Andrew Morris and Lauren Proehl on Infosec

May 22, 2024

Andrew Morris from GreyNoise and Lauren Proehl from Marsh McLennan discuss banning ransomware payments, backup strategies, basic security measures, and investing in cyber defense. They explore challenges faced by CISOs, potential for ransomware attacks on physical infrastructure, and evolving tactics like double or triple extortion. The conversation touches on the effectiveness of law enforcement in combating ransomware and where organizations can invest to enhance cybersecurity.

Ask episode

Chapters

Transcript

Episode notes

Introduction

00:00 • 3min

Future Predictions and Complexities of Ransomware Attacks

03:06 • 8min

The Role and Challenges of a CISO in Information Security

10:37 • 21min

Insights on Cybersecurity Landscape and Persistent Attack Tactics

31:29 • 2min

Deception, Reverse Social Engineering, and Cybersecurity Events

33:41 • 2min

Excitement about Security Conferences and Vendor Perspectives

36:00 • 2min

Emphasizing Stability and Simplicity in the Security Industry

38:22 • 3min

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Andrew Morris, Founder & Chief Architect at GreyNoise and Lauren Proehl, Director of Global Cyber Defense at Marsh McLennan. Lauren Proehl is an experienced cybersecurity leader who has helped defend against threat actors in Fortune 500 networks and has managed multiple divisions focused in defensive security and specializes in innovative cyber defense. GreyNoise operates a huge sensor network across the internet that collects primary sourced data on which vulnerabilities attackers are exploiting, when they start, and from where. Sherrod, Lauren, and Andrew discuss the effectiveness of banning ransomware payments, the importance of focusing on backup and disaster recovery strategies, the necessity of investing in basic security measures like endpoint detection and response, multi-factor authentication, and log storage.

In this episode you’ll learn:

The potential for ransomware attacks on physical infrastructure
Why most are hesitant to become a CISO and the expectations that come with the role
Challenges when try to balance technical expertise with leadership skills

Some questions we ask:

Can government or law enforcement agencies evolve in combating ransomware?
Where do you believe organizations can invest to improve their cybersecurity?
How do you expect ransomware to change with tactics like double or triple extortion?

Resources:

View Lauren Proehl on LinkedIn

View Andrew Morris on LinkedIn

View Sherrod DeGrippo on LinkedIn

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Get the latest threat intelligence insights and guidance at Microsoft Security Insider

The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.