Third Party Therapy Third Party Therapy - Stephen Boyer - The Changing World of Cyber Monitoring
Jan 20, 2025
Stephen Boyer, co‑founder and Chief Innovation Officer at BitSight, draws on MIT cyber research to quantify and manage cyber risk. He discusses rising nation‑state sophistication, conflict-driven wiper attacks and ransomware economics. Conversation covers cloud concentration versus third‑party interdependence, continuous data-driven monitoring, automating responses, and practical steps for scaling supply-chain oversight.
AI Snips
Chapters
Transcript
Episode notes
Private Sector Faces Military Grade Cyber Threat
- Nation-state level cyber attacks now target private sector infrastructure, not just governments.
- Stephen Boyer cites examples like water utilities, oil/gas facilities and regional airports being targeted as part of geopolitical operations.
Cloud Aggregation Creates Single Points Of Failure
- Cloud and SaaS interconnection increases systemic risk by concentrating many customers under large providers.
- Stephen Boyer notes using professionalized services reduces some risks but creates massive single targets like Microsoft or AWS.
Monitor Vendors With Continuous Telemetry
- Continuously monitor third parties with telemetry rather than rely solely on point-in-time questionnaires.
- BitSight collects billions of internet signals to verify vendor claims, detect vulnerabilities, versions and compromises in near real time.