Microsoft Threat Intelligence Podcast

Andrew Morris and Lauren Proehl on Infosec

May 22, 2024

Andrew Morris from GreyNoise and Lauren Proehl from Marsh McLennan discuss banning ransomware payments, backup strategies, basic security measures, and investing in cyber defense. They explore challenges faced by CISOs, potential for ransomware attacks on physical infrastructure, and evolving tactics like double or triple extortion. The conversation touches on the effectiveness of law enforcement in combating ransomware and where organizations can invest to enhance cybersecurity.

43:07

Creator website

Episode guests

Andrew Morris

Lauren Proehl

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The importance of investing in basic security measures like endpoint detection and response, multi-factor authentication, and log storage.

The potential rise in ransomware attacks targeting physical infrastructure systems and the debate on banning ransomware payments.

Deep dives

Ransomware Predictions for the Future

Experts predict a rise in ransomware attacks where traditional payments might not matter, potentially leading to more disruptive tactics like targeting physical infrastructure systems. The possibility of reverse ransomware schemes and increased attacks on embedded systems are also foreseen.

Introduction

3min

Future Predictions and Complexities of Ransomware Attacks

8min

The Role and Challenges of a CISO in Information Security

21min

Insights on Cybersecurity Landscape and Persistent Attack Tactics

2min

Deception, Reverse Social Engineering, and Cybersecurity Events

2min

Excitement about Security Conferences and Vendor Perspectives

2min

Emphasizing Stability and Simplicity in the Security Industry

3min

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Andrew Morris, Founder & Chief Architect at GreyNoise and Lauren Proehl, Director of Global Cyber Defense at Marsh McLennan. Lauren Proehl is an experienced cybersecurity leader who has helped defend against threat actors in Fortune 500 networks and has managed multiple divisions focused in defensive security and specializes in innovative cyber defense. GreyNoise operates a huge sensor network across the internet that collects primary sourced data on which vulnerabilities attackers are exploiting, when they start, and from where. Sherrod, Lauren, and Andrew discuss the effectiveness of banning ransomware payments, the importance of focusing on backup and disaster recovery strategies, the necessity of investing in basic security measures like endpoint detection and response, multi-factor authentication, and log storage.

In this episode you’ll learn:

The potential for ransomware attacks on physical infrastructure
Why most are hesitant to become a CISO and the expectations that come with the role
Challenges when try to balance technical expertise with leadership skills

Some questions we ask:

Can government or law enforcement agencies evolve in combating ransomware?
Where do you believe organizations can invest to improve their cybersecurity?
How do you expect ransomware to change with tactics like double or triple extortion?