In this episode, we are speaking with Rob Morgus, Director of Research and Analysis at the U.S. Cyberspace Solarium Commission. He is the lead author on a new white paper which uncovers parallels between the COVID-19 pandemic and the cyber threat landscape. He also explains new cybersecurity priorities the Commission published as a result of lessons from the coronavirus response. Says Morgus:
"The bottom line is that the United States on cybersecurity—and now we're experiencing something similar—has experienced a number of wake up calls over the last decade, decade and a half. In 2014, hacking OPM, and we didn't really improve the state of our government cybersecurity in 2015. In 2016, we saw Russia turn off the power grid in Ukraine, and we haven't really taken massive steps to improve the security of our power grid. We saw NotPetya and WannaCry in 2017-2018; we haven't really done much to lock down our critical systems. And now we're experiencing the pandemic, which is a massive disruption.
These have all been opportunities for us to wake up and smell the roses, and we continually sort of hit the snooze button. And the main contention, and if you take away one thing from the pandemic white paper, it is that now is the time to invest. We've had plenty of opportunities to say, hey, we need to do this. We should have the foresight to do so, and now I think we're seeing that it's more urgent than ever."
Will we heed the wake up call from COVID-19?
Also, Trend Micro shares ransomware mitigation techniques for Maze ransomware.
Listen on your favorite podcast platform, or here:
Links from the show:
• Trend Micro research on Maze ransomware mitigation techniques: https://www.trendmicro.com/vinfo/us/security/threat-intelligence-center/security-strategies-for-enterprises/ent-threats-ransomware
• White Paper #1 (June 2020) by U.S. Cyberspace Solarium Commission (PDF): https://drive.google.com/file/d/1wCHVtIFlw84uZIPOTZe2nkdGau15fLAQ/view
• March 2020 U.S. Cyberspace Solarium Commission Report: https://www.solarium.gov/report
• SecureWorld Remote Sessions webcast briefings: https://www.secureworldexpo.com/resources?cat=remote-sessions
• Deep dive web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences
The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization.
Generously supported by: