Afleveringen
-
In the latest episode of the Risk Roundtable, in a nod to Jen, the team goes full nerd about a series of new cybersecurity products and reports. Starting off with CISA's Known Exploited Vulnerabilities Catalog Jen can barely contain her excitement about the importance of the report while also addressing the challenges organizations face. Dave, clearly out of his element, tries to counter with his own report - Sophos' The State of Ransomware 2022 report that reminded everyone ransomware is still alive and well....and thriving. Shifting to the roulette round, Dave assumes control, albeit briefly, while Jen and Andy talk about various innovative methods organizations can take to strenghten their internal programs and processes. The roundtable wrapped up with some lighter topics during Andy's three questions that were perfect for the time of year.
Some of the links discussed in the pod include:
Sophos: The State of Ransomware 2022: https://news.sophos.com/en-us/2022/04/27/the-state-of-ransomware-2022/ PDF in DB
KEV https://www.cisa.gov/known-exploited-vulnerabilities-catalog
CISA, FBI, NSA, and International Partners Warn Organizations of Top Routinely Exploited Cybersecurity Vulnerabilities: https://www.cisa.gov/news/2022/04/27/cisa-fbi-nsa-and-international-partners-warn-organizations-top-routinely-exploited
The Gate 15 Interview: Cannabis ISAO. https://gate15.global/the-gate-15-interview-ben-taylor-on-cannabis-isao-cannabis-industry-security-cybersecurity-rescue-dogs-and-more/
The Cybersecurity Evangelist: Ep 18 – Space Systems are Critical Infrastructure for Critical Infrastructure: https://gate15.global/the-cybersecurity-evangelist-ep-18-space-systems-are-critical-infrastructure-for-critical-infrastructure%EF%BF%BC/
Cofense Annual Phishing Report Highlights 10 Point Increase in Credential Phishing: https://cofense.com/press/cofense-annual-phishing-report-highlights/
S4x22 ICS Security Event: https://s4xevents.com/
OT/ICS Security – Consequence-driven Cyber-informed Engineering (CCE): https://www.waterisac.org/portal/otics-security-%E2%80%93-consequence-driven-cyber-informed-engineering-cce (edited) -
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ben Taylor, Executive Director for the Cannabis ISAO. Ben Taylor is the Executive Director of the Cannabis-ISAO. Ben also serves as a Risk Analyst to several Information Sharing & Analysis Centers and has previous security and operations experience as an Army Officer as well as working through the Department of Homeland Security’s (then) Office of Infrastructure Protection (now part of the Cybersecurity and Infrastructure Security Agency [CISA]). Ben has also spent several years in marketing and partner development roles within the tourism industry, to include working to promote Cannabis tourism in Oakland, California. To learn more about Cannabis ISAO, visit the Cannabis ISAO website, or on Twitter: @CannabisISAO and LinkedIn.
In the discussion we address:
Ben’s background and the work he’s doing with Cannabis-ISAO today Some background on the development of Information Sharing and Analysis Centers (ISACs) and Organizations (ISAOs) Physical security challenges for the Cannabis Industry Cybersecurity threats and issues facing the sector Scams, and other threats facing the community Among other topics, Ben plays three questions with Andy to discuss dogs, favorite books, and more!A few references mentioned in or relevant to our discussion include:
Cannabis ISAO website https://cannabisisao.org Cannabis ISAO Security Town Hall https://cannabisisao.org/2022/03/cannabis-security-town-hall/ Cannabis ISAO blog and Director’s Cut posts https://cannabisisao.org/home/blog/ Cannabis ISAO Director’s Cut: December 03, addressing a ransomware incident in the Cannabis Industry https://cannabisisao.org/home/report-incident/ Report an Incident - Cannabis ISAO https://cannabisisao.org/home/report-incident/ Get Involved - Cannabis ISAO https://cannabisisao.org/home/get-involved/ Executive Order -- Promoting Private Sector Cybersecurity Information Sharing (13 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari Executive Order -- Improving Critical Infrastructure Cybersecurity (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity Presidential Policy Directive -- Critical Infrastructure Security and Resilience (12 Feb 2015) https://obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-security-and-resil PDD-63 - Critical Infrastructure Protection (20 May 1998) https://clinton.presidentiallibraries.us/items/show/12762 Nerd Out Security Panel Discussion: EP 13. Cannabis ISAO! (18 May 2021) https://gate15.global/nerd-out-security-panel-discussion-ep-13-cannabis-isao/ The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 – Faith-Based ISAO (10 Mar 2021) https://gate15.global/the-cybersecurity-evangelist-ep-8-the-isac-series-part-4-faith-based-isao/ Blog Post: So why a Cannabis ISAO? (02 Apr 2021) https://cannabisisao.org/2021/04/blog-founder/ Tucky Blunt Twitter https://twitter.com/BluntTucky Uncle Ike’s https://ikes.com/locations/white-center/ -
Zijn er afleveringen die ontbreken?
-
There was no shortage of topics for the Nerd Out gang to get into this month as Dave, Bridget and Joe dug into recent events. Starting off with some follow ups to hurricane predictions, outdoor festivals, and Piers Morgan (is it marketing or misinformation), the team batted around some of some of the challenges with these areas and some recent publications that can help teams plan for moving forward. Then the nerds really got into some great discussions around monitoring and situational awareness around recent incidents in NYC (subway shooting) and Ohio (arrest of security guard), as well as the escalated protests around the Quran burning in Sweden and if organizations need to think about copy-cats or a revival of protests and demonstrations this coming summer. Wrapping up with an attempt to be fun, the gang just showed how big of nerds they are yet still managed to give some suggestions for light-hearted shows or materials.Discussed on the pod:Conspiracy Theories: https://www.npr.org/2022/04/20/1093698123/online-conspiracy-theories-are-bleeding-into-all-parts-of-georgias-politicsAstroWorld Report: https://gov.texas.gov/news/post/governor-abbotts-texas-task-force-on-concert-safety-releases-final-reportJoe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
-
A chat with Erin Miller, Executive Director of Space ISAC, from the 37th Space Symposium
Have you ever thought about just how much reliance there is on space systems and how satellites – tons of them – are actually flying computers with IP addresses? In an episode that is out of this world, the Gate 15 Podcast Channel welcomes back a very special guest – Erin Miller, Executive Director of Space ISAC on the 18th episode of The Cybersecurity Evangelist – to talk about all that and more from the 37th Space Symposium at The Broadmoor in Colorado Springs. From an event that Erin called, “bigger than Disneyland,” we talked about the importance of securing space systems, the pivotal role that Space ISAC is playing to increase the cybersecurity posture for the global space community, and the general passion for cybersecurity among attendees and speakers at the symposium.
Resources mentioned in this episode:
Space ISAC 37th Space Symposium Dr. Stacey Dixon (LinkedIn) – Principal Deputy Director of National Intelligence, ODNI CISA Director, Jen Easterly (Twitter) Women in Cybersecurity (WiCyS) Alert (AA22-076A) Strengthening Cybersecurity of SATCOM Network Providers and Customers Purdue University University of Colorado Colorado Springs Colorado Springs Chamber & EDC United States Space Force United States Space Command United States Air Force Academy The Gate 15 Interview Ep. 16: Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!) -
Little did Andy know when he let Dave take the controls that he would turn it into a mini-McLaughlin Group (those in the DMV know). In this format Andy and Jen talked about four key questions around Ukraine while Dave attempted to moderate. This discussion dove deep into concerns around the current conflict in the Ukraine, Russian capabilities and organizational defenses, as well as key areas for organizations to remain mindful of! The group landed with a dud when a pop star question fell flat, but Jen quickly picked up and talked about her recent conference attendance and meeting some power people (hi CISA Jen!). The group wrapped up with some some reminders and quick hits before heading into Andy's final 3 questions.
Some of the reference mentioned in the pod include:
https://criticalinfrastructuredefense.org/
https://www.cisa.gov/shields-up
https://www.cisa.gov/uscert/shields-technical-guidance
https://www.cyberscoop.com/ukraine-russia-us-cybersecurity-companies/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/29/mitigating-attacks-against-uninterruptable-power-supply-devices
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/17/strengthening-cybersecurity-satcom-network-providers-and-customers
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/15/russian-state-sponsored-cyber-actors-access-network-misconfigured
https://www.cisa.gov/uscert/ncas/current-activity/2022/03/24/state-sponsored-russian-cyber-actors-targeted-energy-sector-2011
https://www.ic3.gov/Media/News/2022/220325.pdf -
The gang is back together as Bridget Johnson and Joe Levy join Dave on the podcast to catch up on what they've missed while turning their attention to Ukraine and outdoor events. Within Ukraine, the nerdites talked about the effects of the current conflict, TikTok and the evolving information wars to include disinformation and misinformation campaigns on all sides, and what some outcomes may be long term. The gang then turned to thoughts of warmer weather and the upcoming outdoor events and activities. Looking at it through a security lens the Bridget, Joe and Dave looked at some important considerations while also keeping focus on those other events leading up to the 2022 election season. Before wrapping up with some pointed security plugs, the team talked about hurricane predictions and outdoor events to look forward to.
Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/
Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
-
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Gary Warner, Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB) and the Director of Threat Intelligence for DarkTower. From his LinkedIn bio, “Gary is the ‘Director of Research in Computer Forensics’ for the University of Alabama at Birmingham (UAB). In this role, which brings together the Computer Science and Criminal Justice departments, he is concentrating on research that will help law enforcement and other security professionals to identify, apprehend, prosecute and convict those who are committing cybercrime, and spread information to victims and potential victims about cybercrime issues. 90 analysts and programmers work in the UAB Computer Forensics Lab building tools and providing intelligence for a variety of clients around Cybercrime, Fraud, and Terrorism, as well as the Social Media aspects of more traditional crimes, including Gang Activity and Transnational Drug Networks. In addition to his duties at UAB, Warner serves as the Director of Threat Intelligence for DarkTower, a subsidiary of Queen Associates in Charlotte, North Carolina. Gary Warner was the founding president of the Birmingham InfraGard chapter, and has served as secretary and member of the board of the InfraGard National Members Alliance, among other roles.
Read more on LinkedIn. Gary on Twitter: @GarWarner. Gary’s blog: CyberCrime & Doing Time; A Blog about Cyber Crime and related Justice issues. “Malware analysis is a team sport” – Gary Warner, on information sharing, during our podcast recording In the discussion we address:
• Gary’s backstory and the work he’s doing today
• Information sharing and the value of plugging into information sharing communities
• The great work being done by the FBI and CISA
• The importance of knowing your competition, China, Russia, and ongoing threats
• Some of Gary’s go-to resources
• Gary talks about haikus, Talking Heads, GarBot, birdwatching, and more! “CISA, it's a new era of info sharing in the government” before giving some shout outs to CISA’s first Director, Chris Krebs, and current Director, Jen Easterly
A few references mentioned in or relevant to our discussion include:
• CISA’s Known Exploited Vulnerabilities Catalog (KEVC), something Gate 15’s Jen Walker raves about often, including in our recent Risk Roundtable: The Risk Roundtable EP 27: Don’t let bias guide your preparedness (07 Mar 22). https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• Gary discussed this event: Justice Department Announces Court-Authorized Effort to Disrupt Exploitation of Microsoft Exchange Server Vulnerabilities (13 Apr 21) https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-effort-disrupt-exploitation-microsoft-exchange
• BITNET https://bit.net
• FBI SENTINEL System https://www.fbi.gov/services/information-management/foipa/privacy-impact-assessments/sentinel
• Intellipedia https://en.wikipedia.org/wiki/Intellipedia
• REN-ISAC https://www.ren-isac.net
• Gary’s four CISA “must watch” sites from the CISA cyber landing page:
o Current activity: https://www.cisa.gov/uscert/ncas/current-activity
o Alerts: https://www.cisa.gov/uscert/ncas/alerts
o Bulletins: https://www.cisa.gov/uscert/ncas/bulletins
o Analysis: https://www.cisa.gov/uscert/ncas/analysis-reports
• Gary strongly encouraged listeners to check CISA Director Jen Easterly’s “about” section in her LinkedIn profile to understand why she is so excellently qualified to be the woman leading CISA today (something Chris Krebs, her predecessor at CISA agrees with)
-
This month, The Cybersecurity Evangelist chats with a couple of budding podcasters. For the third appearance on the Gate 15 Podcast Channel, the Health Information Sharing and Analysis Center (H-ISAC) joins me for episode 17.
I got to put my ISAC analyst hat on and talk with the heart of Health-ISAC – the dynamic duo of Zach Nelson (Threat Operations Center Manager) and Joshua Justice (Senior Cyber Threat Intelligence Analyst) from the Threat Operations Center about what drives Health-ISAC and the goals of the Threat Operations Center – the privacy and security of our protected health information (PHI) and why threat actors want that information – yours and mine! We also talked a little about cross-sector collaboration, especially between the ISACs, and rounded it out with a general reminder for all to be #BeCyberSmart about phishing themes leveraging the Russia-Ukraine conflict.
Resources mentioned in this episode
Health-ISAC H-ISAC Events The Gate 15 Interview: A Conversation with Errol Weiss, Chief Security Officer, Health-ISAC (27 July 2020) Nerd Out Security Panel Discussion: EP 15. Let’s talk about Health! (July 2021) Current and Emerging Healthcare Cyber Threat Landscape (watch for the TLP:WHITE version of this report) What To Know About Medical Identity Theft (FTC) -
In the latest Risk Roundtable, Andy, Jen, and Dave talk about the war in Ukraine and what it means for preparedness. Sometimes you just have to call a spade a spade and not allow personal, political or other bias to affect your organization’s analysis or preparedness. While Andy and Dave throw flags on their previous predictions, Jen brings us back to reality and talks about being aware, being prepared, and reminds “don’t panic.” Andy then drills down on bias and how it can have an impact on organizations.
During the Roulette Round, Jen talked about CISA’s Known Exploited Vulnerabilities Catalog, vulnerabilities, and patching (while Dave ensured it wasn’t his Windows 2000 computer exposure that Jen was referring to…), then Dave brought up the importance of disaster preparedness in light of spring and summer severe weather events. Andy wrapped things up with a quick talk about the “People’s Convoy” and the battle of the Washington, D.C. Beltway! The pod wraps up with three questions – from COVID predictions, to Andy’s confusion about when seasons start, to Batman.
Link mentioned in the pod include: CISA’s Shields Up webpage: https://www.cisa.gov/shields-up CISA: Russia Cyber Threat Overview and Advisories. https://www.cisa.gov/uscert/russia#russian And our post on the Gate 15 blog from 03 March, Russian Cybersecurity Threats: 5 Asks from the FBI: https://gate15.global/russian-cybersecurity-threats-5-asks-from-the-fbi/ Bridget Johnson on Twitter, and at Homeland Security Today (HS Today) CISA Adds 95 Known Exploited Vulnerabilities to Catalog (03 Mar 22): https://www.cisa.gov/uscert/ncas/current-activity/2022/03/03/cisa-adds-95-known-exploited-vulnerabilities-catalog WaterISAC: Update (March 3, 2021) – 95 Added to CISA’s Known Exploited Vulnerabilities Catalog (03 Mar 22): https://www.waterisac.org/portal/cisa’s-known-exploited-vulnerabilities-catalog Microsoft: Customer Guidance for WannaCrypt attacks (12 May 17): https://msrc-blog.microsoft.com/2017/05/12/customer-guidance-for-wannacrypt-attacks/ ZDNet Ransomware attack: Hospitals still struggling in aftermath of WannaCrypt's rampage (15 May 17): https://www.zdnet.com/article/ransomware-attack-hospitals-still-struggling-in-aftermath-of-wannacrypts-rampage/
-
Why Scammers Love Love Too! On Episode 16, The Cybersecurity Evangelist talks about love! Well, more specifically romance scams. I talked about the social engineering component of romance scams, a few fraud reports and financial losses due to romance scams, red flags that could indicate someone you know is caught in a romance scam, some common and practical steps to defeating romance and other types of social engineering based scams, and the importance of reporting romance scams. No matter how painful, falling for a romance scam is nothing to be ashamed of. Romance scams can happen to anyone at any age.
Resources mentioned in this episode:
The Gate 15 SUN https://paper.li/gate15#/ (subscribe!!) FTC https://www.consumer.ftc.gov/ & ReportFraud.FTC https://reportfraud.ftc.gov/#/ Stop. Think. Connect. https://stopthinkconnect.org/ Stay Safe Online (National Cybersecurity Alliance) https://staysafeonline.org/ Cybercrime Support Network (CSN) https://cybercrimesupport.org/ Fight Cybercrime https://fightcybercrime.org/ Identity Theft Resource Center (ITRC) https://www.idtheftcenter.org/ -
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Joseph Marks, Washington Post reporter for The Cybersecurity 202. From his Washington Post bio, “Joe Marks writes The Cybersecurity 202 newsletter focused on the policy and politics of cybersecurity. Before joining The Washington Post, Marks covered cybersecurity for Politico and Nextgov, a news site focused on government technology and security. He also covered patent and copyright trends for Bloomberg BNA and federal litigation for Law360. Marks began his career at Midwestern newspapers covering city and county governments, crime, fires and features. He spent two years at the Grand Forks Herald in North Dakota and is originally from Iowa City. Joe on Twitter, @Joseph_Marks_. Joe on LinkedIn. Subscribe to The Cybersecurity 202.
In the discussion we address:
Joe’s background and the work he’s doing today at the Washington Post Joe’s perspective on “insider the beltway” cybersecurity The Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity and geopolitical threats Joe plays three questions and more!A few references mentioned in or relevant to our discussion include:
Subscribe to The Cybersecurity 202 https://www.washingtonpost.com/newsletters/the-cybersecurity-202/ The Cybersecurity 202: The cyber fight in Ukraine is getting more serious, 16 Feb https://www.washingtonpost.com/politics/2022/02/16/cyber-fight-ukraine-is-getting-more-serious/ The Cybersecurity 202: Cyber’s role in the Ukraine-Russia crisis remains unclear, 15 Feb https://www.washingtonpost.com/politics/2022/02/15/cybers-role-ukraine-russia-crisis-remains-unclear/ Jen Easterly's Keynote at the Munich Cybersecurity Conference - Just one word: Culture! On YouTube. https://www.youtube.com/watch?v=Hgr4h8ufxVU Deputy Attorney General Lisa O. Monaco Delivers Remarks at Annual Munich Cyber Security Conference https://www.justice.gov/opa/speech/deputy-attorney-general-lisa-o-monaco-delivers-remarks-annual-munich-cyber-security An interesting thread on Twitter from Doug Madory (@DougMadory), Director of Internet Analysis at Kentik (@kentikinc), on the assertion that Russia had cut a subsea cable when it annexed Crimea, mentioned without detail in the podcast. https://twitter.com/dougmadory/status/1488608548099612674?s=21 Our recent Gate 15 Risk Roundtable where Dave, Jen and I talk Ukraine and Jen shares some thoughts on preparedness: The Risk Roundtable EP 26: Making the Quantum Leap! CISA: Shields Up https://www.cisa.gov/shields-up CISA: Russian State-Sponsored Actors Target Cleared Defense Contractor Networks, 16 Feb https://www.cisa.gov/uscert/ncas/current-activity/2022/02/16/russian-state-sponsored-actors-target-cleared-defense-contractor CISA: Alert (AA22-047A) - Russian State-Sponsored Cyber Actors Target Cleared Defense Contractor Networks to Obtain Sensitive U.S. Defense Information and Technology, 16 Feb https://www.cisa.gov/uscert/ncas/alerts/aa22-047a CISA: Russia Cyber Threat Overview and Advisories https://www.cisa.gov/uscert/russia -
Dave goes solo again to handle some common questions he faces, but only after sharing some of his thoughts on the Olympics and his favorite t.v. shows. But then getting down to business Dave talked about three questions - starting your security plan (now), getting into the business (be flexible and get your foot in the door), and the security shortage (invest in your people). Security is a challenge but it's even harder when you put it off time and time again - get started and refine and improve. Dave then gets on his soapbox and tells others to get off his yard when talking about getting into the business while having organizations stop complaining about the lack of talent and instead investing in their own to build a strong workforce. Along the way, Dave even said a nice thing about Andy.
-
In the first Risk Roundtable of 2022 - the gang is finally back in the same country again to talk about the latest security issues. Not that they went back in time, but harkening back to the Cold War, the roundtable talked about the current tensions between Ukraine and Russia. Highlighting the differences form that bygone era, Jen talked about the global reach that Russia has to target organizations well beyond the European Continent. Dave then expounded and reminded listeners of the importance of looking at capabilities and not focused on a far off land. Then Jen gave Andy much credit for recognizing our hero Troy Hunt for all the great work that he, and other security professionals and teams who provide services for free or low costs. Before going into Andy's three questions Dave expounded a bit and talked about the Global Risk Report from the World Economic Forum. The gang ended on some fun talking about Valentine's Day, Quantum Leap, and Boba!
Some links:
Link to Ronnie video Ronnie Rants on You Tube https://youtu.be/kd1dXZcncgI
Known exploited vulnerabilities https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Buy me a coffee. ‘I’m no Troy Hunt’ https://gate15.global/opinion-the-best-things-in-life-are-free-like-hibp-but-maybe-chip-in/
WEF: Global Risk Report https://www.weforum.org/reports/global-risks-report-2022
CIS: https://www.cisecurity.org/controls/cis-controls-list/ -
In the latest episode of Nerd Out, Dave starts off by talking about his recent quarantine experience in Costa Rica (21 days!) before welcoming in a panel to discuss the Colleyville, Texas synagogue attack. Bringing in Mayya Saab, Seth Ozer, and Ed Heyman the panel went through the hostile event and looked at initial reactions, what can be learned from this situation, and some of the key takeaways. The team then stressed the importance of training in this situation, but also discussed several low cost options and ways to make their location more secure. Mayya Saab is the Executive Director of the Faith-Based Information Sharing and Analysis Organization (FB-ISAO); Seth Ozer is Senior Consultant with Woodstone Consulting, LLC; Ed Heyman is the co-chair of the FB-ISAO Organizational Residence Group
-
Please enjoy this episode of The Gate 15 Interview podcast on Anchor, Spotify, Apple, Google, as well as other locations accessible via the Anchor link or almost anywhere you listen to your favorite podcasts.
In this episode of The Gate 15 Interview, Andy Jabbour speaks with Ronnie Tokazowski, Principal Threat Advisor at Cofense. Ronnie is a recognized expert cybersecurity researcher with success in reverse engineering both crimeware and Advanced Persistent Threat malware, including creation of decoders and indicators for detecting malicious attacks. When he’s not frustrating bad guys, Ronnie is an accidental YouTuber, likes cooking, spicy food, and memes. Ronnie on Twitter, @iHeartMalware. Ronnie’s YouTube channel: Ronnie Rants.
In the discussion we address:
Ronnie’s background and the work he’s doing at Cofense
Business Email Compromise (BEC)
Voodoo (no, seriously…)
Ronnie’s hair
and more!
“(at Cofense), we try to go back to the human…” – Ronnie Tokazowski, during our discussion, 10 Jan 2022
A few references mentioned in or relevant to our discussion include:
What 6 Years of Success in a Global Takedown Operation Looks Like, and How You Can Do It, Too, a Medium post by Ronnie, 02 Jan
Cofense
Faith-Based Information Sharing and Analysis Organization (FB-ISAO)
FBI on Business Email Compromise (numerous links to BEC related information from the FBI)
FBI 2020 IC3 Annual Report & 2020 State Reports
G4 Boyz x G4Choppa "Scam Likely" (Official Video)
G4 Boyz feat. G4Choppa - SBA Job (Official Music Video)
G4Choppa & G4 Boyz - “In Scam We Trust” (Official Music Video - WSHH Exclusive)
Here’s Ronnie providing some commentary: Fun with Fraudsters - Reacting to SBA Job by G4 Boyz
Cofense Wins AI-Based Cybersecurity Solution of the Year in 2021 CyberSecurity Breakthrough Awards, 05 Oct 2021
Cofense Joins Microsoft Intelligent Security Association (MISA), 26 Oct 2021
Channel Insider: Best Email Security Providers & Services 2022, 23 Dec 2021
Traffic Light Protocol (TLP) Definitions And Usage, via CISA
In our discussion, Ronnie mentions Brian Krebs’ Krebs on Security blog (and on Twitter, @briankrebs). Some links to his BEC-related posts can be accessed here. -
This first TCE episode of 2022 (and first video - on Spotify) includes a few gentle and some not-so-gentle reminders on cybersecurity best practices and practices for better cyber hygiene. I start with a few cybersecurity controls for businesses to buckle down on this year, including identifying assets, vetting vulnerabilities, and pursuing more potent password policies. Then, I actually persist on the password point with some pontification about our predilection for problematic passwords and propose pointers for a more polished password posture.
While there’s probably nothing new in this episode, I hope it serves as a gentle nudge to promote better cyber hygiene habits – not just resolutions for 2022, but positive habits to develop for all-time toward a more cyber secure you! I also evangelize for a new CISA resource - the Known Exploited Vulnerabilities Catalog.
Other resource mentioned in this episode: https://www.consumer.ftc.gov/articles/password-checklist
-
The Gate 15 Interview: RILA Perspective on Organized Retail Crime, plus Mama’s Meatballs, Country Music and Jersey Rock n’ RollIn this episode of The Gate 15 Interview, Andy Jabbour speaks with two leaders from the Retail Industry Leaders Association (RILA), Ms. Lisa LaBruno, RILA’s Senior Executive Vice President of Retail Operations, and Mr. Michael Hanson, RILA’s Senior Executive Vice President of Public Affairs. The RILA “is the U.S. trade association for leading retailers. RILA partners with leading retailers to meet the challenges of a dynamic economy. Through collaboration and thought leadership, we advance ideas that foster free markets, competition, economic growth, and sustainability.” RILA on Twitter, @RILATweeets.In the discussion we address:
The enduring threat of Organized Retail Crime (ORC)
Private sector activity relating to ORC
Private-public partnership and legislative action on ORC
RILA’s focus for 2022
Country music, meatballs, Springsteen, and more!
A few references mentioned in or relevant to our discussion include:
RILA website - https://www.rila.org
Real Estate Information Sharing and Analysis Center (RE-ISAC)
RILA: CEOS Call on Congress to Address Surge of Retail Crime, 09 Dec 2021
The Buy Safe America Coalition
Impact of Organized Retail Crime and Product Theft, Buy Safe America
The INFORM Consumers Act of 2020, Buy Safe America
Retailers Press Amazon to Back INFORM Consumers Act, Buy Safe America, 27 Aug 2020
Durbin, Cassidy, Grassley, Hirono, Coons, Tillis Introduce Bill to Ensure Greater Transparency for Third-Party Sellers of Consumer Products Online (The Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers [INFORM Consumers] Act), 23 Mar 2021
Amazon: INFORM Act punishes small businesses and favors one particular business model, 28 Apr 2021
Buy Safe release announcing the study: Retail Theft Balloons to over $68 Billion, Buy Safe America
Homeland Security Express Concern on Retail Crime, Buy Safe America
‘What is organized retail crime? Organized retail crime (ORC) refers to professional shoplifting or other theft occurring in retail stores. These criminals are increasingly turning to online marketplaces to quickly and discretely move mass quantities of stolen merchandise. Unfortunately, these criminal rings are growing more brazen and violent, putting the safety of customers and store employees in jeopardy. Organized rings are often involved in other crimes within the community, including narcotics, money laundering and human trafficking.’ – Buy Safe America, https://www.buysafeamerica.org/myth-vs-facts
Lisa LaBruno is RILA’s Senior Executive Vice President of Retail Operations. In this role, LaBruno leads RILA’s efforts in the association’s key retail disciplines including asset protection, store operations, supply chain and e-commerce. She directs all research initiatives, educational programming for the annual LINK and Retail Asset Protection conferences, and executive networking to promote operational excellence within the industry. She has 30 years of relevant experience in both the public and private sector, including as an assistant prosecutor (Hudson County, NJ), in-house attorney at the Archdiocese of Newark and in-house attorney at The Home Depot and serves on the Board of Directors of the Loss Prevention Foundation.
Michael Hanson is RILA’s Senior Executive Vice President of Public Affairs, overseeing the Association’s government affairs and communications arms. Hanson is responsible for identifying the industry’s top public policy challenges and working with both leading retailers and key stakeholders to elevate the industry in Washington, DC and across the country. Hanson most recently served as chief public policy officer at Sabre, a leading travel technology company, where he led legi -
The last Nerd Out episode of the season comes out strong talking about retail crime as Bridget shared stories of her busting out shoplifting trends, and then talking about the larger security issues at play (specifically overwhelming security) with the latest smash and grab incidents during the holidays. Joe then talked about the ways that these type of issues could spread to other sectors and encouraged organizations to evaluate their processes and training. The nerds then turned the clock back to look at some of the takeaways from 2021 while looking ahead to 2022 to see what organizations can do to start planning for. And for all the areas that were covered, there were so many more highlighting the continued challenge that organizations face.Wrapping up the year on a fun note, the merry band of nerds talked about their favorite holiday movie. Can you guess them all? It's been quite a year for the Nerd Out podcast and we want to wish you all a safe holidays, and we are looking forward to a great 2022! Joe Levy is the chairman of the International Associate of Venue Managers (IAVM) Venue Safety and Security Committee. In addition, Joe is the Chief Operating Officer at the Usdan Center for the Creative & Performing Arts. IAVM website https://www.iavm.org/ Venue Safety and Security committee contact information: [email protected]; LinkedIn Profile: https://www.linkedin.com/in/joelevy1/ Bridget Johnson is the Managing Editor for Homeland Security Today. In addition her contributions on Homeland Security Today (hstoday.us), they are also running a series of webinars (Webinar signups, https://www.eventbrite.com/e/le-only-anti-government-extremists-who-they-are-how-to-combat-them-tickets-144507635227?aff=ebdsoporgprofile). Twitter: @BridgetCJ
-
In the latest episode of the Risk Roundtable, Andy leads the team through a review of the latest risks facing individuals and organizations. Jen decked the halls talking about the latest holiday scams that continue to bring coal to good boys and girls. Then Dave talked about the latest school shooting in Michigan and tried not to be a Scrooge by talking about some positive take-aways while highlighting important lessons still to be learned in Christmas future. Then, while Dave danced to spinning the wheel in his head, the roundtable talked about their favorite moments from across the Gate 15 Podcast Channel, after all, we are living in a physical world (Jen). The podcast wrapped up with some holiday cheer talking about favorite television or movies for the season. From all of us at Gate 15, to all of the security teams and organizations around the world, here is hoping for a happy holidays and a wonderful 2022! Companies Linked to Russian Ransomware Hide in Plain Sight. Cybersecurity experts tracing money paid by American businesses to Russian ransomware gangs found it led to one of Moscow’s most prestigious addresses. https://www.nytimes.com/2021/12/06/world/europe/ransomware-russia-bitcoin.html Gate 15 Releases a White Paper with an Update to the Hostile Event Attack Cycle. https://gate15.global/gate-15-releases-a-white-paper-with-an-update-to-the-hostile-event-attack-cycle/ Known Exploited Vulnerabilities Catalog | CISA. https://www.cisa.gov/known-exploited-vulnerabilities-catalog Advanced threat predictions for 2022. Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. https://securelist.com/advanced-threat-predictions-for-2022/104870/
-
In this episode of The Gate 15 Interview, Andy Jabbour talks with Robert (Bob) Kolasky, Cybersecurity and Infrastructure Security Agency’s (CISA) Assistant Director, leading the National Risk Management Center (NRMC) since 2018. At the NRMC, Bob “oversees the Center’s efforts to facilitate a strategic, cross-sector risk management approach to cyber and physical threats to critical infrastructure. The Center provides a central venue for government and industry to combine their knowledge and capabilities in a uniquely collaborative and forward-looking environment. Center activities support both operational and strategic unified risk management efforts.
” Bob’s complete DHS bio (https://www.cisa.gov/bob-kolasky). Bob on LinkedIn (https://www.linkedin.com/in/bob-kolasky-92ab554/). Bob on Twitter, @BobKolasky.
In the discussion we address:
• Bob’s background
• The CISA National Risk Management Center
• Election security and election integrity
• DHS’s role in 5G risk management
• DSH and climate change
• Designated sectors of critical infrastructure and some potential upcoming changes
• Growing up Gen X, music, pizza and more!
A few references mentioned in or relevant to our discussion include:
About the NRMC:
• The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC)
• Visit the NRMC Initiatives to learn more about each initiative - https://www.cisa.gov/nrmc-initiatives
• Visit the NRMC Newsroom for the latest press releases, media advisories, and blog articles - https://www.cisa.gov/nrmc-newsroom
• Download and share the National Risk Management Center Fact Sheet - https://www.cisa.gov/publication/national-risk-management-center-fact-sheet
Additional background (general):
• NSA-CISA Series on Securing 5G Cloud Infrastructures
• Auto-ISAC. We tipped our hats to Auto-ISAC Executive Director, Faye Francy.
• The Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC®) was established by the EIS-GCC to support the cybersecurity needs of the elections subsector. Through the EI-ISAC, election agencies will gain access to an elections-focused cyber defense suite, including sector-specific threat intelligence products, incident response and remediation, threat and vulnerability monitoring, cybersecurity awareness and training products, and tools for implementing security best practices
• White House: Readout of President Joseph R. Biden, Jr. Call with President Vladimir Putin of Russia, 09 Jul (RE: ransomware).
• White House: FACT SHEET: Ongoing Public U.S. Efforts to Counter Ransomware, 13 Oct.
• White House: Background Press Call on the Virtual Counter-Ransomware Initiative Meeting, 13 Oct.
• White House: Joint Statement of the Ministers and Representatives from the Counter Ransomware Initiative Meeting October 2021, 14 Oct.
Space as critical infrastructure:
• The Gate 15 Interview Ep. 16: Erin Miller, Executive Director, Space ISAC. Securing Space Infrastructure (and terrestrial critical infrastructure too!)
• INSA: Designating Space Systems As New U.S. Critical Infrastructure Sector, 02 Nov.
• Space hacking risks pose cyber policy test for Biden admin, 02 Nov.
• Aspen Institute Panel: Space as Critical Infrastructure, 03 Nov.
• Space could be the next frontier for cyber threats, 08 Nov.
• FACT SHEET: Vice President Harris Announces Initiatives on Space and Cybersecurity, 10 Nov.
Faith-Based organizations as critical infrastructure:
• Security Debrief: A Letter to the Trump Administration – Establish a Faith-Based Sector of Critical Infrastructure, 15 Jun 2020.
• The Cybersecurity Evangelist: EP 8 – The ISAC Series, Part 4 – Faith-Based ISAO
Climate Change:
• DHS Actions: Climate Change - https://www.dhs.gov/dhs-actions-climate-change
• White House Fact Sheet: Prioritizing Climate in Foreign Policy and National Security, 21 Oct.
• DHS Strategic Framework for Addressing Climate Change. “The U.S. Department - Laat meer zien
