Mai 19, 2022

Cyber Threat Fatigue: A To The Point Cybersecurity Podcast Recap

Lionel Menchaca

The current volatile cyber landscape is causing many agencies and organizations to feel cyber threat fatigue. When overwhelmed with threats, it can be difficult to adequately prioritize and address them. But now more than ever, it’s crucial to cut through the noise.

To The Point Cybersecurity podcast has featured a variety of experts, who have shared their thoughts on some of the most urgent threats agencies are facing, such as ransomware, wiper malware and supply chain breaches.

For security practitioners feeling overwhelmed by the growing threat landscape, these episodes offer a shortcut to prioritizing some of the most urgent threats faced by organizations today. If you’re a cyber expert, or wish you were, we invite you to listen to these specific episodes covering detection, mitigation, and reaction, or better yet, to subscribe to our podcast.

Here's a quick overview of some of our most popular episodes since late Q4 last year:

 

A Conversation with Chris Krebs – Ep. 162

First, Chris Krebs, founding partner of Krebs Stamos Group and the first Director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), joined us to discuss ransomware. While this threat is hardly new, having been around for at least a decade, Krebs dubbed this “the year of ransomware” from a public visibility perspective. The potential for ransomware attacks on critical infrastructure, from natural gas pipelines to defense bases, is real and growing. Because criminals have figured out how to monetize the vulnerabilities of cyber infrastructure, Krebs explained, we need to shift national security, law enforcement, and cyber command efforts to stopping them.

 

Log4Shell for the Holidays with Dr. Richard Ford – Ep. 164

Next, Dr. Richard Ford, Chief Technology Officer at Praetorian, joined the podcast to discuss Log4Shell, which he described as the worst zero-day event of his career. Log4Shell, a vulnerability in a popular Java logging library, was yet another detrimental cyberattack—one that enterprises will be dealing with for the foreseeable future. Because the vulnerability lies so deep within people’s clouds, bad actors could have already gained access without them knowing. In addition to breaking down the impact of the attack, Dr. Ford explained how static analysis of code and moving to open-source can help prevent the next zero-day vulnerability. Having systems in place, such as good asset inventory, can also make it so organizations are able to more rapidly address vulnerabilities when they arise.

 

Predicting Cybersecurity Insurance and AI Futures with Josephine Wolff – Ep. 168

The aforementioned rise in ransomware has countless implications. On this episode, Dr. Josephine Wolff, Associate Professor of Cybersecurity Policy at Tufts University’s Fletcher School and author of the book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches,” outlined how the huge spike in ransomware has affected cyber insurance. Many big insurers have been forced to rethink their risk models—and some have suffered ransomware attacks themselves. She explained some of the fundamental challenges with cyber insurance and how they relate to the current threat landscape. Looking forward, Wolff described how artificial intelligence can be used to detect and respond to cyberattacks, such as more sophisticated and advanced anomaly detection.

 

What Natural Disasters Can Teach Us About Cyberattack Response with Dr. Samantha Ravich – Ep. 169

Dr. Samantha Ravich, Chairman for the Center on Cyber and Technology Innovation at Foundation for Defense of Democracies, joined the podcast to discuss rising international tensions and how bad actors work to undermine economics and democracy. She has worked with countless renowned government leaders and offers important advice about how a cyberattack response should be prioritized and implemented—particularly when preparing for attacks against critical infrastructure and essential services. One way to prepare for the growing number of threats is to avoid strategic surprise. This involves knowing the cyber plans and capabilities of major adversaries—both with regard to technology and motives—and knowing who is on the front lines of the attack landscape.

 

Evel Knievel of Storytelling with Joe Uchill – Ep. 171

Speaking of international tensions, Joe Uchill, senior reporter at SC Magazine, joined to podcast to discuss cyber tactics being used in the Russia/Ukraine conflict. DDoS attacks began just before the actual invasion did, but Russian aggression against Ukraine via cyber attacks is not new. In recent history, Russia caused two major blackouts and launched NotPetya, which quickly went out of control. Uchill discussed tactics we’ve seen in the conflict so far—including the multiple rounds of wipers, the multiple rounds of DDoS attacks, the SMS spam—and how they relate to on-the-ground attacks. He also covered the impact of decentralized hacking volunteers and the Conti ransomware group.

 

Overall, these episodes provide a holistic picture of some of the cybersecurity industry’s most pressing challenges in conjunction with insights from leading experts. Agencies and organizations are fighting an uphill battle to cut through the noise of the threat landscape and prioritize their cyber defenses.

Staying on top of the ever-changing cyber threat landscape is no easy feat, but we’ll be sure to cover whatever cyber curveballs come next. We publish new episodes on Tuesday mornings each week. You can always listen to all the episodes here on Forcepoint.com.

Or better yet, subscribe today wherever you get your podcasts via the links below:

Lionel Menchaca

As the Senior Digital Communications & Content Manager, Lionel leads Forcepoint's social media and blogging efforts. He's responsible for the company's global editorial strategy and is part of a core team responsible for content strategy and execution on behalf of the company.

 ...

Read more articles by Lionel Menchaca

À propos de Forcepoint

Forcepoint est une entreprise leader en cybersécurité pour la protection des utilisateurs et des données. Son objectif est de protéger les entreprises tout en stimulant la transformation et la croissance numériques. Nos solutions s’adaptent en temps réel à la façon dont les personnes interagissent avec les données, et offrent un accès sécurisé tout en permettant aux employés de créer de la valeur.