cyber resilience

In this episode of Trust Issues, Jan Vanhaecht, the Global Digital Identity Leader at Deloitte Belgium, delves into the intricate realms of digital trust and risk management with host David Puner. The discussion covers topics ranging from the impact of regulations on cybersecurity practices to the pivotal role of identity in building a robust security culture. Unpacking the nuances of digital trust maturity, the episode explores how organizations can navigate the delicate balance between risk and reward. From the emergence of passwordless authentication to the practical applications of Zero Trust principles, the conversation provides valuable perspectives on safeguarding digital landscapes. Join us as we unravel the complexities of cybersecurity and discover how it intertwines with innovation, compliance and the pursuit of trust in the digital age. 

Digital twin technology, a remarkable innovation, is transforming how industries operate and manage cybersecurity. This edition of The Future of Cybersecurity Newsletter by Sean Martin explores the essence of digital twin technology, its market overview, applications across top industries, its role in cybersecurity, and key considerations for CISOs and the cybersecurity vendors building solutions with digital twin technologies in mind.

________

This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.

Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.

Sincerely, Sean Martin and TAPE3

________

Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.

TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Digital twin technology, a remarkable innovation, is transforming how industries operate and manage cybersecurity. This edition of The Future of Cybersecurity Newsletter by Sean Martin explores the essence of digital twin technology, its market overview, applications across top industries, its role in cybersecurity, and key considerations for CISOs and the cybersecurity vendors building solutions with digital twin technologies in mind.

________

This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.

Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.

Sincerely, Sean Martin and TAPE3

________

Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.

TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

In this episode, hosts Rob and Stan explore the EU's Digital Operational Resiliency Act (DORA) with Dominic Brown, a cybersecurity expert. DORA addresses cyber threats to EU financial systems, emphasizing risk management, incident response, and third-party oversight. Dominic compares DORA to US regulations and advises organizations to build risk management teams and enhance cyber resilience before the 2025 deadline.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

In this episode of "Reimagining Cyber," Rob Aragao and Stan Wisseman welcome Adeel Saeed, discussing the importance of data protection in the evolving cybersecurity landscape. Adeel emphasizes the need to understand data sovereignty, navigate regulatory challenges like DORA, and implement a comprehensive data lifecycle strategy. The conversation delves into the nuances of technical debt related to data, the significance of cyber resilience, and the imperative for organizations to embrace a proactive approach in safeguarding their data assets.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape. From addressing security challenges in manufacturing plants to the skills gap in OT cybersecurity, the episode provides an overview of the current state and future prospects of securing critical infrastructure. Holcomb also emphasizes the importance of identity in OT security and offers practical advice for organizations looking to enhance their cybersecurity posture. Check out the episode to explore the dynamic intersection of IT and OT – and how it spotlights the urgent need for robust cybersecurity measures in an evolving digital landscape.

In this episode, hosts Rob and Stan explore the World Economic Forum's Global Cybersecurity Outlook 2024, a favorite annual report providing valuable insights into the cybersecurity landscape. Released early in the new year, the episode looks at the key themes, findings, and implications outlined in the report.

Main Themes:

1.    Geopolitical and Technological Environment:

·       Report highlights dynamic changes and advancements in geopolitics and technology.

·       Emphasis on impacts of geopolitical tensions, economic uncertainties, and technological advancements, especially in AI.

2.    Cyber Skill Shortage:

·       Discussion on persistent challenges related to the shortage of cybersecurity skills.

·       Acknowledgment of the critical role of cybersecurity in business, operations, and executive decision-making.

3.    Cyber Resilience:

·       Exploration of the growing importance of cyber resilience.

·       Positive indicators of increased confidence among leaders in the resilience of cybersecurity programs.

4.    Cyber Inequity:

·       Examination of the disparity in cyber capabilities between larger and smaller organizations.

·       Insights into challenges faced by smaller organizations, including resource constraints, skill shortages, and technology requirements.

5.    Cyber Ecosystem:

·       Discussion on the interconnected nature of cyber ecosystems.

·       Emphasis on collaboration, threat intelligence sharing, and third-party assessments.

·       Highlighting the significant impact of cyber attacks originating from third-party relationships.

Key Findings and Insights:

1.    Generative AI Concerns:

·       Grave concerns among executives about advances in adversarial capabilities due to generative AI.

·       Less than 10% believe generative AI will give an advantage to defenders over attackers.

2.    Cyber Insurance and Risk Mitigation:

·       Observations on the changing landscape of cyber insurance, with a 24% drop in organizations obtaining cyber insurance.

·       Recognition of cyber and privacy regulations as effective for risk reduction, though harmonization is needed.

3.    CEO Involvement and Alignment:

·       Increased involvement of CEOs and business leaders in prioritizing cybersecurity.

·       93% trust CEOs to speak externally about cyber risk, indicating growing alignment between cybersecurity and business strategy.

4.    Impact on the Business:

·       Insights into executive concerns about operational disruption, financial impact, and brand reputation from cyber attacks.

·       Balanced consideration of regulatory scrutiny, focusing on operational aspects and financial loss.

Conclusion: Rob and Stan encourage listeners to explore the detailed report for a deeper understanding of the evolving cybersecurity landscape. They emphasize the need for collaboration, proactive cybersecurity measures, and efforts to bridge the gap between larger and smaller organizations in building cyber resilience.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

Guest Dr. Magda Chelly, Managing Director and CISO of Responsible Cyber, joins Trust Issues host David Puner for a conversation about third-party risk management and cyber resilience. Dr. Chelly underscores the imperative of prioritizing identity management, particularly as decentralized work environments are becoming the norm in today’s evolving digital landscape. She also explains how breaking things played a critical role in propelling her into a career in cybersecurity – and then in fostering and advancing it. The interview unfolds against the backdrop of Dr. Chelly’s extensive experience and recently authored book, "Building a Cyber Resilient Business," which serves as a handbook for executives and boards navigating the complexities of cybersecurity. If you’re seeking insights on how to gain stronger visibility and control over your organization’s digital identities, this episode is for you.

Join us to learn how build resiliency against today’s ever-growing array of cyber threats – and what’s to come in 2024 and beyond.

Welcome to another episode of "Reimagining Cyber," where Stan and Rob explore the transformative landscape of cybersecurity regulations. In this insightful episode, they delve into the intricacies of the upcoming NIS2 directive from the EU, set to take effect in October 2024. Joining them is Bjørn Watne, Senior Vice President and Chief Security Officer at Telenor Group and an advisor to Europol, offering over 20 years of expertise in information security and cyber risk management.

The discussion revolves around the key changes introduced by NIS2, emphasizing a baseline cybersecurity approach across essential entities in diverse sectors. Bjorn sheds light on the directive's requirements for systematic security risk management, crisis management, and heightened resilience. The episode also navigates through the complexities of supply chain control, collaboration, and reporting vulnerabilities.

Drawing from Telenor Group's experience as a telecom operator, the hosts and guest unravel the distinct threat landscape faced by telecom companies, especially in dealing with advanced persistent threats and the significance of call detail records. Beyond traditional sectors, the conversation touches upon the implications of NIS2 on organizations, highlighting Telenor Group's compliance efforts.

Exploring the penalties associated with NIS2 noncompliance, the episode draws parallels with GDPR, underscoring the importance of these regulations in fortifying a secure digital infrastructure. As organizations prepare for NIS2, Bjorn shares practical advice, urging a proactive approach with asset inventory, business impact analysis, and comprehensive risk assessments.

Don't miss this episode packed with valuable insights into the NIS2 directive and actionable steps for organizations to elevate their cybersecurity readiness. Stay tuned and reimagine cybersecurity with Stan, Rob, and Bjorn on this informative podcast.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com

In this episode of the Security Squawk Podcast, we discuss two recent ransomware attacks:

1. Ampersand cyber attack: Ampersand is a company that provides viewership data to advertisers for about 85 million households. The Black Basta ransomware group reportedly claims the attack disrupted Ampersand's operations.

2. Henry Schein cyber attack: Henry Schein is a healthcare solutions company. In a recent cyber attack, they announced that part of their manufacturing and distribution have suffered data breaches.

We also discuss:

1. the importance of cyber resilience, which involves preparing for and withstanding cyber-attacks to ensure business continuity

2. the importance of having effective backups, as well as the cost implications of failing to restore data from backups after a ransomware attack

3. email security and the differences between Google Workspace and Microsoft 365

In a world where digital threats loom large, protecting your business is paramount. Tune in now and empower yourself and your business with the knowledge to stay secure in a digital world.

Guests: 

Matthew Rosenquist, CISO at Eclipz.io

On LinkedIn | https://www.linkedin.com/in/matthewrosenquist/

On Twitter | https://twitter.com/Matt_Rosenquist

On Medium | https://matthew-rosenquist.medium.com/

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
_____________________________

This Episode’s Sponsors

BlackCloak 👉 https://itspm.ag/itspbcweb

Bugcrowd 👉 https://itspm.ag/itspbgcweb

Devo 👉 https://itspm.ag/itspdvweb

_____________________________

Episode Introduction

Hello, dear listeners! It's Marco Ciappelli of the 'Redefining Society Podcast', and today we have an episode that promises a whole lot of geeking out, pondering, and some classic bantering. The intersection of technology, cybersecurity, and society has never seemed so alive, and I'm excited to navigate it with you.

Now, if you've been here before, you'd remember the brilliant Matthew Rosenquist. Well, he's back, always giving me a hard time, but hey, it’s all in good spirit! We've exchanged a few interesting jabs on LinkedIn recently, and that’s kind of what led us here. It's amazing how online conversations can blossom into profound discussions, isn’t it?

And speaking of which, Sean Martin decided to crash our little party today. Though he claims he’s here just to join Matthew in poking fun at me, I know he's got a treasure trove of insights from his three decades in tech and cybersecurity. So, welcome, Sean! Hope you’re ready to redefine some societal norms with us.

Alright, so what's today's big question? Well, remember how ITSP Magazine started at that unique crossroad of cybersecurity and society? We've expanded since then, encompassing the larger realm of technology. The connections are becoming denser, and the implications? Oh boy, they're growing by the day. And then there’s AI. We can't really sidestep it anymore, can we? It's here, evolving, and redefining our societal landscape.

Matthew had a speaker event recently about cybersecurity and AI. I thought, why not pull him and Sean into a room and unravel this puzzle? Between Matthew's forward-thinking perspectives and Sean's vast experience, we're bound to touch upon some hard-hitting truths.

So today, we're connecting the dots, discussing AI's role in the future of cybersecurity, and diving into its implications on our society. We’ll discuss the tech side, of course, but I’m especially intrigued about its potential for social engineering. I mean, is AI's most significant threat the way it can manipulate us humans because of our inherent gullibility?

There's so much ground to cover. I can’t promise we’ll have all the answers, but hey, it's the journey and discussion that counts. So, buckle up! It's time to redefine, muse, and maybe even challenge some of our preconceived notions. Let's get this conversation started.

Listen, enjoy, think, share, and subscribe to my podcast!

_____________________________

Resources

____________________________

To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast

Watch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast

Guests: 

Matthew Rosenquist, CISO at Eclipz.io

On LinkedIn | https://www.linkedin.com/in/matthewrosenquist/

On Twitter | https://twitter.com/Matt_Rosenquist

On Medium | https://matthew-rosenquist.medium.com/

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

____________________________

Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
_____________________________

This Episode’s Sponsors

BlackCloak 👉 https://itspm.ag/itspbcweb

Bugcrowd 👉 https://itspm.ag/itspbgcweb

Devo 👉 https://itspm.ag/itspdvweb

_____________________________

Episode Introduction

Hello, dear listeners! It's Marco Ciappelli of the 'Redefining Society Podcast', and today we have an episode that promises a whole lot of geeking out, pondering, and some classic bantering. The intersection of technology, cybersecurity, and society has never seemed so alive, and I'm excited to navigate it with you.

Now, if you've been here before, you'd remember the brilliant Matthew Rosenquist. Well, he's back, always giving me a hard time, but hey, it’s all in good spirit! We've exchanged a few interesting jabs on LinkedIn recently, and that’s kind of what led us here. It's amazing how online conversations can blossom into profound discussions, isn’t it?

And speaking of which, Sean Martin decided to crash our little party today. Though he claims he’s here just to join Matthew in poking fun at me, I know he's got a treasure trove of insights from his three decades in tech and cybersecurity. So, welcome, Sean! Hope you’re ready to redefine some societal norms with us.

Alright, so what's today's big question? Well, remember how ITSP Magazine started at that unique crossroad of cybersecurity and society? We've expanded since then, encompassing the larger realm of technology. The connections are becoming denser, and the implications? Oh boy, they're growing by the day. And then there’s AI. We can't really sidestep it anymore, can we? It's here, evolving, and redefining our societal landscape.

Matthew had a speaker event recently about cybersecurity and AI. I thought, why not pull him and Sean into a room and unravel this puzzle? Between Matthew's forward-thinking perspectives and Sean's vast experience, we're bound to touch upon some hard-hitting truths.

So today, we're connecting the dots, discussing AI's role in the future of cybersecurity, and diving into its implications on our society. We’ll discuss the tech side, of course, but I’m especially intrigued about its potential for social engineering. I mean, is AI's most significant threat the way it can manipulate us humans because of our inherent gullibility?

There's so much ground to cover. I can’t promise we’ll have all the answers, but hey, it's the journey and discussion that counts. So, buckle up! It's time to redefine, muse, and maybe even challenge some of our preconceived notions. Let's get this conversation started.

Listen, enjoy, think, share, and subscribe to my podcast!

_____________________________

Resources

____________________________

To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast

Watch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast

Generative AI has been hailed as a game changer that will impact and even enrich our personal lives. It is also expected to affect the way we manage businesses and possibly every function within an organisation. The ability of organisations to adopt AI will play on their competitive ability even if the technology is still in its infancy and the entire scope of its applications has not yet been explored.
At recent India CEO and CFO sessions in Bangalore, Hyderabad, Pune and Mumbai, Amit Dubey, a leading Cyber Security Expert, helped acquaint us with this revolutionary technology, its future applications and how companies may leverage generative AI in the years ahead. The attached paper offers a brief summary of the session along with a fuller commentary on the subject,

The Chief Operating Officer and Head of Cyber Security at Brooks Macdonald discuss AI and what it means for investment management firms, including implications for cyber resilience.

Guests: 

Cat Self, Principal Adversary Emulation Engineer, MITRE [@MITREcorp]

On Linkedin | https://www.linkedin.com/in/coolestcatiknow/

On Twitter | https://twitter.com/coolestcatiknow

Kate Esprit, Senior Cyber Threat Intelligence Analyst at MITRE [@MITREcorp]

On Linkedin | https://www.linkedin.com/in/kate-e-2b262695/

____________________________

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli

____________________________

This Episode’s Sponsors

Island.io | https://itspm.ag/island-io-6b5ffd

____________________________

Episode Notes

In this new Chats on the Road to Black Hat USA 2023 on the ITSPmagazine Podcast Network, hosts Sean and Marco are joined by Cat and Kate from MITRE to discuss the world of adversary emulation and its importance in improving cybersecurity. The conversation covers MITRE's role as an industry thought leader and their focus on making the cyber world a safer place. They explain how MITRE ATT&CK, a framework based on observations from blue and red engagements, led to the development of ATT&CK evaluations, which aim to raise the standard of the industry and provide transparency. The hosts and guests emphasize the need for transparency in adversary emulation and how MITRE releases their methodology, results, and code to make the practice more accessible.

The group also discusses the challenges faced in aligning emulation plans with the diverse and unique solutions deployed by different vendors and the importance of maintaining the integrity of what the adversaries would actually do. The conversation also touches on the differences between adversary emulation and simulation. While emulation replicates the actions and techniques of specific adversaries, simulation allows for more flexibility and blends different components of multiple adversaries.

The hosts and guests also explore the power and responsibility that comes with conducting adversary emulation, drawing parallels to superheroes like Batman and Spider-Man.

About the session — Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

Batman once said, "you either die a hero or live long enough to see yourself become the villain." What if there was a way to become a cyber villain for the greater good? For the last 5 years, the MITRE ATT&CK Evaluations team has been improving the industry by "becoming the villain." We study some of the world's most advanced threat actors, develop a scenario, build malware and tools, then execute the operations against major EDR vendors. And the best part? Not only do we get the business justification of becoming a villain to advance defenders, but our code is also open-sourced.

Using a Latin American APT as our real-world villain, this talk will showcase how to merge CTI and red development capabilities for adversary emulation.

First, our cyber threat intelligence team (CTI) demonstrates how to evaluate reports with the sufficient technical data needed to emulate the adversary's usage of particular techniques. We will build a scenario, create CTI diagrams based on our analysis, address gaps in data, and create alternative attack methods for the red team.

Next, the red team enters the scene to collaborate with the CTI team. They begin building malware, tools, and infrastructure. Translating approved open-source CTI reporting into code, we will walk through process injection, persistence, hands-on-keyboard discovery, and lateral movement for the emulation. Finally, it is time to launch the attack and see how our defenders respond, discern where to search for clues, and help them uncover our plot.

To coincide with this presentation, our code, research, and emulation plans will be publicly released. We hope this empowers the community to use our "become the villain" methodology to improve defenses. Helping defenders discern where to look for our footprints is how we justify our villainous acts.

Subscribe to our podcast, share it with your network, and join us in pondering the questions this conversation raises. Be part of the ongoing dialogue around this pressing issue, and we invite you to stay tuned for further discussions in the future.

Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa

____________________________

Resources

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations: https://www.blackhat.com/us-23/briefings/schedule/index.html#becoming-a-dark-knight-adversary-emulation-demonstration-for-attck-evaluations-33209

Post: https://medium.com/mitre-engenuity/managed-services-evaluations-round-2-2023-attribution-and-speed-and-efficiency-oh-my-59aa207641fa

Podcast: https://itspmagazine.simplecast.com/episodes/mitre-att-ck-a-conversation-at-the-edge-with-katie-nickels-fred-wilmot-and-ryan-kovar

For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegas

Are you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:
👉 https://itspm.ag/bhusa23tsp

Want to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:
👉 https://itspm.ag/bhusa23bndl

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships

Guests: 

Cat Self, Principal Adversary Emulation Engineer, MITRE [@MITREcorp]

On Linkedin | https://www.linkedin.com/in/coolestcatiknow/

On Twitter | https://twitter.com/coolestcatiknow

Kate Esprit, Senior Cyber Threat Intelligence Analyst at MITRE [@MITREcorp]

On Linkedin | https://www.linkedin.com/in/kate-e-2b262695/

____________________________

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli

____________________________

This Episode’s Sponsors

Island.io | https://itspm.ag/island-io-6b5ffd

____________________________

Episode Notes

In this new Chats on the Road to Black Hat USA 2023 on the ITSPmagazine Podcast Network, hosts Sean and Marco are joined by Cat and Kate from MITRE to discuss the world of adversary emulation and its importance in improving cybersecurity. The conversation covers MITRE's role as an industry thought leader and their focus on making the cyber world a safer place. They explain how MITRE ATT&CK, a framework based on observations from blue and red engagements, led to the development of ATT&CK evaluations, which aim to raise the standard of the industry and provide transparency.

The hosts and guests emphasize the need for transparency in adversary emulation and how MITRE releases their methodology, results, and code to make the practice more accessible.

The group also discusses the challenges faced in aligning emulation plans with the diverse and unique solutions deployed by different vendors and the importance of maintaining the integrity of what the adversaries would actually do.

The conversation also touches on the differences between adversary emulation and simulation. While emulation replicates the actions and techniques of specific adversaries, simulation allows for more flexibility and blends different components of multiple adversaries.

The hosts and guests also explore the power and responsibility that comes with conducting adversary emulation, drawing parallels to superheroes like Batman and Spider-Man.

About the session — Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

Batman once said, "you either die a hero or live long enough to see yourself become the villain." What if there was a way to become a cyber villain for the greater good? For the last 5 years, the MITRE ATT&CK Evaluations team has been improving the industry by "becoming the villain." We study some of the world's most advanced threat actors, develop a scenario, build malware and tools, then execute the operations against major EDR vendors. And the best part? Not only do we get the business justification of becoming a villain to advance defenders, but our code is also open-sourced.

Using a Latin American APT as our real-world villain, this talk will showcase how to merge CTI and red development capabilities for adversary emulation.

First, our cyber threat intelligence team (CTI) demonstrates how to evaluate reports with the sufficient technical data needed to emulate the adversary's usage of particular techniques. We will build a scenario, create CTI diagrams based on our analysis, address gaps in data, and create alternative attack methods for the red team.

Next, the red team enters the scene to collaborate with the CTI team. They begin building malware, tools, and infrastructure. Translating approved open-source CTI reporting into code, we will walk through process injection, persistence, hands-on-keyboard discovery, and lateral movement for the emulation. Finally, it is time to launch the attack and see how our defenders respond, discern where to search for clues, and help them uncover our plot.

To coincide with this presentation, our code, research, and emulation plans will be publicly released. We hope this empowers the community to use our "become the villain" methodology to improve defenses. Helping defenders discern where to look for our footprints is how we justify our villainous acts.

Subscribe to our podcast, share it with your network, and join us in pondering the questions this conversation raises. Be part of the ongoing dialogue around this pressing issue, and we invite you to stay tuned for further discussions in the future.

Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa

____________________________

Resources

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations: https://www.blackhat.com/us-23/briefings/schedule/index.html#becoming-a-dark-knight-adversary-emulation-demonstration-for-attck-evaluations-33209

Post: https://medium.com/mitre-engenuity/managed-services-evaluations-round-2-2023-attribution-and-speed-and-efficiency-oh-my-59aa207641fa

Podcast: https://itspmagazine.simplecast.com/episodes/mitre-att-ck-a-conversation-at-the-edge-with-katie-nickels-fred-wilmot-and-ryan-kovar

For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegas

Are you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:
👉 https://itspm.ag/bhusa23tsp

Want to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:
👉 https://itspm.ag/bhusa23bndl

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/podcast-series-sponsorships

In this Brand Story podcast episode, as part of our Black Hat USA conference coverage, host Sean Martin connects with David Ratner to discuss the innovative approach of the Adversary Infrastructure Platform to cybersecurity. The platform focuses on understanding and disrupting communication between attackers and their command and control infrastructure, allowing for quicker detection and response to attacks. It can even identify and shut down masked communication attempts.

The conversation emphasizes the platform's ease of deployment and integration into existing security architectures, making it accessible for organizations of all sizes. David discusses HYAS's research on the future of malware, including the use of generative AI and polymorphic malware. This research aims to stay ahead of evolving threats, helping organizations build effective defenses.

The conversation covers HYAS's research notes on Black Mamba and EyeSpy, which highlight their commitment to understanding attacks and building the right intelligence into the Adversary Infrastructure Platform to detect future threats.

The conversation also explores how the platform provides visibility and observability for CISOs, addressing the concerns of not knowing what is happening in real time within their environments.

The Adversary Infrastructure Platform allows CISOs to implement a comprehensive strategy for prevention and business resiliency, giving them confidence in their ability to detect and respond to anomalous activity.

One of the key strengths of the platform is its flexibility across different devices and network environments. It can be deployed to guard against various operating systems and even IoT and OT devices sending beacons to command and control systems, ensuring comprehensive protection regardless of the devices or connectivity methods being used.

Overall, David provides listeners with insights into the Adversary Infrastructure Platform and its role in enhancing cybersecurity. He highlights the platform's effectiveness in detecting and responding to attacks, its ability to provide real-time visibility, and its flexibility in deployment.

Listen in to gain a better understanding of how the platform works, its research-driven approach, and its potential to improve an organization's security posture.

Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-story

Guest: David Ratner, CEO at HYAS [@hyasinc]

On LinkedIn | https://www.linkedin.com/in/davidhratner/

On Twitter | https://twitter.com/davidhratner

Resources

Learn more about HYAS and their offering: https://itspm.ag/hyasl3si

Attacker Infrastructure: How Hackers Build It and How to Use It Against Them: https://www.hyas.com/blog/attacker-infrastructure-how-hackers-build-it-and-how-to-use-it-against-them

Cyber Adversary Infrastructure Explained: https://www.hyas.com/blog/cyber-adversary-infrastructure-explained

EyeSpy Proof of Concept: https://www.hyas.com/blog/eyespy-proof-of-concept

For more Black Hat USA 2023 coverage: https://itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegas

Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story

The pace of digital transformation across sectors, while revolutionary, presents critical challenges with regard to securing an organisation’s digital assets

At recent sessions of the India CFO Forum across cities, which were run in collaboration with Microsoft India, panellists from diverse industries, together with renowned cyber-security expert Amit Dubey, led discussions on how businesses can build resilience in the face of growing cyber-threats. They also looked at the CFO’s role in this process. This podcast summarises the discussions

Guest: Aunshul Rege, Director at The CARE Lab at Temple University [@TU_CARE]

On Linkedin | https://www.linkedin.com/in/aunshul-rege-26526b59/

On Twitter | https://twitter.com/Prof_Rege

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin
____________________________

This Episode’s Sponsors

Pentera | https://itspm.ag/penteri67a

CrowdSec | https://itspm.ag/crowdsec-b1vp

___________________________

Episode Notes

Welcome to a riveting new episode of the Redefining Cybersecurity Podcast, hosted by Sean Martin! Today, we're diving into the fascinating world of social engineering and the crucial role of education in understanding cybersecurity. Join us in this engaging conversation with Aunshul Rege from Temple University, who does amazing work in helping students comprehend the importance of cybersecurity and how social engineering plays a vital part in it.

Imagine a world where computer science students and liberal arts students come together to tackle cybersecurity challenges from different angles. Aunshul Rege is an associate professor at the Department of Criminal Justice at Temple University, who has a unique journey starting as a software engineer and eventually realizing that computer science wasn't enough to answer the who, why, and how of cyber attacks. Her passion for understanding human behavior, sociology, and cybersecurity led her to explore the liberal arts side of cybersecurity.

In this episode, Aunshul talks about her innovative teaching methods, where she pushes her students to collaborate across disciplines and explore the importance of social engineering in cyber attacks. From shoulder surfing activities to discussing ethics and multidisciplinary teamwork, her students learn to appreciate the different skill sets and perspectives they bring to the table.

But it's not just about the technical aspect of cybersecurity. Aunshul's approach to teaching focuses on building students' understanding of human behavior and psychology in cyber attacks, emphasizing the value of social engineering in both the attack and defense aspects of cybersecurity.

As you listen to this fascinating conversation, you'll discover the powerful impact of merging computer science and liberal arts perspectives, the importance of ethics in cybersecurity, and how Aunshul's unique teaching methods help students appreciate their role in the ever-evolving world of cybersecurity.

So, get ready to be inspired by Aunshul's story and her innovative approach to cybersecurity education. You won't want to miss this captivating episode that challenges our understanding of cybersecurity and the critical role of social engineering in it. And don't forget to share this episode, subscribe to the podcast, and join us for more insightful conversations on Redefining Cybersecurity.

____________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

ITSPmagazine YouTube Channel
📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

____________________________

Resources

The CARE Lab: https://sites.temple.edu/care/

Summer Social Engineering Event: https://sites.temple.edu/socialengineering/

____________________________

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-cybersecurity-podcast

Watch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network