holidays: The Colonial Pipeline

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jan 1, 2025 21:51


In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

To The Point - Cybersecurity
What, Me Worry? When Ransomware Gangs Issue News Releases…(Rerun)

To The Point - Cybersecurity

Play Episode Listen Later Dec 17, 2024 59:27


Welcome to our first SPECIAL EPISODE where we cover breaking news as it happens. Today we catch up with Joe Uchill, senior reporter at SC Media, to discuss the Colonial Pipeline ransomware attack making headlines this week and why we continue to see escalating attacks in frequency, ransom demands and high value targets such as critical infrastructure. Joe shares insights from his many years reporting from the cyber front lines speaking with government, regulatory, industry and hacking groups on what it would take to decrease the financial incentive and increase the criminal risk to make ransomware an undesirable pursuit. Spoiler alerts….ransomware gangs make mistakes and often hit “accidental” targets, regulating cryptocurrency is just as hard as it sounds, and while ransomware task forces can't agree on the most effective solution(s) to mitigate ransomware, most agree global cooperation would be at the top of the list! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e312

Risk, Governance, and Cyber Compliance
Cybersecurity Risk Management A CISO's Guide to Leadership in an Evolving Threat Landscape

Risk, Governance, and Cyber Compliance

Play Episode Listen Later Dec 12, 2024 4:06


Send us a textCybersecurity risk management has taken center stage for organizations across all industries in the wake of recent high-profile cyberattacks, such as the SolarWinds breach and the Colonial Pipeline ransomware incident. As a CISO, you know firsthand the challenges and complexities that organizations face in navigating this ever-evolving threat landscape. Today, I'll share insights and leadership advice on how to build a robust and resilient cybersecurity program using four key thematic words: Align, Agency, Awareness, and Adaptability.Dr. B.Advisory Services: https://www.execcybered.com/advisory-services>>Schedule Call

@BEERISAC: CPS/ICS Security Podcast Playlist
Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike Holcomb

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Dec 8, 2024 51:21


Podcast: IoT Security PodcastEpisode: Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike HolcombPub date: 2024-12-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEmphasizing the importance of collaboration and communication, Mike Holcomb shares his extensive experience and practical insights into securing ICS and IoT environments. Holcomb, ICS/OT cybersecurity global lead at Fluor, stresses mastering basic cybersecurity fundamentals and asset inventory, along with the nuances of integrating IT and OT security. The episode aims to bridge gaps between IT and OT teams to fortify defenses against sophisticated cyber threats.Listeners will gain valuable insights into critical takeaways, including:Real-World Impact of Cyber Attacks: Mike explains how high-profile incidents, such as Colonial Pipeline and Triton, highlighted the physical consequences of cyber threats, making clear that OT security is a top priority for critical infrastructure.Bridging the IT-OT Divide: The discussion underscores the need for IT and OT teams to collaborate, as a lack of communication and understanding can leave vulnerabilities open to exploitation.Achievable Defense Strategies: From basic network segmentation to secure remote access, Mike provides practical, accessible steps to strengthen ICS/OT security without overwhelming smaller teams. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

IoT Security Podcast
Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike Holcomb

IoT Security Podcast

Play Episode Listen Later Dec 3, 2024 51:21


Emphasizing the importance of collaboration and communication, Mike Holcomb shares his extensive experience and practical insights into securing ICS and IoT environments. Holcomb, ICS/OT cybersecurity global lead at Fluor, stresses mastering basic cybersecurity fundamentals and asset inventory, along with the nuances of integrating IT and OT security. The episode aims to bridge gaps between IT and OT teams to fortify defenses against sophisticated cyber threats.Listeners will gain valuable insights into critical takeaways, including:Real-World Impact of Cyber Attacks: Mike explains how high-profile incidents, such as Colonial Pipeline and Triton, highlighted the physical consequences of cyber threats, making clear that OT security is a top priority for critical infrastructure.Bridging the IT-OT Divide: The discussion underscores the need for IT and OT teams to collaborate, as a lack of communication and understanding can leave vulnerabilities open to exploitation.Achievable Defense Strategies: From basic network segmentation to secure remote access, Mike provides practical, accessible steps to strengthen ICS/OT security without overwhelming smaller teams. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Manufacturing Hub
Ep. 184 - ICS Cybersecurity Explained Challenges, Best Practices, and Future Trends with Jason Waits

Manufacturing Hub

Play Episode Listen Later Nov 28, 2024 63:39


In this in-depth conversation, Jason Waits, Chief Information Security Officer (CISO) at Inductive Automation, provides a comprehensive exploration of Industrial Control System (ICS) cybersecurity. With decades of experience securing critical infrastructure and navigating the complexities of Operational Technology (OT) environments, Jason offers actionable insights into the current state and future of cybersecurity in industrial sectors like manufacturing, energy, and water treatment.The discussion begins with an overview of what makes ICS cybersecurity distinct from traditional IT security. Jason explains how OT systems prioritize availability and safety, presenting unique challenges compared to the confidentiality-driven focus of IT. The conversation highlights key vulnerabilities in ICS environments, such as legacy systems that lack modern security features, poorly designed protocols without encryption, and the risks posed by IT/OT convergence.Jason dives into common attack vectors, including social engineering (phishing), lateral movement from IT to OT networks, and physical access breaches. He explores real-world case studies like the Colonial Pipeline ransomware attack, the Oldsmar water treatment plant hack, and the Stuxnet worm, illustrating how these vulnerabilities have been exploited and the lessons they offer for building stronger defenses.The video also emphasizes the critical role of compliance and standards, such as ISA/IEC 62443, the NIST Cybersecurity Framework, and CIS Controls. Jason underscores the difference between compliance and real security, advocating for a "security first, compliance second" philosophy to ensure that organizations focus on mitigating actual risks rather than merely checking regulatory boxes.As the conversation unfolds, Jason discusses the role of vendors and OEMs in securing ICS environments, detailing how Inductive Automation uses proactive measures like Pwn2Own competitions, bug bounty programs, and detailed security hardening guides to improve the security of their products. He highlights the importance of collaboration between vendors and customers to address challenges like long equipment lifecycles and the growing adoption of cloud services.Emerging technologies also take center stage, with Jason exploring how artificial intelligence (AI) is transforming threat detection and response, while also enabling more sophisticated attacks like personalized phishing and adaptive malware. He addresses the implications of IT/OT convergence, emphasizing the need for collaboration between traditionally siloed teams and the importance of building shared security frameworks.For organizations looking to strengthen their cybersecurity posture, Jason offers practical steps, starting with foundational measures like asset management and configuration baselines. He explains how leveraging free resources, such as CIS Benchmarks, and creating a roadmap for cybersecurity maturity can help organizations of all sizes navigate these challenges, even with limited budgets.Timestamps0:00 – Introduction and Overview of ICS Cybersecurity3:15 – Meet Jason Waits: Background and Journey to CISO6:45 – What Is ICS Cybersecurity? Key Differences Between IT and OT10:30 – The Importance of Availability and Safety in OT Systems13:50 – Challenges of Legacy Systems and Long Equipment Lifecycles17:20 – Attack Vectors: Social Engineering, Lateral Movement, and Physical Access20:10 – Case Studies: Colonial Pipeline, Oldsmar Water Treatment Plant, and Stuxnet25:35 – Compliance vs. Security: Jason's “Security First, Compliance Second” Philosophy30:00 – The Role of Vendors and OEMs in Cybersecurity34:45 – Inductive Automation's Approach: Pwn2Own, Bug Bounties, and Security Hardening Guides40:00 – Emerging Technologies: AI in Threat Detection and the Risks of Sophisticated Phishing45:10 – The Growing Adoption of Cloud in ICS and Its Implications50:00 – IT/OT Convergence: Opportunities and Challenges55:15 – Practical Steps for Organizations: Asset Management and Roadmaps1:00:10 – Building a Security Culture: Collaboration Between IT and OT Teams1:05:30 – Future Outlook: Increasing Regulations, Ransomware Risks, and Innovation1:10:00 – Using Cybersecurity as a Competitive Advantage1:15:00 – Closing Thoughts: The Need for Continuous Learning and Proactive ActionAbout Manufacturing Hub:Manufacturing Hub Network is an educational show hosted by two longtime industrial practitioners Dave Griffith and Vladimir Romanov. Together they try to answer big questions in the industry while having fun conversations with other interesting people. Come join us weekly! ******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Simply Solving Cyber
David Gee Shares Keys to Cybersecurity Excellence

Simply Solving Cyber

Play Episode Listen Later Nov 6, 2024 30:02 Transcription Available


Unlock the secrets of a successful career in cybersecurity with our guest, David Gee, a recently retired industry veteran and author of "The Aspiring CIO and CISO." Amazon: https://a.co/d/9FCsBQR Packt (includes a promotion for the e-book version!): https://www.packtpub.com/en-us/product/the-aspiring-cio-and-ciso-9781835469194?srsltid=AfmBOooJFrNzjkRT_cLx3ux-ErfFownjl1EMB-dTupfrpBtI7QMw8103David takes us on a captivating journey through his diverse career, sharing transformative experiences from working across the US, China, Japan, and Australia. Discover how he navigated the complexities of being a CIO and CISO in different industries, and learn from his unique insights into continuous learning and adaptability. David also unveils the SKB (Skills, Knowledge, Behavior) assessment tool he used to foster talent development and promote diversity at Eli Lilly Japan.In our engaging conversation, we discuss the evolving role of a modern CISO, where the balance between technical know-how and soft skills is crucial. David, Cody, and Aaron dive into common misconceptions about the CISO role, particularly the narrow focus on technical skills alone. Through anecdotes about bot attacks and the Colonial Pipeline incident, we highlight the critical need for strategic thinking, stakeholder management, and effective communication. These stories underscore the importance of having a well-rounded skill set to thrive in the cybersecurity realm.As we wrap up, we reflect on the art of making career decisions that resonate with one's passion and promote long-term growth. The implementation of SecureCard Warrior at HSBC serves as a case study for setting clear objectives and achieving data-driven outcomes. David generously shares personal insights about aligning career choices with personal values and finding true fulfillment. Join us in this enlightening episode, where we celebrate David's global perspectives and express our deep appreciation for his valuable contributions to the cybersecurity community.

Energy News Beat Podcast
Week Recap: Consumer Revolt, BP's Strategy Shift, and Ford's Big EV Losses

Energy News Beat Podcast

Play Episode Listen Later Nov 2, 2024 17:30


In this episode of the Energy News Beat Daily Standup - Weekly Recap, the hosts, Stuart Turley and Michael Tanner discuss key energy market trends, including backlash against EV mandates, rising interest in traditional combustion engines due to cost concerns, and hedge funds shifting investments from green energy to fossil fuels. They highlight political influences on climate policies, the underperformance of climate investments despite stimulus efforts, and upcoming financial challenges for BP and Shell. Additionally, they discuss the potential $10 billion sale of Colonial Pipeline, its strategic importance, and conspiracy theories surrounding it. Lastly, they detail Ford's significant financial losses on EV sales, emphasizing the need for more viable hybrid models.Highlights of the Podcast00:00 - Intro01:14 - Biden's EV Mandate Is Backfiring As Consumers Rebel Against Electric Cars04:56 - Investors Turn To Fossil Fuels As Green Energy Falters On Costs, Reliability07:21 - Watchdog: Biden-Harris Allegedly Buried LNG Emissions Study, GOP Wants Answers11:38 - BP and Shell Brace for Profit Drop13:29 - Colonial Pipeline Weighs Sale at $10 Billion-Plus Value15:30 - Ford Lost Another $58K For Every EV Sold In Third Quarter, Or $1.2 Billion17:21 - OutroPlease see the links below or articles that we discuss in the podcast.Biden's EV Mandate Is Backfiring As Consumers Rebel Against Electric CarsInvestors Turn To Fossil Fuels As Green Energy Falters On Costs, ReliabilityMany roadblocks delay journey to zero carbon worldBP and Shell Brace for Profit DropColonial Pipeline Weighs Sale at $10 Billion-Plus ValueFord Lost Another $58K For Every EV Sold In Third Quarter, Or $1.2 BillionFollow Stuart On LinkedIn and TwitterFollow Michael On LinkedIn and TwitterENB Top NewsEnergy DashboardENB PodcastENB SubstackENB Trading DeskOil & Gas Investing In 2024– Get in Contact With The Show – 

Energy News Beat Podcast
Election Prediction Revealed

Energy News Beat Podcast

Play Episode Listen Later Oct 30, 2024 11:56


In this episode of the Energy News Beat Daily Standup, the host, Stuart Turley discussed pressing energy and economic issues. He highlighted concerns about UK nuclear plant closures raising energy costs, a German city opting for diesel buses over more costly electric options, and the potential $10 billion sale of Colonial Pipeline, stressing its significance to U.S. infrastructure. Turley also critiqued the Biden-Harris electrification policy for spiking household energy costs, advocating for natural gas and nuclear power as cost-effective solutions. He concluded with political commentary on the U.S. election forecast, urging voter participation and support for investment opportunities with tax benefits.Highlights of the Podcast00:00 - Intro01:15 - UK nuclear plant closures threaten energy bill reductions03:04 - German City Chooses Diesel Buses Over Electric, Cites High Costs Even After Subsidies04:51 - Colonial Pipeline Weighs Sale at $10 Billion-Plus Value06:53 - Biden-Harris Electrification Push Spiked Household Energy Costs, DOE Data Reveals09:00 - ‘World's most accurate economist' predicts US election outcome11:33 - OutroPlease see the links below or articles that we discuss in the podcast.UK nuclear plant closures threaten energy bill reductionsGerman City Chooses Diesel Buses Over Electric, Cites High Costs Even After SubsidiesColonial Pipeline Weighs Sale at $10 Billion-Plus ValueBiden-Harris Electrification Push Spiked Household Energy Costs, DOE Data Reveals‘World's most accurate economist' predicts US election outcomeFollow Stuart On LinkedIn and TwitterFollow Michael On LinkedIn and TwitterENB Top NewsEnergy DashboardENB PodcastENB SubstackENB Trading DeskOil & Gas Investing In 2024– Get in Contact With The Show –

High Stakes
10. From the Broadcast Booth to Duke Health HR Leader, with Rhonda Brandon

High Stakes

Play Episode Listen Later Oct 23, 2024 48:04


In this week's episode, Anne Hancock Toomey chats with Rhonda Brandon, the dynamic Chief Human Resources Officer at Duke University Health System. Rhonda's unconventional and remarkable journey takes us from her roots in Richmond, Virginia, through pivotal roles at IBM, Nike and Colonial Pipeline, to her transformative work at Duke Health. With humor and heart, Rhonda reveals how faith, family and fierce determination shaped her career, highlighting key moments such as a game-changing revelation at IBM, balancing burnout at Nike and navigating change management at Duke University Health System. Through personal anecdotes, Rhonda emphasizes authenticity and the necessity of nurturing one's spirit. The episode concludes with a fun lightning round, providing a glimpse into her personal quirks and inspirations. Tune in for laughs, leadership lessons and a lot of heart! 03:44 Lessons from Parents and Early Career 06:04 First Job Experiences 09:40 Defining Moments at IBM 13:19 Career at Nike and Burnout 18:26 Joining Colonial Pipeline 21:29 Transition to Healthcare 25:28 Building a Cohort and Embracing Change Management 27:15 Key Principles of Change Management 29:13 The Call from Duke and Defining the Job 36:16 Family, Faith, and Personal Reflections 44:17 Lightning Round: Fun and Personal Insights Learn more about your ad choices. Visit megaphone.fm/adchoices

Feds At The Edge by FedInsider
Ep. 168 Metrics that Matter for Critical Infrastructure Cyber Resilience

Feds At The Edge by FedInsider

Play Episode Listen Later Sep 24, 2024 59:16


rev 1 The Colonial Pipeline incident in 2021 has acted as a call to action that critical infrastructure can suffer attacks. Today, we look at lessons learned and how to improve cyber resilience. One main takeaway is that the government provides resources and support for smaller entities. Cheri Caddy mentions a wide range of organizations that can help. She includes the “usual suspects” like CISA and NIST, but she goes beyond. She suggests that private companies develop relationships with local FBI offices to know what steps to take in case of an emergency. Brendan Peter from Security Scorecard highlights the importance of continuous risk assessment. One essential element in this process is evaluating the impact of policies. In other words, has the policy reduced cybersecurity risk at all? This discussion reflects the federal and commercial response to a major infrastructure incident.  

Behind the Investigation with Atlanta News First
A day in the life of a ransomware negotiator

Behind the Investigation with Atlanta News First

Play Episode Listen Later Sep 4, 2024 18:12


Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. What is it really like to negotiate with ransomware attackers? Why negotiate? What's the most moment in a ransomware negotiation? Mark Lance is vice president of GuidePoint Security, who talks about the many aspects involved in negotiating after a ransomware attack.

@BEERISAC: CPS/ICS Security Podcast Playlist
Building Cybersecurity Robustness in Pipeline Operations Podcast

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Aug 1, 2024 17:56


Podcast: Emerson Automation Experts (LS 23 · TOP 10% what is this?)Episode: Building Cybersecurity Robustness in Pipeline Operations PodcastPub date: 2024-07-25Manufacturers and producers across all industries know the challenges in keeping their operations cyber-secure. Industries such as pipeline transportation and electrical & gas distribution networks face additional challenges in the wide geographic spread of their operations and the need for reliance on public communications networks. In this podcast, I'm joined by Emerson cybersecurity expert Steve Hill to discuss these additional challenges and ways the companies in these industries, suppliers, and federal regulators are collaborating to develop and implement best practices for strong cyber resiliency. Give the podcast a listen and visit the SCADA Solutions & Software for Energy Logistics on Emerson.com and the AspenTech Digital Grid Management page for methods and solutions to improve your cybersecurity defenses and ongoing programs. Transcript Jim: Hi, everyone. This is Jim Cahill with another “Emerson Automation Experts” podcast. Pipelines cover a wide geographic area and require continuous monitoring for safe, efficient, and reliable operations. Today, I’m joined by Steve Hill to discuss the challenges pipeline operators face in keeping their pipeline networks cybersecure. Welcome to the podcast, Steve. Steve: Thanks, Jim. Pleasure to be here. Jim: Well, it’s great to have you. I guess, let’s get started by asking you to share your background and path to your current role here with us at Emerson. Steve: Thanks, yeah. I’ve been in the automation and SCADA industry for about 40 years, started on the hardware design and communications that then moved over to software. And it’s nearly 20 years I’ve been with Emerson. I joined as part of the Bristol Babcock acquisition. My main focus now is working in wide-area SCADA as the director of SCADA Solutions for Emerson, and most of that’s working in the oil and gas industry, working with Emerson sales and the engineering teams and our customers as they design systems and products for the industry. And also, alongside that, for the last few years, I’ve been collaborating with CISA. That’s the U.S. government Cybersecurity and Infrastructure Security Agency as part of the Joint Cyber Defense Collaborative. Jim: Okay. That’s a nice, varied background. That’s really good for our discussion. So, what exactly do you mean by wide-area SCADA? Steve: That’s a great question. There’s a SCADA system where the software is monitoring equipment across a very wide area. It might be a very large geographic area, like a pipeline or gas, or water distribution network, or perhaps a well field. I mean, some of the systems, for example, I was speaking to a customer last week who is monitoring an entire pipeline across Peru, and yet, their control centers are actually in Mexico. So, to do that kind of thing, the equipment is usually connected via public networks. You know, private networks don’t extend that far, and even the control centers may be widely distributed. And as part of that, compared to in-plant control, there’s an assumption that your communications are clearly not gonna be 100% perfect. You’re gonna lose communications either momentarily, like with cellular networks, and when, for example, like we’ve got in Texas this week, with natural events like hurricanes can cut communications for hours. But because these systems are all critical infrastructure, such as pipelines or electrical distribution, the actual operations, the process, must never be interrupted. Today, we’re talking about cybersecurity, and that same sensitivity is why these systems are now the target to some of the most sophisticated cyberattacks. Jim: Okay, that gives a picture of the breadth of these types of SCADA systems, and you had mentioned you’d work with CISA, the cybersecurity infrastructure defense agency, and the Joint Cyber Defense Collaborative, which I’ll just call JCDC for short. Can you give some more examples on that work? Steve: Yeah. Really, I could give you a bit of background. Probably many of our listeners know that there’s been several successful cyberattacks against critical infrastructure over the last few years. Probably the most famous in the pipeline industry was an attack that’s referred to as the Colonial Pipeline attack. That was actually a criminal ransomware attack that resulted in gasoline and jet fuel shortage across the Eastern U.S. for several days, and that was criminals basically trying to get money. And it was almost a random attack, it wasn’t targeted. However, there have been actual state-sponsored attacks, and probably the one that was most successful was prior to the Russian military attack against Ukraine. They actually instituted several successful cyberattacks against the Ukrainian power grid. And very concerning is, in recent months, the U.S. infrastructure, including pipelines, have been successfully infiltrated by a group that are called Volt Typhoon, who are thought to be from the People’s Republic of China. So JCDC and CISA are working hard to really counter and protect against these threats. Jim: Wow. Well, that’s clearly a huge concern. What is the JCDC doing to address these challenges? Steve: Well, in 2023, so last year, JCDC facilitated the development of something called the Pipeline Reference Architecture. Basically, Emerson, alongside other industry vendors and also pipeline operators, participated in the development of this Pipeline Reference Architecture, which I’ll refer to as the PRA. It’s a fairly short document that outlines the design and operating principles for SCADA systems in the pipeline industry. And one thing the government is keen to point out, it’s not a regulatory document, but it does set out the best principles and is intended as guidance for the industry. Really, they want to work with the industry to come up with best practices. Jim: Well, it sounds like this PRA is another set of standards to address cybersecurity. Why is another document needed in the industry where a bunch of standards exist now? Steve: Yeah, that’s a question I and other members get asked quite a lot. The main reason is that wide-area SCADA represents a very different set of challenges to traditional SCADA, which we refer to as inside the wire. So for example, a refinery or a manufacturing plant, everything is in one location. But as I mentioned before, wide-area SCADA has got a very wide displacement, physically. It also actually has a lot of remote field workers. There may be folks working on that system hundreds of miles from base, and you’re also using communications networks that are not even owned or operated by the owners of the pipeline. Though this PRA is really intended for the pipeline industry, clearly, it’s applicable to almost any wide-area SCADA, that’s water or electrical industry as well. Jim: Okay, that makes sense. So those are definitely challenges that don’t exist for more automation systems, as you say, inside the wire. Tell us more about how the PRA addresses these. Steve: Well, the big thing is segmentation, basically, taking the network and splitting it into different levels that represent different areas of the operation. For example, the internet would be what’s referred to as level zero, and moving all the way down to the bottom of the network, that’s level nine. And the levels in between that represent different levels of trust. Now, those who are familiar with cybersecurity and SCADA are probably familiar with something that is called the Purdue model, which I think first came out in the late 1980s, and that also splits up SCADA and control networks and actually business networks into different levels. However, when that came out, the internet was in its infancy. No one would ever have used the internet or even really public IP networks for their connectivity. So it doesn’t really take into account many of the things we take for granted today in these systems. So the PRA is intended to expand and take into account the reality that, for example, some of this critical data will actually be transiting across a public network, right? And in order to achieve that with this segmentation, we’re using a concept called Defense in Depth, right? And as you go down the different levels of the network, the assumption is you can trust each item on that network better. So, for example, on the internet, you don’t trust anything, but when you get down, let’s say, to the communications between an RTU [remote terminal unit] and a gas chromatograph on a local serial link, you might completely trust that. Now, it’s interesting, although that’s part of the PRA model, that does actually conflict with a security concept called Zero Trust, which is something that Emerson has really based our products on. But both zero trust and defense in depth are valid. Jim: Now, you had mentioned a couple of concepts I’d like to explore a little bit more in there, and let’s start with zero trust. Can you explain that concept to us? Steve: Oh, yeah. Yeah. Zero trust is a concept where any piece of equipment or software should trust nothing. Don’t trust anything else on the network, don’t trust the network to be safe, and it should not rely on anything else for protection. And historically, SCADA was protected, for example, by firewalls. You would use insecure products that were known to not be secure because they were developed perhaps 20 or 30 years ago and hide them behind firewalls, and that’s really how we’ve handled security today. But there’s a realization you can’t do that. So we now need to design products so that they don’t trust anything. But the reality is many of our customers, Emerson’s customers and pipeline operators, have devices that were installed perhaps 30 years ago. That’s the typical lifespan of some RTUs and controllers in this industry. So as a result, when you get down to the lower levels of the network, zero trust doesn’t work. So you do have to have levels of additional protection. So for example, if you had a Modbus link, which is basically insecure almost by design, that should be protected by additional levels of firewalls and so on. But if you’re designing a modern product, it should be designed so it doesn’t rely on anything else. And that’s the concept of zero trust. Jim: Okay, got it. So don’t trust anything. Everything must be proven out. And the other concept you talked about was defense in depth. So, what does that mean? Steve: Well, the phrase is most commonly used where we’re talking about a network with multiple levels in. So when you come from, for example, the internet into your business network, you would have a set of firewalls and what’s called the demilitarized zone. And then when you go from your business network down to your controls network, you’d have another set of firewalls. So it’s multiple levels of protection. However, that same concept should be used actually within products as well. And, in fact, Emerson takes that very seriously with our secure development lifecycle certifications, IEC 62443, and how we design those products. Jim: Well, that’s good. As you get those two and as you put in more modern technology, that it complies and has that cybersecurity built into mind there. So, can you give us an example of how it’s built in? Steve: Yeah. That great one. If I take, for example, the Emerson FB3000 RTU, that’s a flow computer and a controller device that’s designed specifically for the oil and gas industry, especially for pipelines, an obvious concern is that that may be attacked externally to modify the firmware. Now, at the first level, the RTU itself has secure protocols. It uses something called DNP3, which would, in theory, provide access to the device. But then the firmware, when we issue new firmware, we put it on a website so we have protection of the website, we also publish a hash, which is basically a unique key that the customer downloading the firmware can check. It hasn’t been modified by anyone attacking the website. But then, when they actually put it into the RTU, so they’re updating firmware, the RTU will check that that firmware was developed by Emerson and was intended for that device. It does that by certifying certificates on the load. Now, once it’s in the device and it’s running in the field, you might say, “Well, the task is done,” but there’s an additional level of protection. It will continually and on boot, check that firmware, make sure the certificate still matches, it’s not being changed. And if it has been changed, it will actually revert to a known good factory firmware that’s basically embedded in the device. So you can see that there’s really five or six different things all checking and ensuring that firmware in that device was not compromised. So basically, multiple levels within the device, and in addition, there’s multiple levels on the network. So the bad guys have to get through a lot of different levels to damage or compromise the device. And we’re trying to do that with everything we design today. Jim: Yeah. And with modern cryptography and making any change completely will change that hash and everything and make it impossible to slip something in without it being noticed. So that’s really a nice thing. Steve: Yeah. And the fact that even if it detects it, it then goes back to factory firmware, which may be a slightly older version, but your operation will keep running. It will keep controlling, which is a very nice feature. Jim: Yeah, that’s a great example there. I guess, going back to the PRA, what else does it include other than the segmentation that you discussed? Steve: There’s about 10 high-level principles that cover aspects of the design and operation of the SCADA system. And for each of these, there’s various examples and guidance on how to actually follow the principle in a real-world system. So, for example, there was a whole section on how to manage third-party devices in the contractors, because on a pipeline system, you’re almost certainly gonna have, for example, engineers from Emerson coming in from third parties. So it gives examples on the real-world aspects of operating the system. Jim: Are there other examples from it you can share? Steve: Yeah. One important one is when you’re designing the system, you should identify and document all of the different data flows that occur. And that’s, when I say data flow, communications or conversation between different pieces of equipment. So, for example, this RTU may communicate with that SCADA platform on this particular machine and may communicate with a measurement system on another machine, document all of those data flows, and then deny all other data flows by default. Then, after the system is running, continually monitor it passively. And if you see an additional communication, say, between two pieces of equipment that normally never communicated or didn’t communicate on a particular IP socket, flag that immediately, because it may be something that’s going on that was unexpected. It certainly was outside the original design of the system. Jim: This has been very educational. Thank you so much, Steve. Where can our listeners go to learn more? Steve: Well, really a couple of places. If you go to the CISA blog, which is at www.cisa.gov/news-events, there’s details there. The actual PRA was published on March the 26th of this year. And also, if you want to discover more about Emerson’s involvement in wide-area SCADA and the cybersecurity associated with it, if you go to Emerson.com/SCADAforEnergy, you’ll find some information there. Jim: Okay, great. And I’ll add some links to that and to some of the other things we discussed in the transcript. Well, thank you so much for joining us today, Steve. Steve: Not a problem. It’s a pleasure. -End of transcript-The podcast and artwork embedded on this page are from Emerson Team, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

CISO Tradecraft
#190 - Lawyers, Breaches, and CISOs: Oh My (with Thomas Ritter)

CISO Tradecraft

Play Episode Listen Later Jul 22, 2024 45:10 Transcription Available


In this episode of CISO Tradecraft, host G Mark Hardy interviews cybersecurity lawyer Thomas Ritter. They discuss key legal topics for CISOs, including regulatory compliance, managing third-party risk, responding to data breaches, and recent legislative impacts. Thomas shares his journey into cybersecurity law and provides practical advice and real-world examples. Key points include the challenges of keeping up with evolving regulations, the intricacies of vendor management, and the implications of recent Supreme Court rulings. They also touch on major breaches like SolarWinds and Colonial Pipeline, exploring lessons learned and the importance of implementing essential security controls. Thomas Ritter - https://www.linkedin.com/in/thomas-ritter-2b91014a/ Transcripts: https://docs.google.com/document/d/1EvZ_dOpFOLCSSv5ffqxCoMnLZDOnUv_K Chapters 00:00 Introduction to CISO Tradecraft 00:48 Meet Thomas Ritter: Cybersecurity Lawyer 03:48 Legal Challenges for CISOs 04:54 Managing Third-Party Risks 13:01 Understanding Legal and Statutory Obligations 15:57 Supreme Court Rulings and Cybersecurity 32:57 Lessons from High-Profile Cyber Attacks 38:32 Ransomware Epidemic and Law Enforcement 43:30 Conclusion and Contact Information

Modem Mischief
Colonial Pipeline Hack

Modem Mischief

Play Episode Listen Later Jun 10, 2024 21:24


The savange ransomware attack of Colonial Pipeline was close to bringing travel in the United States to a standstill. Created, Produced & Hosted by Keith Korneluk Written & Researched by John Phillips Mixed & Mastered by David Swope Theme Song You Are Digital by Computerbandit

Innovation Storytellers
157: Creating an Innovation Pipeline at Colonial Pipeline

Innovation Storytellers

Play Episode Listen Later Jun 4, 2024 33:23


  What does innovation look like in the oil and gas industry, particularly in the midstream sector? In this episode of Innovation Storytellers Show, Susan Lindner introduces Dr. Mariah Judd, the Director of Innovation at Colonial Pipeline Company, to explore this intriguing question. Dr. Judd delves into the vital role Colonial Pipeline plays as a key national infrastructure, supplying fuel to millions of Americans. She emphasizes the company's commitment to future energy needs through innovation. With a rich background stemming from her Ph.D. at Purdue University and experience in alternative energy and energy transition, Dr. Judd brings a wealth of knowledge to the conversation. She discusses the concept of 'midstream' in the oil industry, highlighting Colonial's efforts to enhance efficiency, optimization, and safety. From innovative leak detection and prevention technologies to ambitious projects in carbon capture and reduced emissions, Colonial Pipeline is paving the way for a sustainable energy future. Dr. Judd also shares insights on fostering a culture of innovation within large organizations. By adopting a human-centric approach, Colonial encourages employees to embrace an innovative mindset, supporting continuous improvement and breakthrough thinking. This agile, open-minded strategy aligns innovation efforts with the company's strategic goals, enabling purposeful progress without rigid preconceptions. Join us as we explore the complexities and opportunities of midstream innovation and discover how Colonial Pipeline is positioning itself at the forefront of energy transformation.  

Confluence Podcasts
Bi-Weekly Geopolitical Report – The Changing Face of War (4/22/2024)

Confluence Podcasts

Play Episode Listen Later Apr 22, 2024 11:18 Transcription Available


The changing face of war makes it difficult for investors to identify exactly when war begins, when it ends, and when the right time is to implement a war-time investment strategy. Associate Market Strategist Daniel Ortwerth joins Phil Adler to offer some guidance.

CISO Stories Podcast
The Importance of OT Security: The Evolving Threat Landscape - Ken Townsend - CSP #170

CISO Stories Podcast

Play Episode Listen Later Apr 16, 2024 30:00


Manufacturing environments rely heavily on Operational Technology (OT) systems – such as industrial control systems, supervisory control, PLCs etc. to manage production processes. Compromises of these networks and systems can have devastating consequences, including: • Production disruptions and downtime • Safety hazards: • Data breaches and intellectual property theft: • Financial losses: Ransomware attacks can cripple operations and demand hefty payments. Manufacturing is a lucrative target for Ransomware. • There is little tolerance for downtime. • Difficulty in managing OT environments (different skillsets) • Increasing connectivity between IT and OT due to digital transformation Incidents such as the well documented Colonial Pipeline attack along with other manufacturing companies like Dole, and Brunswick continue to highlight the growing threat landscape for OT security in manufacturing. This segment is sponsored by Arctic Wolf. Visit https://www.cisostoriespodcast.com/arcticwolf to learn more about them! Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-170

On Principle
Nothing but Volatility: Lauren Kriegler

On Principle

Play Episode Listen Later Apr 9, 2024 36:12


On a mid-May afternoon in 2020, Lauren Kriegler sat in her home office and scribbled a warning to her young kids—who were in the thick of remote learning—on a Post-It Note and stuck it to her office door: “Important call. Do not come in!”For five years at Alaska Airlines, Kriegler had led a massive project to overhaul the uniforms provided to its 20,000+ frontline employees—five years building a program from raw materials to design and development, inventory planning and distribution, and ultimately the culmination of a rollout during the early stages of the pandemic. This included multiple visits to China to get closer to the supply chain, as well as the integration of industry-leading textile safety standards, leading Alaska to be the first North American carrier to integrate Oeko-Tex into a custom supply chain. Along the way, Kriegler led additional teams, including retail operations, freight and logistics, and print programs. As the uniform program launched and was moving to steady state, she was starting to think about her next challenge.Now, as the Teams window on her computer flashed open to her weekly tie-in with her boss, she was confronting what might come next: leading the fuel program for the airline as director of fuel—an area of the business where she had no experience. It was a role fraught with challenge and opportunity that started with the consolidation of two departments, the lack of a hand-off from her predecessors in the role and a massive learning curve.Once she assumed the role that July of 2020, she would see planes get fueled for the first time, spend time on the ramp learning the operation and become quickly immersed in the complexities of the oil and refining markets and supply chains. She openly acknowledged with internal and external partners that at many times she had more questions than answers.She worked diligently to overcome her learning curve in order to prepare the fuel program to support the airline's emergence from the pandemic, both operationally and financially. Through all of these learnings, she also started to wrap her arms around an initially small but critical component of the fuel program: Sustainable Aviation Fuel (SAF)—something that as the months went by would become a much more significant focus of her day-to-day role. By the end of her first year and what Kriegler called a “brutal summer,” she had confronted all that and more, including a Mother's Day 2021 alert to the Colonial Pipeline shutdown, wildfires, labor shortages, extreme weather and other external events that buffeted fuel supply chain operations.“I've only known volatility,” Kriegler said. “During that first summer, I remember thinking (that) how I navigated that summer's seemingly never-ending challenges would shape my future at Alaska as an operational leader. I was determined not just to get through it, but to establish an industry-leading program that was resilient and intentional. And to be honest, I had many moments of self-doubt given my lack of experience—and I know others did as well.”Related LinksLauren shares supply chain learnings with students at the University of Washington.Alaska Airlines' news release on the launch of its uniform redesignMore about WashU Olin's Sergio ChayetLauren's LinkedIn pageCreditsThis podcast is a production of Olin Business School at Washington University in St. Louis. Contributors include:Katie Wools, Cathy Myrick, Judy Milanovits and Lesley Liesman, creative assistanceJill Young Miller, fact-checking and creative assistanceAustin Alred and Olin's Center for Digital Education, sound engineeringHayden Molinarolo, original music and sound designMike Martin Media, editingSophia Passantino, social mediaLexie O'Brien and Erik Buschardt, website support

Women's Energy Network
61. Midstream - The Unsung Hero

Women's Energy Network

Play Episode Listen Later Mar 6, 2024 36:40


#WENPodcast Alert;  In the first episode of our 2024 @Women's Energy Network podcast, hosts @Kara Byrne, @Beth Gould Creller, and @Maggie Teliska have an insightful conversation with Melanie Little, the President & CEO of @Colonial Pipeline. Together, they explore the fascinating world of the mid-stream sector, shedding light on its often overlooked importance in the energy industry. Melanie highlights the midstream sector's exceptional safety standards, low carbon footprint, and high reliability and emphasizes its significant role in ensuring a sustainable future and paving the way for a greener tomorrow. #WEN2024 #EnergyIndustry #Midstream #SustainableFuture #pipelinesThe views and opinions expressed in this podcast are solely our own and do not express or imply the views or opinions of our employers or any of its officers, directors, or employees. Connect with:Melanie on LinkedIn: https://www.linkedin.com/in/melanie-little-951b56191/ Kara on LinkedIn: https://www.linkedin.com/in/krbyrne/Maggie on LinkedIn: https://www.linkedin.com/in/maggie-teliska-36538b14/Beth on LinkedIn: https://www.linkedin.com/in/bethcreller/ Quick links:Learn more about Colonial Pipeline: https://www.colpipe.comLearn more about Women's Energy Network: https://www.womensenergynetwork.org*Make sure to SUBSCRIBE, RATE, AND REVIEW*

AZ Tech Roundtable 2.0
IT Setup & Cybersecurity w/ Luciano Aguayo of Redgear - AZ TRT S05 EP07 (222) 2-18-2024

AZ Tech Roundtable 2.0

Play Episode Listen Later Feb 22, 2024 52:25


IT Setup & Cybersecurity w/ Luciano Aguayo of Redgear AZ TRT S05 EP07 (222) 2-18-2024  What We Learned This Week RedGear provides turnkey IT solutions for clients. Outsource IT to shift liability IT often an afterthought, when it should be a major priority - lifestyle of tech in a business Data is lifeblood of a company, need security Cybersecurity is just one part, need to monitor physical location, who has access, email, etc   Guest: Luciano Aguayo of Redgear https://redgear.com/     Luciano Aguayo is a Texas native, and an active member and contributor to the Southwest Technology community. His professional career spans a diverse industry portfolio and has held various titles and certifications at the senior engineering and senior management levels. Luciano specializes in designing and implementing turnkey complex infrastructure solutions. For the past 20 years Luciano has designed and implemented numerous infrastructures for regional and local school districts, has a diverse portfolio of local and international businesses, including the federal government, and key Southwest landmarks and attractions. After several years in the private sector and after building a loyal customer base, Luciano launched RedGear in 2016. RedGear is a regional business to business technology solutions company. Since its inception, RedGear has quickly grown to 4 locations, 50+ employees, and recently opened a regional office in Phoenix, Arizona. Luciano remains active in the technology industry helping oversee the portfolio of one of Southwest's largest developers. He also is an active member of El Paso Community College ITSC Advisory Committee He also owns and operates El Paso's newest carrier neutral datacenter. He brings effective and proven leadership and mentoring qualities and has an eye for detail when managing projects. He has a passion for technology, giving back to the community, and mentoring the future generations of Engineers. 20+ years experience in: Cisco CCNP Routing and Switching, Cisco Nexus Datacenter, CCNP Voice, CCDA, Cisco Security, Cisco WLAN, Cisco Unified Communications (VoIP), Citrix CCA, Citrix Xen Desktop, Citrix XenApp, MCSE, MCSA, Operating Systems Troubleshooting, Hardware/Software Troubleshooting, Advanced Windows Server Configuration and Troubleshooting, VM Ware, Enterprise Design, Implementation, solutions, IT Consulting, and much more.   RedGear RedGear provides professional technology services, equipment, and consulting in the Southwest US region. Our entire culture is built around supporting business infrastructures, while building relationships and delivering an exceptional customer service experience and always keeping our customers best interest a top priority. We've built our success by reputation, quality of work, professionalism, and always being there for clients every step of the way whenever they need us. Our services, certifications, experience, and expertise cover the entire spectrum of Information Technology that no other regional technology service provider can match. We manage all aspects of Technology so the customer can focus on running their business. Our company vision is based on delivering premier customer service by employing and retaining top talent that believes in our mission, we work hard to provide trusted, honest, immediate, and excellent IT services to every client, no matter how big or small. No more wondering what kind of support you will receive. Our staff is certified in numerous fields, to offer the upmost reliable support. Our experience is vast covering all sizes of organizations and industries.     Notes: Seg 2   Redgear     IT company responsible for security of their clients. IT is a lifestyle. RedGear value proposition is turkey solutions. They are your smart friend to help with tech.   Support IT for small businesses. They also have larger enterprise type clients. They act as a consultant, and can screen for a CTO or a CIO for a company.   IT should be a priority of companies yet, it is often an afterthought. Need to understand how to secure an IT room, not just in software, but also the actual room itself. Who has access?   RedGear works in the tech and security industry which is the backbone of all organizations and compliance. People hire RedGear to outsource and shift liability. IT in its simplest form is anything that you plug into the wall and connect to the Internet. It can also mean security.   Trust of your IT provider, and keeping business contingency. Question, businesses always have to answer is how long can they stay down with an interruption and survive. Plus what is their plan for data retention.   IT can be about network, connections, computers, hardware, and the actual Physical IT room. Can also deal in cyber security and password resets. IT has both software as well as hardware like servers and programming applications.   Luciano has 20+ years of experience working in IT and technology. Information Technology not always the priority of many companies but it really should be. Need a plan going forward to manage security and data in all businesses.   You have to determine what's going to be your budget based on the size of the business. Not uncommon to outsource to companies like RedGear. Also need to think about the physical aspects of IT, like is your room secure?   What type of energy your BTU air conditioner usage are you using? Who has control, how cool is it. Who has access to the room? What is your electrical circuit set up?   Do you have redundancy? Or electrical circuit separate and dedicated to the IT. What is your data or cloud storage like?     Seg 3   IT is the backbone of many organizations and should be a priority.   Need to hire trustworthy people, as well as outsource IT to trustworthy companies. There's no perfect set up. Unfortunately, security breaches are more question of When, and not if.   One of the worst stories about IT Luciano ever heard of was the janitor storage closet was the same as the IT room. Another issue with a lot of IT rooms is they don't have good cooling. IT should be a separate room with good security.   You want to also have video security and badge access. Physical access of an IT room is very underrated. Security is the biggest threat to the end-user. You have to know when a breach happens.   How did it happen? It could be software but often it's actually the employees as a threat. They need to pay attention to what is going on and types of emails they get.   Also, sometimes security breaches are an inside job. Companies need to test and educate their staff about IT.   Once Malware gets in to the system it can take over accounts and send email as the person. Phishing scams unfortunately are still very popular with emails.   Good email security typically will filter out malicious emails. Then you waitlist your contact, so you know who it's OK to email. All these need to examine emails.     Seg 4   IT reviews & monitors compliance, so a company must determine a budget.   Data is the gold of companies now. Data contains the companies processes, industry secrets, and private employee and customer info. It is crucial to have a backup of company data, typically onsite and secured, plus offsite in the cloud. You'll always want to build in redundancy and have backup servers for data.   Good IT set up will have disaster recovery. As for the physical set up and protecting data, you want to be aware of how your sprinkler system is set up. You always have to guard against disgruntled employees, who could steal or delete company data.   Your IT provider needs to know the industry and have good experience to engineer the proper solution.   RedGear has worked with some top level clients, including the DEA in Washington DC on a federal level. Their cyber security needs to be top-of-the-line.   It is not in common for the average big company to deal with corporate attacks where hackers try to steal data, and then even hold it hostage for ransom.   Common practice nowadays is for a business to have cyber security liability insurance. The application for the insurance will ask about the physical environment and the set up of the IT and data.   The medical industry has updated cyber and HIPAA compliance. It is essential to have good IT, hospitals and any major medical office.   RedGear is your IT smart friends. They will always give you recommendations of good better and best.         Seg 1. – Related IT Clips from:   Phishing, Malware & Cybersecurity - Try Not to Get Pwned - BRT S02 EP47 (94) 11-21-2021   What We Learned This Week:   Have I been Pwned? Means have I been breached / hacked – did someone hack my email or website Phishing – most common type of email threat, like when you receive a strange email with a link – Do Not Open – DELETE (and alert other office staff of the email) Ramsonware – hack your website, or data – hold it hostage for an extortion ‘ransom' payment Dark Web – where stolen data, & info is being bought & sold VPN Connections – direct and secure   Guests: Vince Matteo, Seven Layer Networks, Inc. https://sevenlayers.com/   There are many different types of cyber attacks from a password breach, website hack to email phishing scams. Vince Matteo of Seven Layers (.com) gives advice on what to be on the lookout for, tips for protection, and some reference sites for more info. We discuss Email Phishing scams, spearphishing attack, password breaches, website hacks, data breaches, ramsonware, software and VPNs.   Full Show: HERE       Cybersecurity, Disruption, Blockchain & Terrorism w Ari Redbord of TRM Labs - BRT S02 EP31 (78) 8-1-2021     What We Learned This Week Cybersecurity is extremely important industry for national security TRM Labs startup in cyber-security, monitors blockchain OFAC - Gov't administers economic and trade sanctions Ransomeware – specific breach, takeover of a computer system, holds data hostage Programatic Money Laundering – bad guys create new addresses, create ‘shell' companies Guest: Ari Redbord, Head of Legal and Government Affairs w/ TRM Labs https://www.linkedin.com/in/ari-redbord-4054381b4/ https://www.trmlabs.com/post/trm-labs-appoints-ari-redbord-as-head-of-legal-government-affairs   Ari is formerly a US Attorney, and worked in the Treasury Department, now advises the Government on cybersecurity, and Blockchain. Cybersecurity is a fast growing and extremely important industry for national security, and corporate interests. There are Nation States acting as bad players in the cyber realm and targeting the US Government and US business. We discuss the advancements in technology on cyber crime, blockchain, crypto, and online fraud. How is the FBI dealing with Ransomware, and other cyber attacks on prime targets like the Colonial Pipeline, or other big corps. What Regulations are coming in banking, and Fintech, with KYC (Know Your Customer), plus the big banks like JP Morgan Chase and Goldman are on board.  What the blockchain ledger can help solve in security, to monitor criminal activity in real time with the help of crypto exchanges like Coinbase.  Lastly, what TRM Labs does for clients, how they advise, operate, and who they work with.     Notes: TRM Labs – blockchain security biz, works with law enforcement and businesses. Financial exchanges and Regulators. Monitor cyber-security - TRM – startup, 3 yrs old, Ari joined 2021. Monitor risk in crypto currency.     Full Show: HERE     Best of Biotech from AZ Bio & Life Sciences to Jellatech: HERE   Biotech Shows: HERE   AZ Tech Council Shows:  https://brt-show.libsyn.com/size/5/?search=az+tech+council *Includes Best of AZ Tech Council show from 2/12/2023     ‘Best Of' Topic: https://brt-show.libsyn.com/category/Best+of+BRT     Thanks for Listening. Please Subscribe to the BRT Podcast.     AZ Tech Roundtable 2.0 with Matt Battaglia The show where Entrepreneurs, Top Executives, Founders, and Investors come to share insights about the future of business.  AZ TRT 2.0 looks at the new trends in business, & how classic industries are evolving.  Common Topics Discussed: Startups, Founders, Funds & Venture Capital, Business, Entrepreneurship, Biotech, Blockchain / Crypto, Executive Comp, Investing, Stocks, Real Estate + Alternative Investments, and more…    AZ TRT Podcast Home Page: http://aztrtshow.com/ ‘Best Of' AZ TRT Podcast: Click Here Podcast on Google: Click Here Podcast on Spotify: Click Here                    More Info: https://www.economicknight.com/azpodcast/ KFNX Info: https://1100kfnx.com/weekend-featured-shows/     Disclaimer: The views and opinions expressed in this program are those of the Hosts, Guests and Speakers, and do not necessarily reflect the views or positions of any entities they represent (or affiliates, members, managers, employees or partners), or any Station, Podcast Platform, Website or Social Media that this show may air on. All information provided is for educational and entertainment purposes. Nothing said on this program should be considered advice or recommendations in: business, legal, real estate, crypto, tax accounting, investment, etc. Always seek the advice of a professional in all business ventures, including but not limited to: investments, tax, loans, legal, accounting, real estate, crypto, contracts, sales, marketing, other business arrangements, etc.

The WorldView in 5 Minutes
Special Counsel: Biden is “well-meaning, elderly man with a poor memory”, China looking to cyber attack U.S. civilian infrastructure imminently, Brave sister rescues brother from Walmart kidnapping

The WorldView in 5 Minutes

Play Episode Listen Later Feb 11, 2024


It's Monday, February 12th, A.D. 2024.  This is The Worldview in 5 Minutes heard at www.TheWorldview.com.  I'm Adam McManus.  (Adam@TheWorldview.com) By Adam McManus Indian pastor beaten unconscious A group of Christians in India were physically assaulted by members of Hindutva organizations which champion nationalist Hindu philosophy, reports The Christian Post. On January 21st, Pastor Mahesh Mahananda claimed that he and the group of Christians were ambushed by people brandishing sticks at approximately 5:30 p.m. while they were returning from a lunch gathering in the Chhattisgarh state.  The perpetrators were the same people who had been participating in Rama temple rallies regularly. Sadly, Pastor Mahananda was rendered unconscious by the attack leading to his hospitalization. In Matthew 10:22, Jesus said, “You will be hated by everyone because of Me, but the one who stands firm to the end will be saved.” China looking to cyber attack U.S. civilian infrastructure imminently Last week, FBI Director Christopher Wray told Congress that the Chinese government is planning cyber attacks on America's civilian infrastructure in the near future, that would cripple the U.S. society, reports RealClearPolitics.com. Listen. WRAY: “There has been far too little public focus on the fact that [People's Republic of China] hackers are targeting our critical infrastructure, our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems, and the risk that poses to every American requires our attention now. “China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities. If and when China decides the time has come to strike.” Talk show host Steve Malzberg asked Gordon Chang, a Chinese expert who lives in New Jersey and the author of The Great U.S.–China Tech War, what he thought. MALZBERG: “On a scale from 1 to 10, how serious a threat is it for what he's describing to actually happen?” CHANG: “Oh, about a 20 maybe. This is something which is not a theoretical threat because on November 25, Iranian hackers took control of part of a water system in Aliquippa, Pennsylvania, which is close to Pittsburgh. The workers were able, through manual means, to get back control of their water. But that showed you what can happen. “Right after that, other utilities, about four others, were hit by hackers. We know that last year there were Chinese hacks on oil pipelines in the U.S. Hospitals, in November in the United States, were hit in Texas, Mexico, Oklahoma, and my state of New Jersey. We also can't forget May 2021 when Russian ransomware attackers took down the Colonial Pipeline, disrupting airline services and U.S. car traffic on the East Coast.” Special Counsel calls Biden “well-meaning, elderly man with a poor memory,' brings no charges Special Counsel Robert Hur, appointed by Attorney General Merrick Garland, described President Biden as a "sympathetic, well-meaning, elderly man with a poor memory." Hur said he would not bring criminal charges against Biden after a months-long investigation into his improper retention of classified documents related to national security, reports Fox News.  Hur's report was made public Thursday afternoon. Even liberal CNN reporter Min Jung Lee asked President Biden tough questions about his mental competence. LEE: “Mr. President for months when you were asked about your age, you would respond with the words, ‘Watch me!'” BIDEN: “Watch me.” LEE: “Many of the American people have been watching and they have expressed concerns about your age.” BIDEN: “Your judgment. That is your judgment public. That is not the judgments of the press.” LEE: “They expressed concerns about your mental acuity. They say that you are too old. Mr. President, in December you told me that you believe there are many other Democrats who could defeat Donald Trump. So, why does it have to be you now? What is your answer to that question?” BIDEN: “Because I'm the most qualified person in this country to be president of the United States and finish the job I started.” Professor: Special prosecutor saying Biden unfit to be president Appearing on The Angle with Laura Ingraham, Victor Davis Hanson, Professor Emeritus from California State University, said most journalists will now acknowledge Biden's mental incompetence which most Americans have known for some time. HANSON: “Right now, there is a lot of journalists who are saying, ‘I want to get out of dodge. I want to go on record that I've always said he had mental problems.' “I think they are going to try to be the first to say, ‘I have integrity. I was unempirical. I'm disinterested.' Because it's going to get worse and worse and they don't want to be the last person on the ‘Biden is competent' train. I think they want to get off. “Because I think we are reaching a point where I don't see how he is going to be tenable when a federal special prosecutor, appointed by his own attorney general, says that he is essentially unfit to be president of the United States.” Brave sister rescues brother from Walmart kidnapping And finally, a brave sister stepped in and saved her 4-year-old younger brother from becoming a possible kidnapping victim, reports KDIA. A YouTube clip shows a man in a Lehigh Acres, Florida Walmart approaching the four-year-old boy on December 29th, grabbing his wrist, and forcing him to go in his direction. He then attempts to leave the area quickly with the child. Thankfully, the man's sinister attempt was prevented. The child's older sister witnessed the man's devious actions, reached out to the 4-year-old, grabbed her brother's arm, and pulled him back to safety, sheltering him behind a nearby shopping cart.  When their mother called Walmart security, they scanned video footage which led them to discover his license number.  Within an hour of the incident, deputies identified the perpetrator as 64-year-old Pablo Pintueles Hernandez and arrested him at his home. He has been charged with false imprisonment of a child.  Hernandez has since been released on a $100,000 bond. Psalm 127:3 says, “Children are a heritage from the Lord, offspring a reward from Him.” Praise God that the alert older sister bravely rescued him from harm. Close And that's The Worldview in 5 Minutes on this Monday, February 12th in the year of our Lord 2024. Subscribe by iTunes or email to our unique Christian newscast at www.TheWorldview.com.  Or get the Generations app through Google Play or The App Store. I'm Adam McManus (Adam@TheWorldview.com).  Seize the day for Jesus Christ.

Hacker And The Fed
The Colonial Pipeline Hack, the SEC's X Account, and Special Agent Aron Mann on Homeland Security and Cyber

Hacker And The Fed

Play Episode Listen Later Jan 31, 2024 93:38


On this episode of Hacker And The Fed we interview Special Agent Aron Mann with Homeland Security Investigations (HSI) Cyber Crime Center about their cyber role and career opportunities. We break down the Colonial Pipeline hack, how the dark web is intensifying the insider threat, and dig into the mother of all breaches. And finally, the SEC's X account was hacked. Links from the episode:  https://www.ice.gov/about-ice/homeland-security-investigations https://www.ice.gov/partnerships-centers/cyber-crimes-center https://www.usajobs.gov/ https://www.usajobs.gov/Search/?k=homeland%20security%20investigator   Colonial Pipeline Hack - May 2021 https://www.justice.gov/opa/speech/dag-monaco-delivers-remarks-press-conference-darkside-attack-colonial-pipeline https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside https://www.justice.gov/media/1159701/dl From Loyal Employees to Cybercriminals https://thesun.my/opinion_news/from-loyal-employees-to-cybercriminals-AC12012406 Mother of All Breaches Reveals 26 Billion Records: What We Know So Far https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/ SECGov X Account https://www.sec.gov/secgov-x-account Support our sponsors: NAXO is a premier cybersecurity and investigations firm, including blockchain forensics, whose mission to fight cybercrime aligns perfectly with Hacker and the Fed's content. Go to cloudsolvers.com tell them “Hacker and the Fed sent you” to get a free assessment of your current environment.

The Squeaky Clean Energy Podcast
(From the Archives) - Episode 49: What's in Store(age) for North Carolina

The Squeaky Clean Energy Podcast

Play Episode Listen Later Jan 12, 2024 47:27


We're bringing back an episode from 2021 featuring North Carolina's role in the energy storage supply chain highlighting the Western part of the state's spodumene resources. We also briefly touch on the recently approved PowerPair solar and storage incentive approved by the NCUC. The order can be found here: https://bit.ly/3O3wjNw We're kicking off a mini-series focused on North Carolina's role in the storage industry, starting from supply-chain, then highlighting research and innovation, and finishing off with markets and policy. On this episode, we're highlighting the supply chain of storage and batteries here in North Carolina. We sit down and talk with Brian Risinger of Piedmont Lithium to highlight western North Carolina's spodumene resource – a mineral used to make lithium ion batteries. We'll talk about the process of extracting and refining this resource, along with the advantages of onshoring this industry that's so important to the future of electric vehicles and storage. On this episode we also provide some short highlights from the NC legislative session to date and bills introduced. We also briefly touch on the Colonial Pipeline ransomware attack. To wrap us up, Daniel Pate, NCSEA's Energy Program Manager takes us on another virtual tour of installed clean energy projects on the NC Solar Traveler. On today's episode we're focused on Hertford and Northampton counties. Presented by NC Sustainable Energy Association. Hosted and produced by Matt Abele (Twitter: @MattAbele)

This Week in Startups
The Growing Ransomware Threat: Targets, Insights, and Strategies with Halcyon's Jon Miller | E1877

This Week in Startups

Play Episode Listen Later Jan 9, 2024 55:53 Very Popular


This Week in Startups is brought to you by… Scalable Path. Want to speed up your product development without breaking the bank? Since 2010, Scalable Path has helped over 300 companies hire deeply vetted engineers in their time zone. Visit http://www.scalablepath.com/twist to get 20% off your first month. Northwest Registered Agent. When starting your business, it's important to use a service that will actually help you. Northwest Registered Agent is that service. They'll form your company fast, give you the documents you need to open a business bank account, and even provide you with mail scanning and a business address to keep your personal privacy intact. Visit http://www.northwestregisteredagent.com/twist to get a 60% discount on your next LLC. Vanta. Compliance and security shouldn't be a deal-breaker for startups to win new business. Vanta makes it easy for companies to get a SOC 2 report fast. TWiST listeners can get $1,000 off for a limited time at http://www.vanta.com/twist * Today's show: Jon Miller, CEO and Founder of halcyon joins Jason to discuss how ransomware attackers get away with it and stay anonymous (6:12), hacker markets, bounties, tools, and AI's role (16:20), proactive measures for startups to safeguard themselves (34:42), and more! * Timestamps: (0:00) Jon from Halcyon joins host Jason. (2:52) Delving into the renaissance of ransomware. (6:12) How ransomware attackers get away with it and stay anonymous. (8:27) Strategies for counteraction and policy implications. (10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist (11:31) 2023 ransomware attacks on MGM and Caesar's in Las Vegas. (13:52) Halcyon's endpoint agent: a solution to thwart threats. (16:20) Exploring hacker markets, bounties, tools, and AI's role. (19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist (21:55) The effectiveness of multi-factor authentication and strong passwords. (22:49) Comparing financial vs. espionage attacks and the Colonial Pipeline event. (29:26) The escalating danger for companies and the Uber cyber attack. (31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist (32:35) AI and quantum computing: new frontiers for hackers. (34:42) Proactive measures for startups to safeguard themselves. (37:08) Growing hacker sophistication in places like China, North Korea and Iran. (41:00) How the USA ranks in the world with cybersecurity and computer hacking. (43:41) Your privacy is an illusion and a look at the information available on TikTok. (48:01) The biggest threat that keeps Jon up at night. (50:36) American Power Grid Vulnerabilities and ways to be prepared. * Check out halcyon: https://www.halcyon.ai * Thanks to our partners: (10:10) Scalable Path - Get 20% off your first month at http://www.scalablepath.com/twist (19:57) Northwest Registered Agent - Get a 60% discount on your next LLC at http://www.northwestregisteredagent.com/twist (31:27) Vanta - Get $1000 off your SOC 2 at http://www.vanta.com/twist * Follow Jon: X: https://twitter.com/HalcyonAi LinkedIn: https://www.linkedin.com/in/jonmillerhalcyon * Follow Jason: X: https://twitter.com/jason Instagram: https://www.instagram.com/jason LinkedIn: https://www.linkedin.com/in/jasoncalacanis * Great 2023 interviews: Steve Huffman, Brian Chesky, Aaron Levie, Sophia Amoruso, Reid Hoffman, Frank Slootman, Billy McFarland * Check out Jason's suite of newsletters: https://substack.com/@calacanis * Follow TWiST: Substack: https://twistartups.substack.com Twitter: https://twitter.com/TWiStartups YouTube: https://www.youtube.com/thisweekin * Subscribe to the Founder University Podcast: https://www.founder.university/podcast

The Cybersecurity Defenders Podcast
#87 - Hacker History: The Colonial Pipeline

The Cybersecurity Defenders Podcast

Play Episode Listen Later Dec 28, 2023 21:51


In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

THE TRUTH ABOUT YOUR FUTURE with Ric Edelman
12/15/23: When Crypto Tech Meets Traditional ETF Manager

THE TRUTH ABOUT YOUR FUTURE with Ric Edelman

Play Episode Listen Later Dec 15, 2023 42:57


Watch the video of today's podcast here: https://www.thetayf.com/pages/multimedia?wchannelid=c4ogwxwvtw&wmediaid=appwo3sfyg Crypto tech meets traditional ETF manager – is digital asset investing easier now? On today's podcast, I'm joined by John Feyerer of Invesco and Steve Kurz of Galaxy Digital to explore how Invesco and Galaxy Digital are delivering solutions for investors. Plus, I examine the scary rise of ransomware and how blockchain can stop it. Subscribe to podcast updates: https://form.jotform.com/223614751580152 Ask Ric: https://www.thetayf.com/pages/ask-ric ----- Links from today's show: Become Certified in Blockchain and Digital Assets: https://dacfp.com/certificatIon/ Bitcoin as a National Defense Strategy? (12/14/23 Episode): https://www.thetayf.com/blogs/this-weeks-stories/bitcoin-as-a-national-defense-strategy Illicit Financial Flows (IFFs) Article by World Bank: https://www.worldbank.org/en/topic/financialsector/brief/illicit-financial-flows-iffs Colonial Pipeline ransomware attack: https://en.wikipedia.org/wiki/Colonial_Pipeline_ransomware_attack Global X Blockchain ETF (Symbol is BKCH): https://www.globalxetfs.com/funds/bkch/ Global X Blockchain and Bitcoin Strategy ETF (Symbol is BITS): https://www.globalxetfs.com/funds/bits/ Invesco: https://www.invesco.com/us/en/solutions/invesco-etfs/galaxy-partnership.html The Impact and Opportunity of Bitcoin in a Portfolio - New Whitepaper: https://www.galaxy.com/insights/research/bitcoin-in-a-portfolio-impact-and-opportunity/ Self-Care with Jean Edelman: https://selfcarewithjean.com/ Listening to Our Inner Explorer (Jean Edelman's newest podcast episode): https://selfcarewithjean.com/ ----- Follow Ric on social media: Facebook: https://www.facebook.com/RicEdelman Instagram: https://www.instagram.com/ric_edelman/ LinkedIn: https://www.linkedin.com/in/ricedelman/ X: https://twitter.com/ricedelman YouTube: https://www.youtube.com/@RicEdelman ----- Brought to you by: Global X ETFs: https://www.globalxetfs.com/ Invesco QQQ: https://www.invesco.com/qqq-etf/en/home.html Schwab: https://www.schwab.com/ Disclosure page: https://www.thetayf.com/pages/sponsorship-disclosure-fee -----

Causality
52: Colonial Pipeline

Causality

Play Episode Play 0 sec Highlight Listen Later Dec 9, 2023 26:12 Transcription Available


In 2021 many of Colonial Pipelines IT systems were locked by malware and out of caution they shutdown the fuel pipelines feeding nearly half of the Eastern US leading to chaos at the gas pump and a state of emergency being declared. We look at how poor off-boarding hygiene led to an easily preventable cyber-attack.With John Chidgey.Hearing: Hearing Before the Committee on Homeland Security House of Representatives Transcript Threats to Critical Infrastructure: Examining the Colonial Pipeline Cyber-Attack (PDF) Charles Carmakal Statement from Hearing (PDF) General Information: Colonial Pipeline Colonial Pipeline Ransomware Attack How Three Major Cyber Attacks Could Have Been Prevented What IT security teams can learn from the Colonial Pipeline Evolution of the Chief Information Security Officer US Fuel Pipeline Hackers Statement DarkSide DarkSide Leaks Press Center (X) DarkSide Ransomware Gang Behind Pipeline Hack Quits TSA Renews Cyber-Security Guidelines for Pipelines DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators Federal Motor Carrier Safety Administration Emergency Declaration for 17 States Support Causality on PatreonEpisode Gold Producers: 'r' and Steven Bridle.Episode Silver Producers: Mitch Biegler, Shane O'Neill, Lesley, Jared Roman, Joel Maher, Katharina Will, Chad Juehring, Dave Jones, Kellen Frodelius-Fujimoto and Ian Gallagher.

RIMScast
Emerging Cyber Trends with Davis Hake

RIMScast

Play Episode Listen Later Nov 7, 2023 30:47


Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Davis Hake, Co-Founder of Resilience, about his career in national security work, including working with former Congressman Langevin, Homeland Security, and Obama's National Security staff. Davis tells about co-founding Resilience in the private sector to help organizations build cybercrime resilience. He introduces the Resilience Midyear 2023 Claims Report, revealing important trends discovered in cybercrime through claims data, Reliance research, and partner research.   Davis closes the interview with a look to 2024, his plans for pushing the flywheel faster, and his analysis of what it will take to break the new cybercrime business model.   Key Takeaways: [:01] About RIMScast. [:27] About today's episode, where we will discuss cyber security trends from Resilience's Midyear 2023 Claims Report. [:36] First, a quick shoutout to the RIMS New Zealand Pacific Island Chapter and Marsh Australia and New Zealand, who welcome you to Embrace The Unknown: Unleashing the Power of Risk, a one-day event on February 12, 2024 at the Pullman Hotel in Auckland, NZ. [1:00] It will be a gathering of experts, thought leaders, and professionals from various industries to explore and discuss the critical role of risk management in today's dynamic and uncertain world. There will be sessions on AI, Resilience, and Adaptability, highlighted by case studies and insights. See the link in this episode's show notes.  [1:21] It's never too early to talk about RISKWORLD 2024! Save the date, May 5th–8th, 2024 in sunny San Diego, California. Booth and sponsorship sales are open. Member registration opens this month, November 2023 and public registration opens in December 2023. Visit RIMS.org/RISKWORLD to learn all about it. [1:51] Our guest today, Davis Hake, is the Co-Founder of Resilience, which recently released its Midyear 2023 Claims Report. They say ransomware is entering a new era as cybercriminals have begun shifting their tactics to bypass security controls by hitting critical vendors and seeking larger targets for extortions. [2:14] They're big game hunting again and we're going to talk all about it with Davis Hake. Davis had a fascinating career in government and we will learn about that, as well. [2:33] Davis Hake, welcome to RIMScast! This episode was recorded in October, National Cybersecurity Awareness Month, but as Davis says, every month is National Cybersecurity Awareness Month! [3:18] Davis grew up working in politics on the Hill, for Congressman Jim Langevin. Congressman Langevin was one of the first on the Hill to identify we had serious problems in our critical infrastructure in everything from power plants to communication. At about that time, Stuxnet became a public concern. [3:50] Congressman Langevin dove into looking at what we need to do as a nation to secure these larger problems. He realized cyber is an economic problem of incentives, cost, and how businesses manage their digital innovation. He set Davis on a path to be passionate about trying to fix it. [4:14] Davis worked for a time in the Obama administration for the National Security Council. He came to the private sector to work in cybersecurity and got together with his Co-Founders to build something that would take this technical problem to understand a company's risk and how they invest against it. [4:41] They looked at the insurance industry for how to drive better risk management practices and applied RM to cyber. They started in 2016. Now, in 2023, they have an amazing insurance team with some of the best folks in the industry, serving clients in the U.S., the EU, and the UK with close to 200 staff members. [5:32] Davis praises former Congressman Langevin for his intense concern about national security, not as a politician but as one who served not only his constituents but the nation. He worked across the aisle to serve the national good. Most importantly, he got things done. [6:18] Congressman Langevin left Congress in 2023. Before he left, he worked on the Cyber Solarium Commission, helped establish the office of the National Cyber Director, and helped establish some of the authorities that allowed DHS to build CISA. Congressman Langevin has retired to work on issues in the state of Rhode Island. [7:43] Resilience's Midyear 2023 Claims Report covers events from January through June of 2023. They wanted to report the data with actionable analysis on top of it. Besides Resilience claims data, they analyzed public data from other organizations to understand Resilience's data in the context of the broader cybercrime trends. [9:08] Third-party vendor risk has always been a concern. The change is that fewer and fewer companies are paying extortions to ransomware actors. So now groups are targeting critical vendors and running data extortions with thousands of victims. They don't encrypt. Resilience clients have filed incident reports on these attacks from Clop. [9:47] How do you protect against vendor risk? Risk transfer through cyber insurance is so important. Don't just look at the risk mitigation side, but also the risks out of your control. Insurance helps absorb environmental risks. With vendors, you can require that they prove verification from certain audits, like the SOC 2 Audit. [10:30] You can have vendors tell you best practices they follow with other clients. Are they practicing what they're preaching with their data security? You can limit the data you share with them. By just working with any vendor, which we all have to do, you are assuming their risk if they're holding your data and they're not your company. [11:22] The ransomware criminal marketplace is a bunch of startups, taking the easiest path to revenue. Running a negotiation, locking up a company, and ensuring that you get access to their backups all take a lot of time. [11:52] It is easier to target companies that have highly sensitive data they wouldn't want exposed and threaten to release it. Resilience sees a lower rate of payment for these types of attacks but those who pay, end up paying large amounts. The Moveit attack and following attacks are estimated to have made Clop around $100 million. [12:44] The Resilience report discusses data from other groups that show less than 40% of encryption victims are paying ransom, down from 80% in 2022. Resilience works to prepare their clients against ransomware attacks and about 15% of their clients attacked by ransomware pay the ransom. That number has gone down since 2022. [15:06] Resilience helps clients to imagine the worst day for their clients. Let's work backward to ensure that the worst day doesn't happen. That thinking has been core in helping companies reduce paying extortions. When executives pay extortions, it's usually in a panic, thinking they can make this worst day immediately go away. [15:49] If criminal groups have access to your data, they will do everything they can to use it against you. Prepare to protect that data in a way that is incredibly secure or resilient or make your organization resilient to this type of pressure. That's the best thing you can do to limit financial loss and protect your customers from their worst day. [16:21] RIMS plug time! Upcoming Virtual Workshops: Visit RIMS.org/virtualworkshops to see the full calendar. December 7th starts the three-part course, Leveraging Data and Analytics for Continuous Risk Management, which will be led by our friend Pat Saporito. [16:42] Fundamentals of Insurance returns on December 12th and 13th. It will be led by our good friend Gail Kyomura. Information about these sessions and others is on the RIMS Virtual Workshops page. Check it out and register! [16:59] Metrics That Matter has cyber on their minds with Enhance Decision-Making Across Your Cybersecurity Program on November 7th. CLARA Analytics makes its RIMS debut on November 9th with Risk Management in the Era of Artificial Intelligence. [17:22] On November 16th, Nationwide returns to present U.S. Customs Surety Bonds: A Primer for Risk Professionals. On November 21st, Beazley returns to present Business Risk: Helping Your Executives to Navigate Today's Volatile Risk Environment. [17:41] On December 12th, Prepare Yourself for the New Generation of Risk with Riskonnect. On December 14th, Aon will be Addressing Today's Risks While Preparing for the Risks of Tomorrow. [17:54] Visit RIMS.org/Webinars to learn more about these webinars and to register! Links are in the show notes. Webinar registration is complimentary for RIMS members. [19:01] After the Colonial Pipeline attack, the U.S. security establishment got much more serious about ransomware. Defense against cybercrime was something that had been left up to the private sector. The administration started to take cybercrime seriously and cooperate with industry, working with CISA and the FBI heavily to fight back. [19:48] When the War in Ukraine happened, the cooperation between the public and private sectors in the fight against ransomware intensified. As organizations have become more resilient against paying extortion, cybercriminals have to go after the big guys to get a payment. Cybercrime is indiscriminate between industries it targets. [20:29] In Q1, 2023 there was a tide of cybercrime targeting healthcare organizations. In Q2, there was a big tide against manufacturing organizations. Clop then hit a few vendors for educational organizations. Organizations like MGM and Caesar's which were hit, have massive networks full of devices they monitor, with different networks. [21:13] MGM refused to pay, while Caesar's paid the extortion. The reporting shows that Caesar's has had an easier road to recovery. It may make more economic sense for large companies to pay the extortion. But that's a bad message. That's what has Resilience concerned. More complex clients, though better defended, are likely to pay. [22:02] Groups like Clop are choosy about their targets and prioritize large organizations with a lot to lose. To successfully defend cyber in an enterprise, all the tech teams must work together and not remain siloed. Incentives have to come from the top that get the CIO, Risk, and Finance planning budgets together. It's how your team works together. [23:06] Davis served briefly on the National Security staff in the Obama Administration after working in Homeland Security. [23:22] After the Obama Administration, a lot of the National Security staff moved to the private sector. Some continued to fight the security fight. The CEO of Resilience is a part-time Reservist working in Cyberdefense. He sees the national-level mission and the larger cyber trends. [24:18] Most insurance is not operational; it's reactionary, working with prior data to price the risk. In cyber, you're too late if you're taking that approach. Resilience has a threat intelligence team, taking in data much faster than a traditional insurance organization. [25:07] Resilience is standing up a team that is working to provide technical analysis and trend analysis. They will show the large trends and the reasons they are happening, and validation from Resilience data and partner data. They're combining financial loss and impact with threat intelligence they are monitoring from the security team. [26:59] Davis says the tactic of encryptionless distortion is an evolution of the cybercrime business model, making it more efficient and effective. It's a call to action for security. Building better widgets will not out-innovate these guys. We have to build better strategies and better business models that take their business models down. [27:28] Resilience is working to build a better resilient flywheel, with insurance, visibility, and working with clients to address that will ultimately lead to lower financial loss for clients and the Resilience insurance company. They want to push the flywheel faster and faster until they can get inside the adversary's business model. [28:03] Special thanks again to Davis Hake for joining us on RIMScast. The link to the Midyear Report is in this episode's show notes. [28:13] Go to the App Store and download the RIMS App. This is a special members-only benefit. Everybody loves the RIMS App! [28:37] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate! Contact pd@rims.org for more information. [29:21] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. The RIMS app is available only for RIMS members! You can find it in the App Store. [29:46] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [30:02] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com and in print, and check out the blog at RiskManagementMonitor.com. Justin Smulison is Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [30:25] Thank you for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: Riskworld 2024 — San Diego, CA | May 5–8, 2024 Embrace The Unknown: Unleashing the Power of Risk | Hosted Live & In-Person by RIMS NZ & PI | Feb 12, 2024 | Register early to save 18%​: Dan Kugler Risk Manager on Campus Grant RIMS-Certified Risk Management Professional (RIMS-CRMP) NEW FOR MEMBERS! RIMS Mobile App Resilience Midyear 2023 Claims Report RIMS Webinars: Enhance Decision-Making Across Your Cybersecurity Program | Sponsored by Metrics That Matter | Nov. 7, 2023 Risk Management in the Era of Artificial Intelligence | Sponsored by CLARA Analytics | Nov. 9, 2023 An Introduction to U. S. Custom Surety Bonds | Sponsored by Nationwide | Nov. 16, 2023 Business Risk: Helping your Executives Navigate Today's Volatile Risk Environment | Sponsored by Beazley | Nov. 21, 2023 Prepare Yourself for the New Generation of Risk | Sponsored by Riskonnect | Dec. 12, 2023 Addressing Today's Risks While Preparing for Tomorrow | Sponsored by Aon | Dec. 14, 2023 RIMS.org/Webinars Upcoming Virtual Workshops: Leveraging Data and Analytics for Continuous Risk Management | Dec 7 See the full calendar of RIMS Virtual Workshops All RIMS-CRMP Prep Workshops — Including Chris Mandel's Dec 13–14 Course Related RIMScast Episodes: “Cybersecurity Awareness Month 2023 with Pamela Hans of Anderson Kill” “Cybersecurity Reporting Updates with Hilary Tuttle of Risk Management Magazine” “Cybersecurity and Insurance Outlook 2023 with Josephine Wolff” “Genuine Generative AI Talk with Tom Wilde of Indico Data” “Getting to Know Jackware with Dan Healy of Anderson Kill” Sponsored RIMScast Episodes: “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. (New!) “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response “Cyberrisk Outlook 2023” | Sponsored by Alliant “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster “Technology, Media and Telecom Solutions in 2023” | Sponsored by Allianz “Analytics in Action” | Sponsored by Alliant “Captive Market Outlook and Industry Insights” | Sponsored by AXA XL “Using M&A Insurance: The How and Why” | Sponsored by Prudent Insurance Brokers Ltd. “Zurich's Construction Sustainability Outlook for 2023” “Aon's 2022 Atlantic Hurricane Season Overview” “ESG Through the Risk Lens” | Sponsored by Riskonnect “A Look at the Cyber Insurance Market” | Sponsored by AXA XL   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars Risk Management Magazine Risk Management Monitor RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring Darius Delon! Spencer Educational Foundation RIMS DEI Council   RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play RIMS Buyers Guide Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org and listen on Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest Davis Hake Co-Founder of Resilience   Tweetables (Edited For Social Media Use): Instead of encryption for ransom, it is easier to target companies that have highly sensitive data they wouldn't want to be exposed and threaten to release it. — Davis Hake   Most insurance is not operational; it's reactionary, working with past data to price the risk. In cyber, you're too late if you're taking that approach. — Davis Hake   The current tactic of encryptionless distortion is an evolution of the cybercrime business model, making it more efficient and effective. It's a call to action for security. — Davis Hake    

@BEERISAC: CPS/ICS Security Podcast Playlist
From Incident to Regulation: TSA Pipeline Regulations

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Oct 26, 2023 26:20


Podcast: Today with ISSSourceEpisode: From Incident to Regulation: TSA Pipeline RegulationsPub date: 2023-10-23There is no doubt the Colonial Pipeline ransomware attack was a watershed incident for the oil and gas sector. As a result, the Transportation Security Administration released a prescriptive set of regulations for owners and operators of pipelines and LNG facilities which were very rigid. Then in July last year, after great consternation from the industry, a more flexible set of regulations released and now this July, another set of regulations released. Just what is the impact of the TSA Pipeline Security Directive on the Oil & Gas sector.The podcast and artwork embedded on this page are from Gregory Hale, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
From Incident to Regulation: TSA Pipeline Regulations

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Oct 26, 2023 26:20


Podcast: Today with ISSSourceEpisode: From Incident to Regulation: TSA Pipeline RegulationsPub date: 2023-10-23There is no doubt the Colonial Pipeline ransomware attack was a watershed incident for the oil and gas sector. As a result, the Transportation Security Administration released a prescriptive set of regulations for owners and operators of pipelines and LNG facilities which were very rigid. Then in July last year, after great consternation from the industry, a more flexible set of regulations released and now this July, another set of regulations released. Just what is the impact of the TSA Pipeline Security Directive on the Oil & Gas sector.The podcast and artwork embedded on this page are from Gregory Hale, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Deep Dive Radio Show and Nick's Nerd News
Your Breaches of the Week! October 16 to October 22, 2023

The Deep Dive Radio Show and Nick's Nerd News

Play Episode Listen Later Oct 22, 2023 22:08


23andMe, Casio, Colonial Pipeline, Okta and US voter data are all reasons why pubs exist.

@BEERISAC: CPS/ICS Security Podcast Playlist
A look at a Whole-of-State cybersecurity strategy.

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Oct 20, 2023 51:52


Podcast: Control Loop: The OT Cybersecurity Podcast (LS 35 · TOP 3% what is this?)Episode: A look at a Whole-of-State cybersecurity strategy.Pub date: 2023-10-18Microsoft on the state of OT security. Israeli and Palestinian hacktivists target ICS. Coinmining as an (alleged, potential) front for espionage or stage for sabotage. EPA withdraws water system cybersecurity memorandum. Colonial Pipeline says new ransomware claims are due to unrelated third-party breach. Most organizations are struggling with IoT security. CISA views China as the top threat to US critical infrastructure. Improving security for open-source ICS software. CISA ICS advisories. Guest Kuldip Mohanty, CIO of North Dakota, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Kuldip shares how critical infrastructure is treated within the "Whole-of-State” cybersecurity strategy his team implements in North Dakota. On the Learning Lab, Mark Urban shares the first part of his conversation about cyber threat intelligence with Paul Lukoskie, who is Dragos' Director of Intelligence Services.Control Loop News Brief.Microsoft on the state of OT security.Microsoft Digital Defense Report 2023 (Microsoft)Microsoft Digital Defense Report: Behind the Scenes Creating OT Vulnerabilities (aDolus)Zero-days affect industrial routers.10 zero-day vulnerabilities in industrial cell router could lead to code execution, buffer overflows (Cisco Talos)Israeli and Palestinian hacktivists target ICS.Hacktivists in Palestine and Israel after SCADA and other industrial control systems (Cybernews)Coinmining as an (alleged, potential) front for espionage or stage for sabotage.Across U.S., Chinese Bitcoin Mines Draw National Security Scrutiny (The New York Times)EPA withdraws water system cybersecurity memorandum.EPA withdraws cyber audit requirement for water systems (Nextgov)Colonial Pipeline says new ransomware claims are due to unrelated third-party breach.Reports of second cyberattack on Colonial Pipeline false, company says (Fox 5 Atlanta)Colonial Pipeline attributes ransomware claims to ‘unrelated' third-party data breach (The Record)Most organizations are struggling with IoT security.New Global Survey Reveals 97% of Organizations Face Challenges Securing IoT and Connected Devices (Keyfactor)Ransomware attack on Clorox.Clorox Security Breach Linked to Group Behind Casino Hacks (Bloomberg)Clorox Warns of a Sales Mess After Cyberattack (The Wall Street Journal)CISA views China as the top threat to US critical infrastructure.China is top cyber threat to US utilities, other critical infrastructure: CISA (Utility Dive)Improving security for open-source ICS software.Improving Security of Open Source Software in Operational Technology and Industrial Control Systems (CISA)CISA's ICS advisories.Mitsubishi Electric MELSEC-Q Series PLCs (Update A) (CISA)CISA Releases Nineteen Industrial Control Systems Advisories (CISA)Control Loop Interview.Guest is Kuldip Mohanty, CIO of North Dakota, discussing how critical infrastructure is treated within the “whole of state” security strategy used in North Dakota.Control Loop Learning Lab.On the Learning Lab, Mark Urban is joined by Dragos' Director of Intelligence Services, Paul Lukoskie, to examine cyber threat intelligence. Control Loop OT Cybersecurity Briefing.A companion monthly newsletter is available through free subscription and on the CyberWire's website.The podcast and artwork embedded on this page are from N2K Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Control Loop: The OT Cybersecurity Podcast
A look at a Whole-of-State cybersecurity strategy.

Control Loop: The OT Cybersecurity Podcast

Play Episode Listen Later Oct 18, 2023 51:52


Microsoft on the state of OT security. Israeli and Palestinian hacktivists target ICS. Coinmining as an (alleged, potential) front for espionage or stage for sabotage. EPA withdraws water system cybersecurity memorandum. Colonial Pipeline says new ransomware claims are due to unrelated third-party breach. Most organizations are struggling with IoT security. CISA views China as the top threat to US critical infrastructure. Improving security for open-source ICS software. CISA ICS advisories. Guest Kuldip Mohanty, CIO of North Dakota, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Kuldip shares how critical infrastructure is treated within the "Whole-of-State” cybersecurity strategy his team implements in North Dakota. On the Learning Lab, Mark Urban shares the first part of his conversation about cyber threat intelligence with Paul Lukoskie, who is Dragos' Director of Intelligence Services. Control Loop News Brief. Microsoft on the state of OT security. Microsoft Digital Defense Report 2023 (Microsoft) Microsoft Digital Defense Report: Behind the Scenes Creating OT Vulnerabilities (aDolus) Zero-days affect industrial routers. 10 zero-day vulnerabilities in industrial cell router could lead to code execution, buffer overflows (Cisco Talos) Israeli and Palestinian hacktivists target ICS. Hacktivists in Palestine and Israel after SCADA and other industrial control systems (Cybernews) Coinmining as an (alleged, potential) front for espionage or stage for sabotage. Across U.S., Chinese Bitcoin Mines Draw National Security Scrutiny (The New York Times) EPA withdraws water system cybersecurity memorandum. EPA withdraws cyber audit requirement for water systems (Nextgov) Colonial Pipeline says new ransomware claims are due to unrelated third-party breach. Reports of second cyberattack on Colonial Pipeline false, company says (Fox 5 Atlanta) Colonial Pipeline attributes ransomware claims to ‘unrelated' third-party data breach (The Record) Most organizations are struggling with IoT security. New Global Survey Reveals 97% of Organizations Face Challenges Securing IoT and Connected Devices (Keyfactor) Ransomware attack on Clorox. Clorox Security Breach Linked to Group Behind Casino Hacks (Bloomberg) Clorox Warns of a Sales Mess After Cyberattack (The Wall Street Journal) CISA views China as the top threat to US critical infrastructure. China is top cyber threat to US utilities, other critical infrastructure: CISA (Utility Dive) Improving security for open-source ICS software. Improving Security of Open Source Software in Operational Technology and Industrial Control Systems (CISA) CISA's ICS advisories. Mitsubishi Electric MELSEC-Q Series PLCs (Update A) (CISA) CISA Releases Nineteen Industrial Control Systems Advisories (CISA) Control Loop Interview. Guest is Kuldip Mohanty, CIO of North Dakota, discussing how critical infrastructure is treated within the “whole of state” security strategy used in North Dakota. Control Loop Learning Lab. On the Learning Lab, Mark Urban is joined by Dragos' Director of Intelligence Services, Paul Lukoskie, to examine cyber threat intelligence.  Control Loop OT Cybersecurity Briefing. A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Malicious Life
Should You Pay Ransomware Attackers? A Game Theory Approach

Malicious Life

Play Episode Listen Later Oct 17, 2023 32:38


The FBI explicitly advises companies against paying ransomware attackers - but itself payed 4.4 million dollars worth of Bitcoin after the Colonial Pipeline attack. So, should you listen to what the experts say, or follow what they occasionally do? It's complicated, but we can model this problem.Advertising Inquiries: https://redcircle.com/brands

The Gate 15 Podcast Channel
Weekly Security Sprint EP 38. Protests, hostile events, security vulnerabilities and reports and more.

The Gate 15 Podcast Channel

Play Episode Listen Later Oct 16, 2023 25:19


In this week's security sprint, Dave and Andy talk about the following topics: Israel War Director Wray Addresses International Association of Chiefs of Police Conference.  FBI director warns of rise in terror threats against Americans, potential copy-cat attacks on US soil. Faith Based Updates: FB-ISAO Newsletter, v5, Issue 10 The White House Office of Faith-Based and Neighborhood Partnerships releases Allied Against Hate: A Toolkit for Faith Communities - Tools and Resources to Protect Places of Worship DHS: Resources and Information for Faith and Community Leaders Regarding the Situation in Israel   Hostile Events State Fair of Texas evacuated after shooting, one suspect in custody Suspect charged in State Fair of Texas shooting that injured 3 School plot: https://www.news4jax.com/news/local/2023/10/06/3-creekside-high-students-facing-charges-for-school-threat-hit-lists-deputies-say/   Nation State. 12 October 2023 NCSC / FBI Safeguarding Our Future bulletin – Russian Intelligence Poses a Persistent Threat to the United States.  IBM Security Intelligence: 10 years in review: Cost of a Data Breach   Quick Hits Signal says there is no evidence rumored zero-day bug is real. Ransomware: CISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware. As part of the Ransomware Vulnerability Warning Pilot (RVWP), CISA launched two new resources for combating ransomware campaigns: Ransomware Vulnerability Warning Pilot updates: Now a One-stop Resource for Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware Colonial Pipeline was hacked. No, wait, Accenture was hacked. No, wait….. untangling claims. (2) Colonial Pipeline Denies Breach by RANSOMEDVC Ransomware Group Reports of second cyberattack on Colonial Pipeline false, company says Robert M. Lee on ransomware group statement. Newest Ransomware Trend: Attackers Move Faster with Partial Encryption The Week in Ransomware - October 13th 2023 - Increasing Attacks US Secret Service: Announcing a New Series of Live Virtual Presentations on Targeted Violence Prevention.  CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments CISO Research Reveals 90% of Organizations Suffered At Least One Major Cyber Attack in the Last Year; 83% Report Ransomware Payments FTC Data Shows Consumers Report Losing $2.7 Billion to Social Media Scams Since 2021 UK NCSC: Mastering your supply chain: A new collection of resources from the NCSC can help take your supply chain knowledge to the next level EPA calls off cyber regulations for water sector    

Geopolitics Decanted by Silverado
Why 702 is America's most valuable intelligence program: Interview with the FBI

Geopolitics Decanted by Silverado

Play Episode Listen Later Sep 7, 2023 52:09


Dmitri Alperovitch sits down with Bryan Vorndran, Assistant Director of FBI's Cyber Division, to discuss why FISA Section 702 is by far the most valuable intelligence program in the US government's arsenal and is responsible for the majority of the most valuable intelligence the country collects. In this episode, Vorndran provides some examples of 702 successes including disrupting attempted assassination plots of American officials by a foreign country and identifying the perpetrator of the Colonial Pipeline hack and recovering the paid ransom. Vorndran also highlights compliance issues that the FBI has faced with the program and what it is doing to address them going forward.

Hometown Stories
Hometown Stories Episode 68 - FBI Tips on Staying Protected Against Sophisticated Ransomware

Hometown Stories

Play Episode Listen Later Jul 19, 2023 22:17


In recent months, a local public school district had to close because of a ransomware attack.  In the spring, Bluefield University also fell victim that ensnared operations there for weeks.  Two years ago, our entire region was dealing with the effects of a cyber-attack against the Colonial Pipeline. As our online networks get more sophisticated, so do the bad guys.  In this episode of Hometown Stories, a member of FBI Richmond's Cyber Squad joins us for a discussion about our cyber vulnerabilities and ways we can stay protected. 

The Cyber Ranch Podcast
The Real Implications of Contemporary Exploits with Anne Marie Zettlemoyer

The Cyber Ranch Podcast

Play Episode Listen Later Jun 28, 2023 35:00


The MOVEit breach has been top of mind, especially with Solar Winds and Colonial Pipeline and log4j and all the others having been so recent.  It is easy to blame the victims.  It is easy to make excuses that nobody can defend against a Zero Day.  There are a lot of easy responses to these kinds of affairs. But what Allan and Anne Marie Zettlemoyer get into in this episode is a variety of questions around the assumptions: Start with a quick summary of the MOVEit exploit and Clop.  How does this attack compare to SolarWinds? What can we do to prepare for zero-day exploits? Is society (and the business world) getting jaded to ransomware attacks and breaches? Is this affecting their investments in cyber? Is a post-breach CISO really rolling in the assets and resources the way so many assume? What are the long-term implications for a business, its stock prices, and its CISO investment? This is another episode that strives to get deeper than the surface.  We hope you learn something from it, and we hope you enjoy it as well.  Y'all be good now! Sponsored by our good friends at Dazz: Dazz takes the pain out of the cloud remediation process using automation and intelligence to discover, reduce, and fix security issues—lightning fast. Visit Dazz.io/demo and see for yourself.

The Cyberlaw Podcast
Yet Another Synthetic Moral Panic Over Privacy

The Cyberlaw Podcast

Play Episode Listen Later Jun 21, 2023 58:32


Senator Ron Wyden (D-Ore.) is to moral panics over privacy what Andreessen Horowitz is to cryptocurrency startups. He's constantly trying to blow life into them, hoping to justify new restrictions on government or private uses of data. His latest crusade is against the intelligence community's purchase of behavioral data, which is generally available to everyone from Amazon to the GRU. He has launched his campaign several times, introducing legislation, holding up Avril Haines's confirmation over the issue, and extracting a Director of National Intelligence report on the topic that has now been declassified. It was a sober and reasonable explanation of why commercial data is valuable for intelligence purposes, so naturally WIRED magazine's headline summary was, “The U.S. Is Openly Stockpiling Dirt on All Its Citizens.” Matthew Heiman takes us through the story, sparking a debate that pulls in Michael Karanicolas and Cristin Flynn Goodwin. Next, Michael explains IBM's announcement that it has made a big step forward in quantum computing.  Meanwhile, Cristin tells us, the EU has taken another incremental step forward in producing its AI Act—mainly by piling even more demands on artificial intelligence companies. We debate whether Europe can be a leader in AI regulation if it has no AI industry. (I think it makes the whole effort easier, pointing to a Stanford study suggesting that every AI model we've seen is already in violation of the AI Act's requirements.) Michael and I discuss a story claiming persuasively that an Amazon driver's allegation of racism led to an Amazon customer being booted out of his own “smart” home system for days. This leads us to the question of how Silicon Valley's many “local” monopolies enable its unaccountable power to dish out punishment to customers it doesn't approve of. Matthew recaps the administration's effort to turn the debate over renewal of section 702 of FISA. This week, it rolled out some impressive claims about the cyber value of 702, including identifying the Colonial Pipeline attackers (and getting back some of the ransom). It also introduced yet another set of FBI reforms designed to ensure that agents face career consequences for breaking the rules on accessing 702 data.  Cristin and I award North Korea the “Most Improved Nation State Hacker” prize for the decade, as the country triples its cryptocurrency thefts and shows real talent for social engineering and supply chain exploits. Meanwhile, the Russians who are likely behind Anonymous Sudan decided to embarrass Microsoft with a DDOS attack on its application level. The real puzzle is what Russia gains from the stunt.  Finally, in updates and quick hits, we give deputy national cyber director Rob Knake a fond sendoff, as he moves to the private sector, we anticipate an important competition decision in a couple of months as the FTC tries to stop the Microsoft-Activision Blizzard merger in court, and I speculate on what could be a Very Big Deal – the possible breakup of Google's adtech business. Download 463rd Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

The Cyberlaw Podcast
Yet Another Synthetic Moral Panic Over Privacy

The Cyberlaw Podcast

Play Episode Listen Later Jun 21, 2023 58:32


Senator Ron Wyden (D-Ore.) is to moral panics over privacy what Andreessen Horowitz is to cryptocurrency startups. He's constantly trying to blow life into them, hoping to justify new restrictions on government or private uses of data. His latest crusade is against the intelligence community's purchase of behavioral data, which is generally available to everyone from Amazon to the GRU. He has launched his campaign several times, introducing legislation, holding up Avril Haines's confirmation over the issue, and extracting a Director of National Intelligence report on the topic that has now been declassified. It was a sober and reasonable explanation of why commercial data is valuable for intelligence purposes, so naturally WIRED magazine's headline summary was, “The U.S. Is Openly Stockpiling Dirt on All Its Citizens.” Matthew Heiman takes us through the story, sparking a debate that pulls in Michael Karanicolas and Cristin Flynn Goodwin. Next, Michael explains IBM's announcement that it has made a big step forward in quantum computing.  Meanwhile, Cristin tells us, the EU has taken another incremental step forward in producing its AI Act—mainly by piling even more demands on artificial intelligence companies. We debate whether Europe can be a leader in AI regulation if it has no AI industry. (I think it makes the whole effort easier, pointing to a Stanford study suggesting that every AI model we've seen is already in violation of the AI Act's requirements.) Michael and I discuss a story claiming persuasively that an Amazon driver's allegation of racism led to an Amazon customer being booted out of his own “smart” home system for days. This leads us to the question of how Silicon Valley's many “local” monopolies enable its unaccountable power to dish out punishment to customers it doesn't approve of. Matthew recaps the administration's effort to turn the debate over renewal of section 702 of FISA. This week, it rolled out some impressive claims about the cyber value of 702, including identifying the Colonial Pipeline attackers (and getting back some of the ransom). It also introduced yet another set of FBI reforms designed to ensure that agents face career consequences for breaking the rules on accessing 702 data.  Cristin and I award North Korea the “Most Improved Nation State Hacker” prize for the decade, as the country triples its cryptocurrency thefts and shows real talent for social engineering and supply chain exploits. Meanwhile, the Russians who are likely behind Anonymous Sudan decided to embarrass Microsoft with a DDOS attack on its application level. The real puzzle is what Russia gains from the stunt.  Finally, in updates and quick hits, we give deputy national cyber director Rob Knake a fond sendoff, as he moves to the private sector, we anticipate an important competition decision in a couple of months as the FTC tries to stop the Microsoft-Activision Blizzard merger in court, and I speculate on what could be a Very Big Deal – the possible breakup of Google's adtech business. Download 463rd Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.

On with Kara Swisher
Sorry, Donald. Jen Easterly Plans To Make Elections Boring Again.

On with Kara Swisher

Play Episode Listen Later Jun 12, 2023 64:19


Donald Trump signed the Cybersecurity & Infrastructure Security Agency into existence in 2018 with the mandate to protect America's infrastructure from threats digital and physical. Trump also made CISA a household name when he fired the department's head in 2020 for noting that, no, the election was not stolen. Today, we hear from Jen Easterly, the woman who now runs CISA and has the job of preventing another SolarWinds or Colonial Pipeline attack as well as preventing foreign and domestic attacks in an election environment that has become highly politicized. Her goal? Make elections boring again. BTW, do you have any burning questions on career, love or life where you'd like Kara or Nayeema's advice? Call 1-888-KARA-PLZ and leave us a voicemail. Questions? Comments? Email us at on@voxmedia.com or find us on Instagram. We're @karaswisher and @nayeemaraza. Learn more about your ad choices. Visit podcastchoices.com/adchoices

Best of the Left - Leftist Perspectives on Progressive Politics, News, Culture, Economics and Democracy
#1480 The Cyberwar Did Not Begin with Cyber Pearl Harbor (Repost)

Best of the Left - Leftist Perspectives on Progressive Politics, News, Culture, Economics and Democracy

Play Episode Listen Later Apr 5, 2023 79:24


Original Air Date 4/2/2022 Today we take a look at the modern reality of cyber war. It's not the mass destruction of attacks that were imagined to look like a "Cyber Pearl Harbor" but the much more subtle cyber attacks that often fly under the radar and live in the grey area in attempts to inflict harm without provoking counterattack. Be part of the show! Leave us a message or text at 202-999-3991 or email Jay@BestOfTheLeft.com  Transcript BestOfTheLeft.com/Support (Get AD FREE Shows and Bonus Content) SHOW NOTES Ch. 1: Andy Greenberg - Longform - Air Date 12-11-19 Andy Greenberg is a senior writer for Wired. His new book is Sandworm. “I kind of knew I was never going to get access to Sandworm, which is the title of the book - so it was all about drawing a picture around this invisible monster.” Ch. 2: How America's gas got hacked - Today, Explained - Air Date 5-12-21 The largest-known ransomware attack on American energy infrastructure is driving up gas prices and creating shortages. Wired's Lily Hay Newman says Colonial Pipeline might be a turning point for cybersecurity. Ch. 3: Is Russia at War with the West? Part 1 - The Inquiry - Air Date 11-21-18 There are currently a number of serious allegations made in the West against Russia. They include the attempted murder of the former spy Sergei Skripal on British soil; interference in the 2016 US election; the hacking of the American electricity grid. Ch. 4: How prepared is the U.S. to fend off cyber warfare? Better at offense than defense, author says - PBS NewsHour - Air Date 8-6-18 Sanger joins Judy Woodruff to discuss the threats and realities, how the U.S. wages cyber warfare, and how prepared the U.S. is to stop attacks. Ch. 5: Is Russia at War with the West? Part 2 - The Inquiry - Air Date 11-21-18 Ch. 6: Russia Perfected Its Cyberwarfare In Ukraine — America Could Pay The Price - Think | NBC News - Air Date 11-23-19 Russia has been practicing cyberwar in a real-life test lab — Ukraine. Andy Greenberg, author of 'Sandworm', recounts how Russia went from repeatedly shutting down Ukraine's infrastructure to unleashing worms that caused billions of dollars in damage. Ch. 7: Is World War III Already Here? - Your Undivided Attention - Air Date 1-3-22 Warfare has changed so fundamentally, that we're currently in a war we don't even recognize. It's the war that Russia, China, and other hostile foreign actors are fighting against us — weaponizing social media to undermine our faith in each other MEMBERS-ONLY BONUS CLIP(S) Ch. 8: The Hackers Who Took Down the Colonial Pipeline - What Next: TBD | Tech, power, and the future - Air Date 5-21-21 Last week, a hacker group called DarkSide shut down the Colonial Pipeline, which supplies 45 percent of the fuel consumed on the East Coast. Gas prices skyrocketed, people started hoarding gas, and DarkSide walked away with over $4 million in Bitcoin. VOICEMAILS Ch. 9: Puberty blockers experimental? - Maria in Pennsylvania FINAL COMMENTS Ch. 10: Final comments on the deception and logical fallacies at the heart of critiques of gender affirming care MUSIC (Blue Dot Sessions): Opening Theme: Loving Acoustic Instrumental by John Douglas Orr  Voicemail Music: Low Key Lost Feeling Electro by Alex Stinnent Closing Music: Upbeat Laid Back Indie Rock by Alex Stinnent   Produced by Jay! Tomlinson Visit us at BestOfTheLeft.com Listen Anywhere! BestOfTheLeft.com/Listen Listen Anywhere! Follow at Twitter.com/BestOfTheLeft Like at Facebook.com/BestOfTheLeft Contact me directly at Jay@BestOfTheLeft.com