onSecurity Podcast – Episode 18: Securing IoT and Operational Technology

July 28, 2023 By Josh Eklow

Episode 18: Securing IoT and Operational Technology

In an interconnected world, the rapid proliferation of IoT (Internet of Things) devices and the integration of Operational Technology (OT) into critical infrastructure have unlocked tremendous opportunities. However, these technological advancements have also exposed us to unprecedented security risks. To counter these risks, businesses can quickly and efficiently turn to the practice of maintaining a comprehensive asset inventory. By identifying and cataloging all IoT and OT devices, organizations can better understand their attack surface and implement targeted security measures to safeguard their networks.

Huxley Barbee, CISSP and CISM of RunZero, joins onShore Security CEO Stel Valavanis on this episode of onSecurity as we delve into securing IoT and OT systems, exploring the significance of asset inventory in fortifying these vital networks against potential cyber threats, and identifying common pitfalls.

onSecurity – Episode 17: AI and Chatbots in Cyberattacks

July 7, 2023 By Josh Eklow

Episode 17: AI and Chatbots in Cyberattacks

The emergence of artificial intelligence (AI) has introduced a new set of challenges to the field of cybersecurity. While AI offers immense potential for enhancing security measures, it also presents unprecedented risks and complexities. One of the primary concerns is the use of AI by malicious actors to develop sophisticated attack techniques, such as AI-powered malware and intelligent chatbots that can mimic human behavior. These AI-driven attacks have the potential to bypass traditional security defenses, exploit vulnerabilities at an unprecedented scale and speed, and even autonomously adapt and evolve to evade detection.

In this episode of onSecurity, we delve into the emerging threats posed by artificial intelligence (AI) and chatbots in cybersecurity, exploring how these technologies are being leveraged and the necessary adaptations cybersecurity professionals must make to safeguard our digital landscape. James Moore, Director of Online Learning at DePaul University, joins us to discuss the alarming ways in which AI and chatbots are being weaponized by adversaries, the increased sophistication of these attacks, their potential impact on industries, and the challenges faced by cybersecurity professionals in countering them.

onSecurity – Episode 16: Responding to Ransomware

June 6, 2023 By Josh Eklow

Episode 16: Responding to Ransomware

Responding to cybersecurity incidents is no longer merely the responsibility of the IT team at a business. There are legal and financial actions that must be taken and the ability of a business to respond smartly and with speed can determine the fate of the organization after an attack.

Todd Rowe of Constangy Law joins Stel to talk about his experience practicing law in the cybersecurity space, how his work has evolved, and lessons learned on how to respond to ransomware and other cybersecurity incidents.

Biden’s Cybersecurity Announcement – Some Subtle Points are Being Lost

April 25, 2023 By Josh Eklow

Biden’s Cybersecurity Announcement –
Some Subtle Points Are Being Lost
– Stel Valavanis

The Biden Administration recently announced a new, five-pillared cybersecurity strategy that outlines not only new Federal initiatives to strengthen the defense of public infrastructure and increase federal cybersecurity capability, but also details changes that will greatly impact the private sector, cybersecurity leaders, and practitioners of today and tomorrow. It is important to remember that this announcement is a policy document, not an executive order, so while it does signal that changes are coming, it will remain difficult to prepare for specific parts of this shift until further information is released. In the meantime, business leaders and cybersecurity organizations can at least start incorporating some of the bigger and more obvious takeaways into their cybersecurity strategy.

The following are some things to consider as we make decisions today and things that I believe will become very important to business, security, politics, and beyond.

Shifting Responsibility for Infrastructure Protection

As part of the effort to “shape market forces to drive security and resilience,” the Biden administration plans to shift the liability for protecting cyber infrastructure from the clients doing business online to the cyber defense practitioners that serve those clients. A subtle point is lost to many here. This shift will actually have to be made manifest through a series of new pieces of legislation, which may face serious opposition, but businesses should still plan to comply with new minimum security standards. Enforcement of such standards may come through industry or non-government entities, such as insurance companies that will likely use these standards to qualify for coverage. Technology providers such as SaaS and hosting will be expected to adhere to standards and accept more responsibility.

Federal Cyber Insurance Backstop

This announcement makes it clear that the Administration understands the level of potential calamity that a large-scale cyber attack could mean for our government and businesses. The plan to “Invest in a Resilient Future” includes the creation of a Federal Cyber Insurance Backstop. The acknowledgment and preparation for the potentiality of a catastrophic cyberattack is a development in itself, but the fact that such an event is being planned for will have several effects on cybersecurity insurance and the businesses they cover. This backstop will be in place in case a cyberattack has wide enough effect that there are overwhelming cyber insurance claims. Law enforcement and insurers have, to date, treated cybersecurity attacks as individualized harm. However, it is important to understand that the potential impact of a cyberattack can reach the same scale of disruption as weather events, industrial spills, energy production accidents, and terrorist attacks, events that the federal government typically responds to collectively. The Biden administration is signaling that they see cyberattacks as a threat at a collective level and will be prepared to respond with federal assistance and oversight.

Actively Disrupting Attackers

By making this announcement, the Biden administration is sending a clear warning to cyber attackers that it’s no longer business as usual. Attackers often receive support and safe harbor in their home countries in exchange for targeting the US. Our companies are the most valuable and easiest to attack, with a lower risk of retribution. Our past policies and habits of not hacking back, lax law enforcement and little follow-up, allowing companies to pay ransoms, and lack of controls on personal data all contribute to our current vulnerability. The administration is announcing that our networks will be harder to attack, that we will use the whole-of-government to disrupt and prevent cyberattacks, and that we will no longer acquiesce to ransom demands. The businesses of the United States will no longer be an easy target.

Be Prepared

The cybersecurity community and businesses will have to wait to see the specifics of any actions taken or orders given in relation to the new cybersecurity plan, but it’s possible to start preparing now. There are steps that businesses can take immediately to be ready for upcoming changes. Take inventory of and have a clear understanding of your organization’s use of cloud-based infrastructure and data vendors. Make a plan to comply with minimum security requirements. Be aware of your company’s cyber insurance policy and potential law enforcement resources in case of attack. Lastly, getting involved in cybersecurity organizations in your industry will help you stay ahead of any future developments.

onShore Security Endorses Plans to Curb Proliferation of Cyber Mercenaries

April 18, 2023 By Josh Eklow

onShore Security is proud to announce that, as members of the Cybersecurity Tech Accord, we have signed onto the principles released by the group to state our intent to do whatever we can to help curb the training, recruitment, and deployment of cyber mercenaries.

The Cybersecurity Tech Accord, a signatory group of cybersecurity organizations, has responded to the developments in the US cybersecurity strategy by calling for an agreement to counter and prevent the proliferation of cyber mercenaries, both in service of foreign governments and our own. US-based cybersecurity operations have historically not acted offensively, and the infrequent “hack backs” that have occurred in the past have typically been done as part of official US law enforcement measures. While in adversarial countries it is common for private groups to be enlisted to act in a para-military capacity to perform attacks for their state or even to be actually enlisted in the military proper, the shift in strategy for the US government to work with private entities to engage in cyber warfare is part of a larger seachange in how our government views cybersecurity, cybercrime, and cyberwar.

“As a proud member of the Cybersecurity Tech Accord, onShore supports the coalition’s efforts to influence government and industry policy in ways that benefit not only our clients but everyone who works, shops and socializes on the web.” – Stel Valavanis, CEO of onShore Security

Click here to read our full press release on Newswire