Future of Threat Intelligence

In this week's episode of the Future of Cyber Risk podcast, David speaks to Alexander Seger, Head of Cybercrime Division at the Council of Europe. They discuss how the Council of Europe is building capacity worldwide around cybercrime awareness, legislation, and enforcement, and how they're doing that through increased training. They also talk about new provisions making cybercrime prosecution easier, the nuances of the Budapest Convention, and advice learned from a career in cybercrime.
 
Topics discussed:
How the Council of Europe is building capacity around cybercrime awareness, laws, and training across the globe.
What Alexander's month looks like, including consulting in various countries, organizing conferences, and implementing the Budapest Convention.
The actions the Council of Europe takes to train experts and provide them opportunities to learn from each other.
How new provisions, like video conferencing for expert witnesses, are making cybercrime prosecution easier.
The implications of the Russian Federation's treaty adjustment requests around governmental control of cyber spaces.
The challenges of prosecuting hate speech and fake news online across various global jurisdictions.
Three lessons learned from a career combating cybercrime.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Joshua Scott, Head of Information Security & IT at Postman. They discuss the importance of security as more companies use APIs, and how better security improves reputation and trust with customers. They also talk about how practitioners can communicate more simply when dealing with other teams, why inventory is the biggest challenge to API security today, and the role of AI in the future of cyber risk.
 
Topics discussed:
Why security has become a priority as APIs become more of a critical component for businesses.
Why increasing their empathy and focusing on simplicity will help practitioners improve their approach to security.
The key skills a security practitioner should possess, including passion and the ability to automate.
How Postman raises security awareness internally to maintain their security posture organization-wide.
The biggest challenges to API security today, like knowing your inventory and managing credentials.
The role AI will play in the future of cyber risk management.
Advice on how to be a partner and enabler of business growth in your organization.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Craig Jones, Director of Cybercrime at INTERPOL. They discuss the mission and purpose of INTERPOL to reduce cybercrime worldwide, and how they go about doing that on a daily basis through data aggregation, creating frameworks, and sharing intel with nations and locales worldwide. They also discuss the hurdles of varied cybercrime legislation, how criminals may use AI to exploit, and advice for law enforcement and policy makers on how to better combat cybercrime.
 
Topics discussed:
The role that INTERPOL plays in stopping global cybercrime, and how they do that on an operational level each day.
The misconceptions individuals may have around what INTERPOL does, and how they focus heavily on aggregating data sets and sharing information with local governments and law enforcement around the world.
The models and frameworks they've put in place to create a unified global approach to combating cybercrime.
Why cybercrime legislation is different in various countries and how sometimes borders can be a constraint to effective security.
The role of AI in global cybercrime, and how criminals will use it to present themselves as more authentic and realistic.
Advice for law enforcement and policy makers on how to create more opportunities for information sharing and cybercrime prevention.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Bob Carver, Principal Cybersecurity Threat Intelligence and Analytics at Verizon. They discuss the importance of looking for subtle issues no one else may see, why security practitioners should gain more awareness in network and sysadmin activities, and how to build a culture of security. They also talk about how to train staff about phishing and social engineering, what the future of cyber will look like, and advice for improving risk management programs.
 
Topics discussed:
What a day-in-the-life looks like, starting with scanning packet captures for anomalous activity and looking for risk no one else sees.
Why more security practitioners should increase their knowledge of network and sysadmin activity for a more well-rounded approach to security.
What types of training leaders can take to increase their staff's security awareness, including phishing and responsible downloading.
What the future of cybersecurity will look like, including more AI and ML influence in risk assessments, more automation, and fewer silos.
How to write more secure code, and how LLMs will help.
Advice for security leaders for a better risk management program, including proper visibility and context, and building a culture of security.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Evan Blicker, Sr. Cyber Threat Investigator - Dark Web Lead at LinkedIn. They discuss what the dark web is, what you can find there, and the biggest misconceptions about the dark web — like why it should be viewed more as a community of people rather than a dangerous arena. They also talk about how to get started with dark web investigations securely, why the biggest challenge is communicating about dark web threats, and what the future of the dark web will look like.
 
Topics discussed:
A day-in-the-life of a cyber threat investigator which includes building out the dark web vision for LinkedIn, that involves knowing what's out there and finding leads.
The biggest misconceptions about the dark web, what you typically find there, and why it should be viewed more as a community of individuals who want to interact through private means.
The skills security practitioners will need in order to be successful with dark web investigations.
Why being able to communicate the threat found on the dark web is the biggest challenge for security practitioners.
What the future of the dark web will look like and why there's going to be a "Great Migration" off of Tor.
Advice for where to begin with dark web investigations, including how to access the dark web securely.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Miranda Bruce, Postdoctoral Fellow at the University of Oxford, and Steve Santorelli, Chief of Staff at Team Cymru, about the RISE and Underground Economy conferences. A RISE scholarship recipient, Miranda talks about her experience attending the Underground Economy conference, the value of meeting individuals in the industry, and how it helped further her research. Together, they discuss the benefits the conference provides for the security community, and why organizations should consider sponsoring the conference to increase security knowledge and practice worldwide.
Topics discussed:
What the RISE and Underground Economy conferences are and how they were created to bridge the gap between law enforcement and industry.
How Team Cymru hand-picks the conference audiences to be a mix of security and cybercrime specialists from different industries, ensuring that law enforcement plays a major role. 
Miranda's experience in receiving a RISE scholarship, and her story about attending the Underground Economy conference.
Miranda’s advice for RISE or UE attendees on which sessions to go to (all of them!), how it can expose attendees to new ideas, and the importance of connecting and networking between sessions or at social events.
The vision for the future of RISE and UE, and where in the world the conferences will be held next.
Why organizations should sponsor individuals to go to the conferences, and how they'll create value through face-to-face interactions and knowledge acquisition.
How RISE and UE expose attendees to new ideas, and how Miranda was able to further her research by meeting and interviewing security professionals.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Carolyn Kissane, Associate Dean of the MS in Global Affairs and MS in Global Security, Conflict, and Cyber Crime at the NYU Center for Global Affairs. They discuss how the Center for Global Affairs prepares students for how cyber security will play a bigger role in geopolitics, energy resource management, and global conflict. They also talk about the rise of cyber attacks being used by governments against other nations, how to anticipate a future where AI and robotics contribute to warfare, and what practitioners can do today to increase their cyber risk awareness.
Topics discussed:
What a day-in-the-life of an associate dean is like in a Center that helps students understand geopolitics and energy security, and prepares them for the future of global affairs.
Why governments around the world today are quick to respond with cyber attacks that can significantly impact energy resources, and how it's become part of global warfare.
What practitioners get wrong about the interaction of cyber security and global affairs, and why they need to be prepared for a variety of attacks, big and small.
An overview of the MS in Global Affairs and MS in Global Security, Conflict, and Cyber Crime programs, including what courses students can take and the faculty’s expertise.
How emerging technologies like AI and robotics will impact global warfare in the near future.
Advice for practitioners on how to become more prepared for the future of cyber risk.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Assaf Kipnis, Owner and Head Consultant/Advisor at ASK Integrity Solutions, which conducts adversarial network analysis, risk assessment, and counter-threat intel. They discuss the day-to-day activities of threat intelligence and hunting down adversaries, what adversary accounts typically look like on social media, and how digging deeper into those accounts can reveal connections leading to large-scale takedowns. They also discuss common scams prevalent today, how everyday people can keep themselves safe online, and what organizations can do to improve their threat intelligence.
Topics discussed:
The day-to-day efforts and expectations around threat hunting, and why once you find an adversary you should monitor them to learn from them.
How to dig deeper into adversary accounts to connect the dots and take down networks at scale.
What fake accounts typically look like on social media sites, and the scams they're typically perpetuating.
The types of scams big organizations are performing, including one called "pig butchering," and why it's not just a certain segment of the population that falls for these.
What everyday people can look out for to keep themselves safe online, including not taking financial advice from someone they don't know.
Advice for organizations on how to perform better threat intelligence, including why you should reassess your metrics and goals.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Dr. Eugene H. Spafford, Professor of Computer Sciences at Purdue University, Dr. Leigh Metcalf, Senior Network Security Research Analyst at CERT, and Dr. Josiah Dykstra, Technical Director, Critical Networks & Systems at NSA, authors of the book Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us. They discuss the various myths and misconceptions that can hamper security, how to mitigate bias during incident response, and how to use critical thinking to avoid assumptions around threat intelligence.
Topics discussed:
The processes, approaches, or methodologies cybersecurity professionals can use to identify misconceptions or myths, including education and critical thinking.
How myths perpetuate on cybersecurity, especially when there's no "precise definition of what cybersecurity is."
How to mitigate bias through planning and practice, especially during incident response.
How to avoid misconceptions about threat intelligence by not making assumptions about data and instead using critical thinking and context.
Why academic programs for cybersecurity need a wider array of educational opportunities to train different roles.
Advice for security practitioners that include to be an enabler of safety, to never stop learning, and to embrace differences and ambiguity.
 

In this week's episode of the Future of Cyber Risk podcast, David speaks to Andy Piazza, Global Head of Threat Intelligence at IBM X-Force, a threat intelligence sharing platform. They discuss the day-to-day responsibilities of IBM's threat intelligence team in creating strategy and overseeing threat collection, the ways in which threat actors are leveraging ransomware today, and why businesses should lean into their security vendors to help them stay protected. They also discuss the best skills for security practitioners, overcoming visibility challenges, and clear and concise communication is key.
Topics discussed:
What a day in the life of the head of threat intelligence is like, and how Andy works to drive strategy, support clients, and inform threat collection teams.
Why the biggest thing businesses get wrong is treating security as a separate department, and why securing data is a basic requirement, not a separate cost center.
How threat actors work today, why they're focused on "double extortion," and why we need to think differently about ransomware.  
Why businesses should rely more on their security vendor's capabilities instead of trying to build it themselves.
How to overcome the challenges that will arise as security teams gain more visibility into OT devices.
Advice to security practitioners, including the need for more concise communication and why it's crucial to understand your team's processes.