onSecurity

As the tactics of hackers and threat actors evolve, organizations are finding themselves in unknown, uncomfortable, and unsafe situations. When it becomes necessary to engage or negotiate with hackers, experts can offer their experience and resources to ensure the most positive outcome possible. In this episode of onSecurity, Stel is joined by Marc Grens, Co-Founder and President of DigitalMint. Marc goes into the often unknown details about how companies engage with ransomware attackers and shares some surprising experiences.

In cybersecurity, teamwork is everything. Every part of the practice is about being part of a team, from playing your part in your organization to being part of the larger community and ecosystem. Cybersecurity conventions, such as the upcoming Blue Team Con, are a focal point for team building at every level, with knowledge sharing and training, networking, and volunteering. Many cybersecurity events are run by volunteers, seeking to learn more about cybersecurity and organizing, meet active and involved members of the community, and take part in building the culture. This episode, onSecurity is joined by Phoenix Fier, security analyst for Funko and volunteer coordinator for the upcoming Blue Team Con. Phoenix discusses the importance of inclusion in cybersecurity events, the opportunities that volunteering at an event presents, and why getting involved is a critical step in your career. More information on Blue Team Con at https://blueteamcon.com/ [https://blueteamcon.com/]

In an interconnected world, the rapid proliferation of IoT (Internet of Things) devices and the integration of Operational Technology (OT) into critical infrastructure have unlocked tremendous opportunities. However, these technological advancements have also exposed us to unprecedented security risks. To counter these risks, businesses can quickly and efficiently turn to the practice of maintaining a comprehensive asset inventory. By identifying and cataloging all IoT and OT devices, organizations can better understand their attack surface and implement targeted security measures to safeguard their networks. Huxley Barbee, CISSP and CISM of RunZero, joins onShore Security CEO Stel Valavanis on this episode of onSecurity as we delve into securing IoT and OT systems, exploring the significance of asset inventory in fortifying these vital networks against potential cyber threats, and identifying common pitfalls.

The emergence of artificial intelligence (AI) has introduced a new set of challenges to the field of cybersecurity. While AI offers immense potential for enhancing security measures, it also presents unprecedented risks and complexities. One of the primary concerns is the use of AI by malicious actors to develop sophisticated attack techniques, such as AI-powered malware and intelligent chatbots that can mimic human behavior. These AI-driven attacks have the potential to bypass traditional security defenses, exploit vulnerabilities at an unprecedented scale and speed, and even autonomously adapt and evolve to evade detection. In this episode of onSecurity, we delve into the emerging threats posed by artificial intelligence (AI) and chatbots in cybersecurity, exploring how these technologies are being leveraged and the necessary adaptations cybersecurity professionals must make to safeguard our digital landscape. James Moore, Director of Online Learning at DePaul University, joins us to discuss the alarming ways in which AI and chatbots are being weaponized by adversaries, the increased sophistication of these attacks, their potential impact on industries, and the challenges faced by cybersecurity professionals in countering them.

Responding to cybersecurity incidents is no longer merely the responsibility of the IT team at a business. There are legal and financial actions that must be taken and the ability of a business to respond smartly and with speed can determine the fate of the organization after an attack. Todd Rowe [https://www.constangy.com/people-Todd-Rowe] of Constangy Law joins Stel to talk about his experience practicing law in the cybersecurity space, how his work has evolved, and lessons learned on how to respond to ransomware and other cybersecurity incidents.