Giving new meaning to the term
“Cable News,” SC Media’s Senior Reporter Bradley Barth invited four cyber experts
on a round-trip cable car ride from the Market Street/Union Square
neighborhood to Phisherman’s – whoops, make that Fisherman’s –
Wharf and back. Here’s what they had to say about the latest security news and
Accenture: Advances in cyber extortion
require change in victim response strategies
Leading off is Justin Harvey,
managing director and lead of the FusionX Global Incident Response practice at
professional services and consulting firm Accenture. Justin addresses how cyber
extortionists’ latest tactics are forcing companies to change their incident
response playbooks. This includes more significantly involving the C-suite and
board, and treating response less as a “seek-and-destroy” technical
mission and more as a business decision.
He also shares some of his own
personal incident response war stories, plus key attack metrics based on his
2019 engagements with customers. For instance, 54 percent of incidents
Accenture attended to this past year were executed via phishing.
Intuit’s Red Team Leader
Unveils New Cybersecurity Industry Trends Report
Surprise reunion! Our next
passenger is Shannon Lietz, leader of the DevSecOps/Red Team at accounting and
tax preparation software company Intuit, maker of TurboTax and QuickBooks.
She and Justin Harvey first met roughly nine years ago when they collaborated
on an incident response following the April 2011 hack of the Sony PlayStation
network. Who knew that our Trolley Talk segment would rekindle an old
Shannon discusses creating the
first-ever Security Practitioners Annual Report, designed to encapsulate the
state of the cyber industry in a style similar to Mary Meeker’s Internet Trends
report. Shannon reviewed 5,000 companies and 300 reports to compile her newly
She also reveals how she has been
able to creatively recruit members of the IntuitRed Team by seeking
candidates outside traditional cyber roles. Her creativity also pays dividends
in the kitchen, where she likes to make unique concoctions like peanut butter
garlic bread and ceviche enchiladas. Unfortunately, she didn’t share her
recipes. Nor she did not help Bradley file his taxes.
DomainTools Survey Anticipates Future Impact of Automation on IT Staffing
By now we’ve already hopped on
our second trolley, this one heading back to our original starting point.
Our third rider is Tarik Saleh, senior security engineer and malware researcher
at DomainTools, a DNS threat intelligence company.
DomainTools and Ponemon Institute
recently collaborated on a survey designed to
assess the perceived impact of automation on IT staffing in the U.S. and UK.
Tarik shares various insights on the study, in which 76 percent of respondents
said their organizations use or plan to use automation – in some cases to help
compensate for lack of available cyber talent and to better allocate and
optimize what staff they do have.
Tarik also explains why an
episode of “NCIS” (he said “CSI,” but he clearly meant this) may feature the dumbest depiction of
hacking ever on television.
Palo Alto Networks: Developers
Failing to Secure Infrastructure-as-Code Templates
Accompanying us down the home
stretch is Jen Miller-Osborne, deputy director of threat intelligence with Palo
Alto Networks’ Unit 42 team. Jen tackles her company’s 2019 Cloud Security
Report, which warns that developers are failing to scan Infrastructure-as-Code
(IAC) templates for security issues whenever they are created or updated. She
details what kind of vulnerabilities result from such IAC oversights and how
attackers are taking advantage.
Jen also catches us up on some
recent Unit 42 research on the North Korea-linked KONNI Group and the
cryptojacking worm Graboid. Finally, she reveals the origin behind Unit42’s
unusual naming of the malware known as BabyShark (doo-doo-doo-doo-doo-doo!).