CyberWire Daily

Marshall Heilman, CEO of DTEX Systems, is a cybersecurity expert focused on insider threats. He shares insights on the rise in cybercrime, including a significant Interpol operation that led to thousands of arrests. Heilman discusses the evolving tactics of nation-state actors, including an alarming encounter with a North Korean job applicant at his company. The conversation shifts to the red flags in hiring processes, emphasizing the importance of vetting IT candidates to protect sensitive data in an increasingly remote work landscape.

Debra Danielson shares her inspiring journey from aspiring astronaut to Chief Technology Officer. She discusses the gender shift within tech, revealing how the number of women dwindled as she advanced. Debra emphasizes the importance of taking risks early in one's career, as challenges often lead to growth and opportunity. With a keen focus on fearlessness, her insights resonate especially for women in a male-dominated field. Her story showcases resilience and the significance of embracing challenges in pursuit of success.

Noah Pack, a SANS Internet Storm Center intern, dives into the fascinating world of AWS API keys. He shares the alarming risks associated with accidental leaks and the surprising outcomes of his experiment where keys were intentionally exposed. The discussion covers protective measures like canary tokens and the importance of security tool integration. Noah emphasizes the critical need for identity management and proactive security practices to shield businesses from potential chaos. His real-world insights underscore why every developer should care about credential safety.

Ronald D. Moore, renowned for his work on 'Star Trek' and 'Battlestar Galactica,' joins a captivating discussion about the influence of science fiction on space exploration. He shares how classic shows inspired the emotional connections in the aerospace industry and sparked collective aspirations for a 'Star Trek future.' Moore reflects on the evolving television landscape, addressing the complexities of storytelling amidst changing societal norms. The conversation also touches on the intersection of space exploration and spirituality, pondering humanity's purpose as we reach for the stars.

Lee Parrish, CISO at Newell Brands and author of 'The Shortest Hour,' dives into the significance of cybersecurity governance. He shares practical strategies for managing cyber risks and enhancing security practices. The discussion highlights the critical role of leadership and strategic hiring to fill skill gaps within security teams. Parrish stresses the importance of building strong relationships with stakeholders and navigating SEC regulations around cybersecurity disclosures, making security relationship management essential for effective governance.

Damon Fleury, Chief Product Officer at SpyCloud and expert in digital identity, joins the conversation to tackle the surge in cyber threats during the holiday season. He emphasizes the need for comprehensive digital identity strategies to bolster cyber defense. The discussion highlights new malware delivery methods exploiting gaming engines and the implications of AI-driven scams for consumers. Fleury also sheds light on the evolving tactics of cybercriminals and the importance of adapting cybersecurity education to address modern threats.

Clemence Poirier, a Senior Cyberdefense Researcher at ETH Zurich, dives into the thrilling world of cybersecurity attacks in space. She discusses the alarming rise of threats targeting space systems amid the Ukraine conflict, with a spotlight on the Viasat cyber attack. Poirier also highlights the role of hacktivist groups like CyberVolk and their unique challenges in hacking space networks. Additionally, she addresses the complexities of protecting space cybersecurity and the implications of emerging tech vulnerabilities in this new frontier.

Lesley Carhart, Technical Director at Dragos and expert in OT incident response, dives into the shifting landscape of cybersecurity. She dissects APT28's cunning Wi-Fi attack techniques for advanced espionage. Listeners learn about trends in phishing scams, specifically targeting Apple users. Carhart emphasizes the need for enhanced security measures and effective tool integration, particularly in complex OT environments. With a focus on governance and risk management, she offers insights on how organizations can better prepare for evolving cyber threats.

Caroline Wong, Chief Strategy Officer at Cobalt and author of 'Security Metrics, A Beginner’s Guide', dives into the intricate relationship between AI and cybersecurity. She discusses the challenges and opportunities of writing about these topics, emphasizing ethical considerations and the importance of human oversight in AI applications. Wong also shares insights on the transformative impact of AI in both offensive and defensive cybersecurity strategies, inviting listeners to engage with the evolving landscape of tech and security.

Explore Greg Bell's diverse career journey, from human rights to Hollywood, before returning to his tech roots. He emphasizes the significance of mentorship and the power of open source communities in shaping a fulfilling career. Greg shares insights on navigating changes and finding joy in learning, offering guidance to newcomers in cybersecurity. His mission-driven approach aims to improve the world, making his journey an inspiring tale for anyone looking to make their mark in the tech industry.