Future wars won’t be fought by the fittest and strongest with guns and bombs; it’ll be done from behind a keyboard and mouse.

That’s according to Marc Crudgington, based on the extensive research in his new book, “The Coming Cyber War.” The challenge, he says, is for both organizations and individuals to be prepared and how to handle the inevitable — the cyber attack that might clear them out financially or cause a life and death situation. 

The book is a solid page-turner, with incredible anecdotes — including the tale of an explosion 1/7th the size of the atomic bombs from World War II, deep in the heart of Siberia. The work also considers Crudgington’s extensive personal experience within the cybersecurity community, including his current role as a CISO of a major bank based in the Houston area. 

Crudgington had his “I can write a book” wake-up call while on a ferry ride on the Potomac, in the heat of a discussion with an industry colleague. It was 2016, and like many others in the industry, they were talking about the allegations of election meddling by outside actors like Russia through digital means. Geopolitical factors affecting security became top-of-mind for him, and it ultimately inspired him to start writing.

“I felt that the moment I stepped off the boat, I thought I had something to say,” he said. “There, I termed it ‘the coming cyber war,’ and then I started writing the book little by little.” (That title, by the way, just came naturally, Crudgington said.)

The book, according to Crudgington, covers the dynamics of the CISO’s relationship with company executives, members of the Board of Directors, and highlights the vital role of the individual contributor in the security of an entire organization. These dynamics are covered in their own individual sections, allowing for a full picture of what organizations are up against in the cyber war.

“You cannot just keep security in the basement anymore,” he said. “The relationship between CISOs and other executives and their boards

After several years of research and collecting various experiences, it was the COVID-19 pandemic that really fired up Crudgington’s writing process, thanks to the extra down-time while at home. With the changing security environment that includes working-from-home and even more cyber scams, the outcomes from the pandemic also shaped some of the content of the book, he said.  of directors is becoming incredibly important.”

This is (Cyber) War: Thoughts on The Future …

Interviews Posted by Jen Greco on Nov 10, 2020

Since COVID19 took over the national conversation in March, the world has changed in unprecedented ways. But what does life look like after the pandemic is behind us? What are our current and future threats? We talked to Cybersecurity expert EJ Hilbert and got his thoughts on the future of our country, as well as our industry.

For Hilbert, who has been a staple on the Data Connectors’ virtual summit circuit, the threats that exist stem from our lack of a “common enemy” — combined with a general lack of trust in the data presented by media and the government.

“Common enemies allow governments to join together and point in one direction while hiding the things they are doing that might equal criticism and impact their livelihood,” Hilbert said.

You might be saying to yourself, “What about the pandemic? What about global warming?” It’s not fair to describe those as a common enemy — they’re intangibles. We can’t put COVID-19 on trial, we can’t attribute any human qualities to global warming. It’s possible that our most recent global common enemy was Al Qaeda — collectively hated by the United States, Russia, China, and all their respective enemies. 

What happens when we don’t have a common enemy? Per Hilbert, it forces our social consciousness to look inward and look at ourselves. This brings forward the bevy of social justice issues — whether real or perceived — that have been cropping up across the country, he said. 

This civil unrest has likely been goaded by outside forces. His example is that of Russian and Chinese actors running the largest sets of bots and fake accounts that are searching and publicizing social issues in the United States — essentially forcing the national government to focus on the domestic crisis and is thus unable to focus externally.

“This is all done through data manipulation. Parties collect data on people, communities, et cetera, and profile them and pander their manipulation of data to those groups to sway opinions,” he said. “They do this by appearing as legit media outlets or government agencies to make people believe them. Mainstream media picks it up with limited background, and now it must be true.”

And unfortunately, the media retractions are often buried or lost in the news cycle. This leaves a few paths for the news consumer — accept the media’s narrative, or lose trust and turn to seek like-minded people and develop a cult mentality.

“This is the threat against the US. We can’t trust because everything is being manipulated.  We have nowhere to turn for the truth because the news is now about grabbing eyeballs via click bait headlines rather than reporting facts,” Hilbert said. 

He likened the follow up of the recent shooting of Jacob Blake. While the police were called for a domestic violence incident, along with a perpetrator trying to steal a car with children inside, there was a group looking to sow discontent in the United States by leaving out the crime — simply publishing “Police Shoot Black Man in the Back” — intentionally leaving out context. 

“If you can control beliefs, you can get people to fight each other and that can all be done through data, not guns or bombs,” Hilbert said. “It is a cyber-enabled attack, meaning it is a real world attack that can be expanded via the Internet.”

This isn’t a crazy conspiracy or anything like that, either — the idea of Psy-Ops has been used in limited capacity, like Radio-Free Europe (and mentioned in a previous post in this very blog). 

“Data manipulation based attacks have been red-teamed by multiple groups in multiple nations,” Hilbert said. “If you use it on an adversary there is nothing stopping them from using it on you.  It’s almost a mutually assured destruction type scenario. The US is using it on its foes and they are using it on us in return.”

Want to hear more from EJ? Check out his brand new podcast, “My Junk,” and come hear him give our Day 1 Keynote at the Data Connectors SoCal Virtual Cybersecurity Summit on Oct. 14.

Interview: EJ Hilbert on the Post-Pandemic …

Hot Topics in Cybersecurity Posted by Jen Greco on Sep 30, 2020

Our friends at ISC^2 have competed their 2020 Cybersecurity Perception study. And if it teaches us anything, it’s that cybersecurity is a pretty darn great career path – just not one that most respondents would want to pursue themselves. 

It’s sort of the career equivalent of that rom-com trope — “I love you, but I’m not in love with you.” Generally speaking, people are happy to be “friends” with cybersecurity… but they’re just not looking for a relationship right now. Sigh.

This news actually lands somewhere between heartening and disheartening. After all, only 1% of the 2500 people surveyed described cybersecurity as a “bad” career path. Who wouldn’t want to be generally considered smart, technically skilled and as “good guys fighting cyber crime” — as the survey summary suggests? But, as great as it is on this side of the fence, 69% say that while it’s a good career path, it’s not one they’d be interested in taking on.

The study found that Generation Z (those currently younger than 24) have the most negative view on cybersecurity as a career path. This is troubling, as the job market is flooding with more “Zoomers” each year (as the Boomers make their way to the Social Security office). 

So where’s that leave us? With an ever-growing 3 million (million!!) open jobs in cybersecurity across the globe, the study is a good reminder that we need to leave the door open for younger generations to pour in.

ISC^2 agrees, a widening the appeal of cybersecurity to include non-technical components and a variety of different roles, increasing educational opportunities, and developing a more focused effort in recruiting. 

At the New Orleans & Little Rock Cybersecurity Summit on Sept. 24, Michael Osterman of Osterman Research discussed the widening skills gap in the industry. In fact, he cited that his research found that three in five organizations found that the skills shortage is either “serious” or “very bad.”

The biggest issue is in filling positions related to proactive threat hunting and threat intelligence. Staffing issues on these topics presents a major issue within organizations — nearly a third of organizations reported that the lack of professionals skilled in proactive threat hunting presented a serious or extremely serious problem.

The Dire Consequences of the Cybersecurity …

Hot Topics in Cybersecurity Posted by Jen Greco on Sep 23, 2020

Kenrick 3.0 is on his way.

After a long stint setting up a full-scale data security architecture at a major bank in Bermuda, followed by a few major career changes that landed him perfectly in law enforcement — Detective Constable Kenrick Bagnall of the Toronto Police Service has had his fair share of learning experiences.

His life on the island as an IT pro? That is Kenrick 1.0.

His life as a cyber crime-fighter? That’s Kenrick 2.0.

With that experience, comes some great advice. After the Data Connectors team sat down with the Detective Constable at the TPS C3 (that’s Coordinated Cyber Centre), he certainly wasn’t short on insights for everyday Canadians, business owners, and anyone looking to enter law enforcement in the future. 

FROM THE IT DEPARTMENT TO THE FRONT LINES

After coming back to Toronto after spending many years in Bermuda as the Vice President of Information Technology at a major bank, he set his goal to be a consultant — but the work just wasn’t what he’d wanted it to be.

Heading back into the private sector wasn’t a right fit either after he’d been met with the “Overqualified” label time and time again. 

It wasn’t until a family friend showed him a clear path into the Toronto Police Service — specifically the tech crime unit that was fairly new in the mid-2000s. Long story short, he took the test, got hired and was in training inside of a month. But at the start, he was on the front lines. 

“I was a 42-year-old rookie. “The Rookie” show on TV — that was me,” Bagnall said. 

After he’d had his fair share of physical altercations during arrests, chases, and more. Despite dipping his toe in tech crime, he realized it wasn’t the perfect fit after all. But with that, he took a more investigative track. That led him into fraud investigation, followed by the cyber division in 2015. 

“The rest, as they say, is history… as far as Kenrick 2.0 is concerned.”

Now, his focus is on helping the community stay informed about some of the threats that they face. 

“I truly enjoy what I do, I’m like a kid in a candy store. When I come to work, I get ‘play’ with technology, I work with smart people, and advocate for victims and bring criminals to justice.”

BECOMING INFORMED ON CURRENT ISSUES

One of the greatest challenges we all face in this age of information overload is trying to figure out who to trust, and from where to get information. Bagnall offered his thoughts on where he gets his news, plus how to ensure the truth in what you’re reading. 

The first step? Be sure to verify everything you read. 

“Triangulate your sources,” Bagnall said. “Where else is that coming from? Is anybody else saying the same thing? And if not, why?”

He said he leans heavily on his fellow law enforcement agencies for first-hand confirmation of the things he hears. 

“My first trusted source is in my own community,” he said.  “If one of my fellow law enforcement officers on the West Coast says to me, I saw this last week — that’s going to be a trusted source for me.”

There are a few organizations in the cybersecurity space where that’s their core competence. Also, use some of the law firms that use cybersecurity best practices within their agency. Also using information from trusted sources within the community — including solutions providers, litigators, and community partners. 

SUCCESS FAVORS THE PREPARED

When a breach happens, your success in overcoming it depends on how prepared you were, according to Bagnall.

Calling on his experience as an IT professional before heading into law enforcement, Bagnall sympathizes with business owners who need to manage the goals of the organization — and he said he can understand where the recommendations of law enforcement might not always work well with a business.

“We always say not to pay because it’s a form of extortion, and that’s something as an agency that you can’t support, but at the end of the day, that’s a law enforcement recommendation. It’s a business decision — do we pay?”

Good preparation includes having a cyber incident response plan. Having awareness training within their team. But, those things don’t always happen — and sometimes, the best way to react is through taking a step back when a ransomware issue comes up and doing what’s best for the organization. 

“If I were giving advice to a CEO, I’d say, forget about looking at backup and recovery, and the latest whiz-bang solution that’s going to help you recover from ransomware,” Bagnall said. “Look at your business and look at what you really need to do to continue the business in the face of something like this.”

The first thing they should do is to get some expertise. Get some boots-on-the-ground to manage this. The value of engaging a breach coach is huge, Bagnall suggested. In fact, Digital Guardian published in 2018 that on average, a company in the US that was breached is out about $8 million. A breach in Canada will run the company about $4.4 million (USD). 

While you’re managing the breach on a professional level, don’t forget to reach out to law enforcement. 

“Historically, law enforcement isn’t the first call. But hopefully if they’re doing things the way I would like to see them fit us in there at some point,” Bagnall said.

THE STATE OF CYBER CRIME

For Bagnall, the biggest threat is ransomware and business email compromise. 

“I think the biggest hurdle is still ignorance. A lack of understanding and a lack of awareness, both individually and in organizations as to what threats are and how we can best combat them,’ he warned. “Trust no one.”

“We are not making cybercrime watercooler conversation. It should be part of the everyday vernacular. Around the watercooler. To our kids, to our parents,” he said. “I think it’s only when we start having that dialogue, we’ll start making headway.

So what’s next? Bagnall’s next project is something he’s calling “Cyber Cop 2030.” 

“It’s really what cyber investigations may look like, in my opinion, ten years from now. And what it should look to become more efficient. Because it’s not today.”

We’ll be keeping our eyes peeled for Kenrick 3.0 as he progresses this effort.

Interview: Det. Cons. Brings IT Experience …

Interviews Posted by Jen Greco on Sep 20, 2020

We’re all hunkered down in quarantine, so major trade shows have been cancelled. Virtual events will get us through this patch – but what comes next?

It is said that in times of crisis, we adapt.  We modify our behavior and we persevere.  And when the immediate crisis has subsided, we look at what worked, and often adapt much of it into our lives as we move forward.

We’re obviously in a crisis now, and among the many changes we have had to make is one that impacts our professional lives.  For years, we’ve regarded major conferences and trade shows as an integral part of our technical learning curve…and yes, as a major part of our social interaction with our industry peers.

That’s all changing before our very eyes, and the COVID crisis is only one element.  To be sure, the restrictions placed on our travel and ability to assemble have directly impacted the conference industry.  A recent article places the loss at more than a billion dollars, and that number has only increased since then.   O’Reilly’s decision to shutter its physical conference business also hit the industry like a bombshell.  But our ability to adapt and change presents us with other opportunities.  O’Reilly’s CEO acknowledged as much, saying, “With large technology vendors moving their events completely on-line, we believe the stage is set for a new normal moving forward when it comes to in-person events.”

The past few years have seen accelerated growth in smaller regional conferences, along with a greater emphasis on virtual conferences.  The shift has already begun, and we believe it will continue long after we are back to “business as usual,” which we believe will NOT be “business as usual.”

For openers, CFOs and others responsible for the bottom line will be more active in questioning the value of spending significant sums of money on a conference in Las Vegas or elsewhere, especially in lieu of the cancellation of conferences this spring.  What, they will ask, is the ROI for going to these large get-togethers? Can the money be more efficiently and effectively spent to attract and retain prospects and customers?  Are there smaller, regional alternatives that cost less and pose fewer risks?

Conference attendees ask the same: Can I spend less money and achieve similar results closer to home? Would I prefer to be among a smaller public gathering? Can I simply attend an online forum of some sort?

Regional and virtual summits will meet those needs on both counts; in fact, they have already begun doing so.  A recent Los Angeles-based physical conference that had signed up 300 participants quickly pivoted to an online Virtual Summit when the “stay at home” order was issued; in the process, the event more than doubled its registrations.  Even when things get back to normal, companies may well see regional conferences as delivering the same educational and business benefits as the large mega-conventions.  They will be treading lightly, with even less inclination than before to attend and spend at the bigger shows.

I’m not suggesting that all of the big conferences will shrivel up and fade away.  Those sponsored by major vendors, like RSA, Microsoft, Tableau and Gartner, will still be held and will still be successful.  But the COVID crisis has forced companies, big and small, to take a more focused look at the conventions they may have previously taken for granted.  (And it’s not only in the tech sector, of course; events like hardware shows, auto shows, even PizzaExpo, have been delayed or cancelled.)

Our current crisis has forced us to adapt and to alter our thinking in any number of areas.  The purpose of the conferences we attend to learn and interact with our peers are, and will be, no different than in the past.  Their physical nature, however…where and how they are held…will.  The change has already begun.

Business Conferences Amid the COVID Crisis: …

Virtual Events Posted by Michael Hiskey on Apr 10, 2020