CyberWire Daily - DPRK's Kimsuki spearphishes. A standards strategy for AI. Ransomware Task Force retrospective. KillNet's new menu. Ex Uber CSO sentenced for data breach cover-up.

Episode Date: May 5, 2023

Kimsuki has a new reconnaissance tool. The Biden administration shares plans for AI. Reports on the ransomware taskforce report. KillNet recommits to turning a profit. Deepen Desai from Zscaler has th...e latest stats on Phishing. Our guest is Karen Worstell from VMware with a conversation about inclusivity. And the former CSO at Uber is sentenced. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/87 Selected reading. Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign (SentinelOne) Ransomware Task Force Gaining Ground - May 2023 Progress Report (Ransomware Task Force) Influential task force takes stock of progress against ransomware (Washington Post) For Money and Attention: Killnet Apparently Reorganizes Again (Flashpoint) Killnet Ostracizes Leader of Anonymous Russia, Adding New Chapter to Pro-Kremlin Hacktivist Drama (Flashpoint) Former Uber CSO Joe Sullivan Avoids Prison Time Over Data Breach Cover-Up (Security Week) Former Uber security chief Sullivan avoids prison in data breach case (Washington Post) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions. This coffee is so good. How do they make it so rich and tasty? Those paintings we saw today weren't prints. They were the actual paintings. I have never seen tomatoes like this. How are they so red? With flight deals starting at just $589, it's time for you to see what Europe has to offer.
Starting point is 00:00:31 Don't worry. You can handle it. Visit airtransat.com for details. Conditions apply. AirTransat. Travel moves us. Hey, everybody. Dave here.
Starting point is 00:00:44 Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me. I have to say, Delete.me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data privacy is protected. Delete.me's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Delete.me.
Starting point is 00:01:22 Now at a special discount for our listeners. private by signing up for Delete Me. Now at a special discount for our listeners, today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code n2k at checkout. That's joindeleteme.com slash N2K, code N2K. Kim Suu Kyi has a new reconnaissance tool. The Biden administration shares plans for AI. Reports on the ransomware task force report. Killnet recommits to turning a profit.
Starting point is 00:02:12 Deepen Desai from Zscaler has the latest stats on phishing. Our guest is Karen Worstel from VMware with a conversation about inclusivity. And the former CSO at Uber is sentenced. I'm Dave Bittner with your CyberWire Intel briefing for Friday, May 5th, 2023. Sentinel Labs reports that Kim Sook-hee, a North Korean state-sponsored cyber espionage activity, has incorporated a new reconnaissance tool into its repertoire. Recon Shark accompanies specially crafted emails in spear phishing attacks. The group crafts spear phishing emails tailored to the individual target by using real names and especially information directly pertinent to the target's work to lure the prospect into downloading a malicious file.
Starting point is 00:03:23 Recently, the group has been favoring password protected Microsoft OneDrive documents. The U.S. administration yesterday released a summary of measures it intends to take to regulate the development of artificial intelligence technology, fostering the benefits it brings while at the same time mitigating the technology's risks. A White House fact sheet stressed the evolutionary nature of the strategy and took care to point out earlier policies and actions that prepared the way for the present approach to AI. Three aspects of the strategy were described at moderate length.
Starting point is 00:03:58 New investments to power responsible American AI research and development, public assessment of existing generative AI systems, and policies to ensure the U.S. government is leading by example on mitigating AI risks and harnessing AI opportunities. Members of the Ransomware Task Force, created by the U.S. Government Accountability Office to track ransomware trends and establish protocols to fight the threat, released a progress report and spoke with reporters from the Washington Post
Starting point is 00:04:29 about the distance covered since the office's creation two years ago. When asked what their view was on the progress made in two years, the answers took a familiar GAO form. As a task force member himself notes, we are making progress, but there is always work to be done. Some 92% of the task force's suggestions have been put in place, and they have, at the very least, led to a lull in ransomware's effectiveness in some ways. The Russian hacktivist auxiliary Kilnet continues its ongoing visioning exercise.
Starting point is 00:05:05 Flashpoint reports that the group has remained committed to turning a profit. Flashpoint also argues that this isn't really new. Flashpoint highlights the fact that Killnet has remained a financially motivated gang, despite its Russian government affiliation. The researchers write that the group has used the media exposure provided by an eager Russian pro-Kremlin media ecosystem to promote its DDoS-for-hire services. Killnet has partnered with several botnet providers, as well as the Dianon Club, a partner threat group to target narcotics-focused darknet markets. markets. Killnet hasn't shown any particular growth in terms of sophistication or effectiveness, and this reliance on ho-hum commodity tools has attracted the ridicule of other players in the cyber underworld. Killmilk, the gang's leader, continues to see mockery on what the researchers
Starting point is 00:05:59 describe as top-tier Russian forums. Joe Sullivan, former security chief at ride-sharing company Uber, has been sentenced to three years of probation for his involvement in the cover-up of a 2016 data breach. As Security Week explains, Sullivan was accused of obstructing the U.S. Federal Trade Commission's investigation into a data breach Uber experienced in 2014. It was while that incident was being investigated in 2016 that Sullivan decided not to disclose a newer breach that was even larger than the first. In this second incident, the data of over 50 million Uber users and drivers were stolen, and the hackers extorted the company, receiving $100,000 through Uber's bug bounty program. Sullivan allegedly instructed the attackers to sign non-disclosure agreements
Starting point is 00:06:53 to keep silent about the stolen data. It wasn't until a year later, when the company brought on a new CEO, that Sullivan's actions were discovered. As the Washington Post reports, Sullivan became the first corporate executive to be convicted of crimes related to a data breach carried out by external hackers when he was found guilty of obstruction of justice and hiding a felony. While prosecutors pushed for Sullivan to be sent to prison for 15 months, U.S. District Judge William Orrick decided on just probation and community service, noting Sullivan's past record for protecting individuals from previous breaches and the actions he took to prevent
Starting point is 00:07:34 the stolen data from being released. The landmark case drew attention from industry experts, and the Cybersecurity and Infrastructure Security Agency's former chief of staff, Kirsten Tott, warned the judge that his verdict could make it impossible to recruit smart people into the roles of CISOs and CSOs if imprisonment is on the table and will set the industry back. However, Orrick responded that Sullivan's attempts to deceive the federal government could not go unpunished. Before sentencing, Sullivan spoke before the judge, stating, that Sullivan's attempts to deceive the federal government could not go unpunished.
Starting point is 00:08:08 Before sentencing, Sullivan spoke before the judge, stating, I was a bad role model. We're there to be the champion of the customer, and I failed in this case. And finally, our Cyber Wire associate producer Liz Ervin was with us for the first time at the RSA conference this year,
Starting point is 00:08:23 and she shared her mic with conference goers walking the show floor. She files this report. We're here in the beautiful San Francisco at the RSA conference for 2023. My name is Liz Ervin, and this is my woman on the street, walk and talk with cyber professionals around the world. So, do you feel like RSA is fully back since you've been here before, since COVID has happened? Do you feel like it's fully back in the swing of everything? I would say I think after the pandemic, people have come back stronger. And it's a big community of individuals who now recognize the risks of being online and the risks that the pandemic brings.
Starting point is 00:09:01 So I feel like now it's a more energized, empowered community and everybody feels like a little bit more like loving the fact that we're being together. I feel like the recognition that this is so special is definitely here now that we've been through COVID. So I think like, especially for the main floor, before COVID, there was a lot of people on microphones and very loud sessions. and it was very disruptive.
Starting point is 00:09:28 It was very hard to concentrate. People were fighting for attention. Now it's a lot more like everyone's in the same mindset. Everyone's respectful to each other's space, and everyone's messaging because we're all here for a good time, as well as cybersecurity. So what does it feel like to be walking on the showroom floor? I mean, typically this is a male dominated field and you see a lot of men on the showroom floor. How does it feel to be here kind of representing women as a whole and seeing more women in general just on the floor this year? I feel like it is a good thing. I feel very honored to be a woman and working in IT and doing networking because you don't really see that. So I feel like representing women and being able to do that is empowering.
Starting point is 00:10:10 Yeah, no, it feels super powerful to, I think, especially walk in with a group of super cyber girls and just walk in and, you know, take over the floor and have that confidence and energy that you're bringing to the table. And I think people recognize that too. And they're kind of vibing off of that. And people are inviting us to the table, asking us questions about our experience. And it's so lovely. I think, again, just stronger together. I think it's also just great inspiration.
Starting point is 00:10:36 Like no matter what your background is, like what your position is in the company, I think it's just inspiring overall. And I think if I knew a lot more about cyber security and about computer science when I was younger I definitely would have maybe pursued a career in that like seeing it how fun it is and how like like you know people have so much knowledge like and these are such important things like it builds communities. Seeing so many women is inspiring. And the turnout here is, to put it simply, better than I thought.
Starting point is 00:11:11 Having competed on a team with only girls, but in a really male, military-dominated space for the last year, it's been inspiring, surprising, pleasantly, and exciting to see that we're joining a larger community of women. We went to a Women in Cyber event two days ago in the city. It's great to see that that's getting more of a stronghold. And now we're able to kind of build networks and mentorships and see ourselves in the space in a way that we haven't really before. That's Liz Irvin, our N2K Networks Associate Producer, reporting from the show floor of last week's RSA conference in San Francisco. Coming up after the break, Deepen Desai from Zscaler has the latest stats on phishing. Our guest is Karen Warstel from VMware with a conversation about inclusivity. Stay with us.
Starting point is 00:12:19 Do you know the status of your compliance controls right now? Like, right now. We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks. But get this. More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks,
Starting point is 00:12:45 like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off. And now, a message from Black Cloak. Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Starting point is 00:13:35 Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives. Because when executives are compromised at home, your company is at risk. Thank you. Not long ago, I had the pleasure of interviewing Karen Worstel for our Career Notes podcast. And when I discovered she'd be at the RSA conference, I jumped at the chance to speak with her in person. Karen Worstel is a senior cybersecurity strategist at VMware. And our conversation centers on the notion of inclusiveness in cybersecurity. Well, I was just at an event with WSIS last night, so it was fantastic to see. I mean, it was a packed out crowd, and there were a lot of women and allies in the room. So that's a new thing over the years at RSA. So I think there's progress.
Starting point is 00:14:50 Definitely there's progress. It's a conversation now that is happening that people I think expect to see happening. So that's a shift. Something that hasn't shifted so much, if I look at who is running the companies and who's on the top level at the executive level in the organization, that's not changed that much. You know, it's for sure male-dominated, not so much always white male-dominated, but still, when I say that, I'm not trying to say that that's necessarily a bad thing.
Starting point is 00:15:28 We have very good people leading organizations. It's an indicator that in the world of inclusion, there are still barriers to women showing up at that top level. still barriers to women showing up at that top level. So I think there's work to be done, not to say that it's a bad thing that we see men leading these organizations at all. What do you think some of the specific barriers are right now? Wow, I wish I knew the answer to that, you know, totally. But I think there are still, as human beings, it's a human being thing. We like to hang out with people that are like us.
Starting point is 00:16:26 Things are easier to get done quickly when everyone in the room thinks the same, talks the same, has the same background, uses the same jargon. So there's a huge human tendency to kind of stay there. That's the fast thinking. Right. That's our fast thinking brain. It's like a comfort zone thing too, right? It's a comfort zone. And I think we value speed. We really value speed, and speed sometimes comes at the expense of inclusion. Trying to slow down enough to truly understand another person who doesn't necessarily have the same background as you or talk like you, think like you, it takes more time. We're not always really willing to do that. And I think the culture, and I'll just say in general, the startup culture, the Silicon Valley culture, it values speed. It values profit. Well,
Starting point is 00:17:17 at least it values innovation, hopefully leading to profit. And so that I think tends to foster an environment where if you're not one of us, if you're not able to fit in, if you're not able to kind of like get up to speed and be a member of this team and included in this group without a lot of effort, then you're going to be passed over in favor of somebody who will. And I think that's part of the challenge that we're all facing. It's like, can we slow down enough to hear everybody? And I think inclusion is not just a gendered thing, right? And it's not just a race thing. For example, the place where this would really be helpful is for all of the really quiet, introvert people who are very thoughtful about what they say. And want to think everything through before they raise their hand to speak up.
Starting point is 00:18:18 But by then the meeting is over and they've never been heard. over and they've never been heard because unless we recognize that we have that kind of difference in the room and we can stop and say i haven't heard much from you yet and i'd really like to do you know are you ready to have something that or do you want to share what you've got on your mind and and and help to pull that out and help to make the rest of the room recognize that we need to make that happen. So inclusion is a lot of things, you know, neurodiversity, you know, people's preferences for speaking up. I interviewed somebody on my podcast a while back who was very much an introvert, and she expressed how horrifying it is to have an extrovert in the room who just talks out loud while they're thinking, you know, to literally be thinking out loud. Yes.
Starting point is 00:19:10 Right. It's like the most horrifying thing to them. And they're like, how can you be doing that? And I'm like, oh, that's me. That's interesting. So I try to think about that, you know, like who else is in the room and is going to feel like they can't say anything because I can't stop talking. Is it a bit of a feedback loop as well? Because I imagine the extroverts attract attention. And so when it's time to do promotions, there's a natural tendency to gravitate towards those people, move them to the top of the
Starting point is 00:19:46 list. Right. Well, we value contribution, right? We value ideas and we value that energy. And an introvert in the room is quietly listening to everything everybody's saying and synthesizing what they want to say. And like I said, the meeting can be over by the time they're ready to speak up. So they don't get the credit for what they can bring to the table. And I think we have to be careful about that. So yeah, there's, I mean, inclusion is, I think if we focused on trying to be intentional about inclusion, we would see all of these unintended, unexpected benefit. And the reason I say that is a while back,
Starting point is 00:20:30 Intel had a program where they decided that they were going to make the internal demographics of Intel match the demographics of the population that they served. So there was a big, you know, there was a big program there to try to make this happen over a period of time. They actually got done early. They met their goal. And one of the outcomes of that, which was a big surprise, was that the people who were part of that dominant culture, I like to use the word dominant culture instead of white men,
Starting point is 00:21:06 but the people who were the dominant culture had the experience that for the first time in their career, they were being heard too. So it's not like we have to just focus on the identity groups. It's not that. It's that we need to slow down and learn to listen to everybody. Am I making assumptions about what you're saying because I have a certain schedule that goes in my brain and I don't have the time to slow down and listen to you? And that's the thing that I think
Starting point is 00:21:47 we would all gain from. And if we could actually do that, wow, the workplace would transform. I mean, is that the lesson for leaders to have some intentionality of, I don't know, modeling that kind of behavior? Definitely. I mean, yeah. And I think some leaders are already really good at it. I've certainly had some of them in my career. And I noticed it. I'll never forget one person.
Starting point is 00:22:14 He was the head of research and technology at the Boeing company. I was just like an analyst. And I was working away in my office, and he stopped. I'll never forget this. He stopped in my room, in my office, and he said, I have a question. Do you have a moment to talk to me? And I could tell in that conversation that he was 100% present, listening to what I said. He was not running through.
Starting point is 00:22:48 He ran seven businesses, right? He wasn't doing all the other things in his head while he was in the room with me. He was truly listening to me. That was a transformative experience for me as I'm sitting there thinking, he's actually listening to me? Like, what? And I was like, he's actually listening to me? Like, what? And I was like, that's an amazing feeling.
Starting point is 00:23:09 And I want to try to do that for other people. And I have to say that I'm not always really successful, but I'm conscious of not being successful at it when I'm not. And to sit down and say, this is a gift to be 100% fully present with another person and giving them your full attention and hearing them. There's another exercise that I do. So one of the things that I learned when I was in my chaplaincy training is I became a Soul Collage, a certified Soul Collage facilitator.
Starting point is 00:23:51 And without getting into all the details about it, you can always look it up at soulcollage.com. But the experience that people have when they do this, they create an image. It's a very simple process. And it essentially is a reflection of something that they have a difficulty giving voice to. And when they're done with creating this image, they're with another person, and they put the image, they hold the card, and they say,
Starting point is 00:24:16 I am one who. And then they complete the sentence, and it's sort of a stream of consciousness thing. The other person's job is to write down word for word everything they say as they're saying it. And the purpose of that is when it's done, the person reads back verbatim, word for word, what was spoken to the person who spoke it. And what I learned in doing that, facilitating that that process was almost no one has the experience in real life of having someone repeat back to them exactly what they said they get repeated back to them what I think you said or what I believe you're really trying to say, or, you know, some paraphrase of that, right?
Starting point is 00:25:05 Right. What I said was, but what you heard was. Exactly. Right? And that's the lost in translation piece. And that's where inclusion, when we talk about inclusion, I think it all boils down to that process that says, actually, I value you in the way that you see the world, in the way that you think about things, in the way that you express them verbally, or in any other expressive mode, right? And I value that enough to try to step into that space and hear that.
Starting point is 00:25:43 That's the fundamental thing. It's not about how many numbers did we make, how much did we achieve, and in terms of demographics. That's an easy measurement, but it misses the point, in my opinion. And I think whenever we have those metrics, metrics always drive behavior. Yeah, well, I'm also thinking about the person who has to report to their board of directors,
Starting point is 00:26:13 who I suspect are probably not so receptive to something that they might consider touchy-feely, fuzzy kind of stuff. The soft skills. Right, what does this have to do with making money? Right. Well, you know, I think that's another, this is just a really personal experience for me, but I realized that there is a profit, you know, Wall Street-driven,
Starting point is 00:26:41 Silicon Valley, VC-driven kind of environment is very head-oriented. Whenever we're talking about numbers, right, figures and numbers and statistics, we are in our heads. When I am needing to hear you, that's a heart-to-heart conversation. And those two things are kind of like oil and water a little bit. And we haven't done a good job of figuring out. I mean, there's a lot of people talking about it now. There's an MBA program that is sponsored by LinkedIn and Sounds True and New York University. is sponsored by LinkedIn and Sounds True and New York University.
Starting point is 00:27:30 And it is focused on trying to merge those two things together. So yes, you can be the balance sheet person. You can be the statistics and the metrics person. You can also be heart-centered at the same time. That's Karen Worstel from VMware. It is always my pleasure to welcome back to the show Deepan Desai. He is the Chief Information Security Officer and Head of Research at Zscaler. Deepan, it's great to see you face-to-face here at RSA. It is great to see you as well, David. Before we dig into our topic at hand here, I just want to get your take on what you've seen so far at the show as you've been walking around.
Starting point is 00:28:20 Have there been any themes or anything that stood out to you? walking around. Have there been any themes or anything that stood out to you? Yeah, the theme of RSA this time is LLM, or you could say chat GPD. Yeah, yeah. There have been some interesting talks. I've been listening to a few new folks as well.
Starting point is 00:28:38 So supply chain security, public cloud security. Right. And then a lot of chatter around LLM and chat GPD, both from how to harness the power of the innovation and then also how to stay secure. Use it in a way that you're not ending up on the wrong side. Yeah, yeah. Well, let's dig into a report that you and your colleagues at Zscaler recently published.
Starting point is 00:29:05 This is digging into phishing here. What were some of the highlights from the report? Yeah, so this is Threat Lab's annual phishing report. We published it last week. And the focus was on all the phishing campaigns, attacks that the team discovered, tracked over 2022. And since we do this every year, we also obviously compare it to what we saw a year ago
Starting point is 00:29:30 and how things have changed, evolved in terms of pure telemetry, in terms of tools, tactics, procedures that the bad guys are using. So there were a lot of interesting findings in this one as well. But at volumetric level, we saw about 47% growth in number of phishing attacks that were targeting modern enterprises. Wow. So the growth continues to be
Starting point is 00:29:54 kind of relentless. Yes. I mean, look, majority of the attacks in this threat landscape are multi-stage attacks. It's not you know, you get an email with malware and it's done. They try to start with phishing, they
Starting point is 00:30:09 fool the end user, use social engineering at times they will use a zero day exploit. They gain persistence then they do the stage two, stage three and the final malware. You mentioned LLMs at the beginning of our conversation,
Starting point is 00:30:25 and I think there's been a lot of speculation that we'd see that contribute to the phishing problem. Are we seeing that yet? Did the report dig into that, or is it still early days? Probably the next one, we'll dig into it a lot more in detail. But there were a couple campaigns that we saw, not necessarily attributed to LLM, but machine learning and automation in general.
Starting point is 00:30:49 The one I'll call out is where they were, and you could even call out deepfake technology being used, right? Where it's a business email compromise campaign where they would call the victim with the voice that is exactly, I mean, it's identical to your CEO or one of your executive staff.
Starting point is 00:31:13 Hey, this is deep in the side and then it just cuts off. And then they follow it up with SMS messages. So it's a combination of smishing and wishing, but they're using your voice, which is generated by automation. I see. And the victim, I mean,
Starting point is 00:31:32 if you would just receive a text message, hey, this is deep in the site, can you wire me or can you do this or do X or Y, you would call me back. You wouldn't believe me. But if I were to call you and leave this message or talk to you, and then suddenly the call disconnects. And then I'd follow it up a text message.
Starting point is 00:31:52 It becomes more believable. Absolutely. Hey, I'm having trouble with my phone, but I need you to take care of this for me. Exactly. That's what we saw in business email compromise case. And then the other concerning trend That's what we saw in business email compromise case. And then the other concerning trend was adversity in the middle attacks.
Starting point is 00:32:10 In fact, I have a talk tomorrow morning at RSA where I'll be presenting on all the attacks. Different ways in which they're bypassing MFA, conventional MFA. Back in the day, we would always say, hey, user password is not enough, you need toing MFA, conventional MFA. So back in the day, we would always say, hey, user password is not enough, you need to have MFA. Last year, or maybe last couple of years, we've been hearing SMS-based MFA, a big no-no.
Starting point is 00:32:35 Now what we're seeing is even the app-based MFA, where you have an app like Google Authenticator running on your cell phone. That's not enough, because these guys are able to evade that as well because they will literally man in the middle you, gain the OAuth token and then establish persistence. And we've seen multiple attacks where this was successfully leveraged by bad guys.
Starting point is 00:33:00 Where do you think we're headed there? Based on the information that you've gathered, what are the trending lines that you're tracking? Yeah, so the trend actually started last year itself. In our report, we called out fishing as a service on the rise. And there is a combination of open source, there's something called open fish. There are multiple fishing kits.
Starting point is 00:33:24 Some of them are open source, there's something called OpenFish. There are multiple phishing kits. Some of them are open source, some of them are being modded and managed by the bad guys. In fact, my team actually took one of the open source kit. We spent just an hour on that. We were able to bypass all the security mechanisms that majority of these cloud providers have. When I say cloud providers, I'm talking about likes of For Sure, AWS,
Starting point is 00:33:46 where you host those phishing pages so they're not able to detect it. They're not able to detect the infrastructure that the skits allow a cyber criminal to launch these phishing campaigns at scale. So again, coming back to your question, the direction in which this is headed is more and more automation.
Starting point is 00:34:06 There will be usage of LLM, whether we like it or not. It's able to write beautiful poems, paragraphs. You could ask it to write in a different language. So now you could have localized phishing campaigns as well where it's written perfectly. There are no mistakes.
Starting point is 00:34:26 So that's another thing that we will have to keep an eye out for in terms of defending. And then finally, the major trend, why these attacks lead to an org-wide breach, it again comes back to having a flat network problem. Many of the companies are in their zero-trust transformation journey, but they are at different stages.
Starting point is 00:34:53 So the question that I would encourage all of you guys to always ask when you're planning your security strategy is, if my laptop, or if one of my end users' laptop were to get compromised, what is my blast radius? What all things can the bad guy get to
Starting point is 00:35:08 using that compromised asset? And if the answer is all the other machines, all the applications, then that's not a zero-trust implementation. You have some work to do. Absolutely. All right. Well, always a pleasure.
Starting point is 00:35:22 Deepan Desai, thank you so much for joining us. Thank you. Cyber threats are evolving every second, and staying ahead is more than just a challenge. It's a necessity. That's why we're thrilled to partner with ThreatL are evolving every second, and staying ahead is more than just a challenge. It's a necessity. That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control,
Starting point is 00:35:56 stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default deny approach can keep your company safe and compliant. And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing at thecyberwire.com. We'd love to know what you think of this podcast. You can email us at cyberwire at n2k.com. Your feedback helps us ensure we're delivering the information and insights that help keep you a step ahead in the rapidly changing world of cybersecurity.
Starting point is 00:36:48 We're privileged that N2K and podcasts like the Cyber Wire are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector, as well as the critical security teams supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies. Thank you. Be sure to check out this weekend's Research Saturday and my conversation with Ryan Robinson from Inteser to discuss his team's work on fishing campaigns targeting Chinese nuclear energy industries. That's Research Saturday. Do check it out. This episode was produced by Liz Ervin and senior producer Jennifer Iben. Our mixer is Trey Hester with original music by Elliot Peltzman. The show was written by John Petrick. Our executive editor is Peter Kilby and I'm Dave Bittner. Thanks for listening. We'll see you back here next week. Thank you. in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Starting point is 00:38:26 Secure AI agents connect, prepare, and automate your data workflows, helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role. Data is hard. Domo is easy. Learn more at ai.domo.com

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.