A Q&A with Matt Barrett, COO of Cyber Engineering Services Incorporated (CyberESI) First introduced in 2014, the National Institute of Standards and Technology (NIST) CyberSecurity Framework (CSF) has since become a widely held best practice far beyond the commerce industry. To get some perspective on the framework and how it’s evolved over the past five years, we talked to Matt Barrett, who was the program manager for CSF. (Note: Barrett currently serves as COO for Cyber Engineering Services Inc (CyberESI), a cyber risk management firm.)
A Q&A with Scott Stransky of AIR Worldwide
The exposures associated with cyber incidents and losses reach far and wide, including a whole category of risk called “silent cyber.” With traditional policies offering ambiguous coverage for cyber events, insurers and their insureds face a significant amount of gray area for these risks, which have now become commonplace. To better understand silent cyber and what can be done about it, we talked to Scott Stransky, vice president and director of emerging risk modeling at AIR Worldwide.
A Q&A with Chris Rock of SIEMonster
Cyber mercenary activity—in which geopolitical states sponsor hackers and private firms to wage acts of cyber offence on other states, organizations and individual citizens—has been on the rise for at least a decade, though the wider public is only now just starting to understand its grave implications. To get a better handle on the current state of global cybersecurity affairs, we talked to professional hacker Chris Rock, CEO and founder of SIEMonster.
A Q&A with Sherri Davidoff, CEO of LMG Security and BrightWise, Inc.
One of the most disturbing developments in financial cybercrime is the advent and increasing popularity of banking Trojans, which pose a grave risk to both consumers and financial organizations. To find out more about banking Trojans and how to avoid them, we spoke to Sherri Davidoff, cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc.
A Q&A with Bill Siegel of Coveware
Given the prevalence and sophistication of ransomware—not to mention the financial stakes involved in these exploits—it’s no longer wise to leave delicate negotiations to internal staff. We spoke to Coveware’s CEO and cofounder Bill Siegel about the nuances involved in handling threat actors and why having data at the ready can better inform a company’s decision-making.
A Q&A with Chris Nyhuis of Vigilant Technology Solutions
Cyber security threats are always evolving, but in the last six months, a vicious new breed of ransomware attack has emerged, powerful enough to take down an enterprise organization. To learn more about it, we talked to Chris Nyhuis, President and CEO of Vigilant Technology Solutions, an international security and total IT solution provider.
We talked with some of the leading experts in data breach forensics. Here’s what they told us.
A Q&A with Chris Salsberry of Crypsis
One of the most prominent cyber threats affecting companies right now is business email compromise (BEC). These attacks typically begin with phishing emails that capture log-in credentials.The widely used cloud-based Microsoft Office 365 has proven especially vulnerable, with millions of dollars lost in fraudulent wire transfers over the past couple of years. We talked to The Crypsis Group’s senior director Chris Salsberry about this attack vector and how companies can avoid being compromised.
A Q&A with Paul Otto of Hogan Lovells
Given recent events such as the 2017 WannaCry ransomware attack that affected more than 200,000 computers across 150 countries, concerns about data privacy and medical devices have come to the fore with increased scrutiny from regulators. To understand the risks medical devices pose and how companies are responding, we spoke to Paul Otto, senior associate of Hogan Lovells in Washington, DC.
A Q&A with Jon Neiditz of Kilpatrick Townsend & Stockton LLP
Passed in 2018 and slated to go into effect January 2020, AB 375 or The California Consumer Privacy Act (CCPA) was created to give consumers better ownership and control over their personal data but opens up a world of compliance questions for businesses that sell such data. We spoke with Jon Neiditz, who co-leads the Cybersecurity, Privacy and Data Governance practice at Kilpatrick Townsend and Stockton LLP about the Act and its implications for the future of privacy regulation.