CyberWire Daily

Caitlin Clarke, Senior Director for Cybersecurity Services at a major law firm, shares her insights on CISA 2015 and its crucial role in modern cybersecurity practices. The discussion reveals the U.S. withdrawal from global cybersecurity institutions and highlights the alarming Ni8mare vulnerability exposing workflow platforms. Caitlin explains how CISA 2015 facilitates real-time information sharing among sectors, while also addressing privacy concerns. On a lighter note, facial recognition technology is explored in its unique application to bear ecology.

Deepen Desai, Chief Security Officer at Zscaler, delves into the future of enterprise AI and cybersecurity. He reveals the rising risks of AI-driven attacks, emphasizing their speed and adaptability. Desai also discusses the necessity of observability and zero-trust strategies to counter these threats. Furthermore, he highlights the concentration risk from few AI vendors and the prevalence of unsanctioned AI applications in organizations. With real-world usage stats, he explains which sectors are leading in AI adoption.

Ilana Cohen, Chief Legal and Policy Officer at HackerOne and a former senior lawyer for President Obama, dives deep into the implications of the SolarWinds SEC dismissal for CISOs. She explains how it reduces personal risk for cybersecurity leaders but increases scrutiny on disclosures. Additionally, Cohen discusses the evolving landscape of cybersecurity regulations and the significance of aligning legal teams with organizational practices. The podcast also touches on various data breaches and the UK’s new Cyber Action Plan.

A city in Venezuela experiences a mysterious blackout, raising questions about whether it was caused by physical attacks or cyber threats. Trump halts a controversial chip technology deal while easing sanctions on Predator spyware. Greek officials investigate an air traffic communication failure, dispelling cyberattack claims. Meanwhile, the U.S. Army introduces a new officer role focused on AI and machine learning. Cybersecurity expert Troy Hunt discusses breach disclosure and the importance of transparency in addressing vulnerabilities.

Michael Scott, the Chief Information Security Officer at Immuta, shares his journey from the Navy to leading security for major restaurant brands like Arby's and Wendy's. He highlights the value of building teams of 'humble intellects,' emphasizing a culture focused on outcomes. Michael discusses the challenges of PCI compliance and cloud security, reflecting on how adversity shapes the security landscape. His advice for aspiring technologists centers on understanding business needs and fostering curiosity, aiming to enable and mentor within the industry.

Selena Larson, a staff threat researcher at Proofpoint, dives into the alarming world of MFA phishing. She outlines how threat actors impersonate legitimate services like Adobe using fake Microsoft OAuth apps, successfully stealing credentials through realistic phishing kits. Larson explains the mechanics of these attacks, including the methods used to bypass MFA and capture sensitive data. She concludes with recommendations for individuals and organizations to bolster security measures and stay vigilant against these evolving threats.

Curtis Simpson, CISO at Armis, dives into the intriguing world of cyber threats as he discusses the 'Hive Mind' phenomenon, where attackers collaborate and share resources on the dark web. He highlights how traditional defenses are inadequate against this adaptive threat network. Curtis explains the role of AI in prioritizing vulnerabilities and improving defensive strategies, advocating for a proactive approach to security. He emphasizes the need to build resilient systems that can respond at the speed of these evolving threats.

Wendi Whitmore, Chief Security Intelligence Officer at Palo Alto Networks, brings over 20 years of expertise in countering cyber threats. She discusses the alarming scale of China-linked cyber threats and the vulnerabilities in outdated operational technology. Wendi emphasizes the role of AI in threat detection and resilience, urging continuous intelligence sharing and scenario planning. She warns about the risks of AI in cyberattacks and advocates for automated detection systems. This insightful conversation highlights the urgent need for a proactive cybersecurity stance.

Dr. Lorrie Cranor, a leading researcher in usable security and the Director of the CyLab Security and Privacy Institute, joins Ann Johnson from Microsoft. They delve into why security tools often fail users, highlighting the disconnect between security design and real-world usability. Cranor discusses the persistent challenges with passwords, emerging strategies like passkeys, and the evolving expectations of privacy in today’s data-driven world. She emphasizes the need for user-centered design and practical testing to build effective security systems.

Crane Hassold, a Principal Security Researcher at Microsoft focusing on cybercrime and threat actors, joins Chloé Messdaghi, Senior Reporting Manager leading the Microsoft Digital Defense Report. They discuss the merging of nation-state operations with cybercrime, revealing that identity compromise is at the heart of 99% of attacks. The conversation delves into AI's dual role in enhancing attacks and bolstering defenses, while also unpacking trends in credential-based assaults and the rise of phishing. Their insights provide a valuable roadmap for organizations navigating today's complex cybersecurity landscape.