Cybersecurity After Dark | Episode 2
In the second episode of Cybersecurity After Dark, Sean McDermott, CEO of Windward Consulting Group, and Dan Williams, Cybersecurity Strategist at RedMonocle, discuss the threat landscape and what it means for cybersecurity leadership teams.
Topics covered in this episode include:
- The SolarWinds hackers strike again! iOS vulnerability allows hackers to target Western European leaders
- What it takes to be a transformational CISO and create change
Let’s take a deeper dive into the article topics and the takeaways from Dan and Sean.
Topic 1: iOS impervious to attacks? Hackers say “nay!”
Recently, threat actors used a Safari zero-day flaw to send malicious links to government officials in Western Europe via LinkedIn before researchers from Google discovered and reported the vulnerability. Researchers weighed in on how the attackers exploited the vulnerabilities before reporting to the vendors. The Safari WebKit flaw, tracked as CVE-2021-1879, enabled the processing of maliciously crafted web content for universal cross-site scripting and was addressed by Apple in an update later in March 2021.
“From Russia with love…” – how the hackers did it
According to the Wired article, Russian-language threat actors (Nobelium) were exploiting the vulnerability in the wild by using LinkedIn messaging to send malicious links that could collect website-authentication cookies and more. Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones
The campaign mirrored a similar attack on Microsoft in May – The SolarWinds supply chain attack – connected to USAID (the government agency that administers civilian foreign aid and development assistance).
Why are zero-day attacks on the rise?
2021 has seen 33 zero-day flaws so far, which is 11 more than the total number from 2020. Google researchers “believe greater detection and disclosure efforts are also contributing to the upward trend.” Other contributing factors include:
- The increase and maturation of security technologies and features means attackers also have to level up
- The growth of mobile platforms means an increase in the number of products that threat actors want to target
- The maturation of security protections and strategies inspires attackers to get creative
Sean and Dan’s Key Takeaways:
- Apple does a good job of focusing on privacy; Yet, even companies like that are vulnerable and the general public, as well as tech leaders, still don’t get that. This event goes to prove that no system is impervious to a cyber attack
- This Apple “breach” is a wake-up call that we need to pay attention to and funnel funds and resources into securing earlier rather than later.
- While there are more tools available for managing Windows, future software distribution and policy for Macs may change rapidly as hackers continue to target the iOS system. This won’t be the last iOS attack!
Topic 2: What it takes to be a Transformational CISO and drive change 🦸
In this article from Threatpost, Curtis Simpson, CISO at Armis, discusses the evolving role of the CISO and how they are no longer siloed to the security of a company, but part of the business leadership team. The increased interdependence between the physical, digital, and cybersecurity worlds demands a leadership position that combines both the technical know-how and the ability to recognize security priorities from a business perspective. As the digital threat landscape continues to evolve and remote work environments grow commonplace, the chief information security officer (CISO) must evolve as well. But what does it take to be a CISO these days?
Top qualities of a CISO
Cybersecurity is a dynamic field that requires rapid, experiential decision-making, organized thinking, and the ability to strategically communicate to a non-security audience. These qualities are second nature to most CISOs.
Additionally, in order to succeed as a CISO in today’s digital world, here are the top characteristics that all CISOs need to excel:
- Relationship builders
- Servant leadership
Where is the CISO role headed?
Once upon a time, CISOs generally focused on security strategy, but that landscape has expanded so much more beyond the IT infrastructure. Now, the role of the CISO includes threat prevention as well as creating systems that work for business.
In this way, the role is evolving into the “jack of all security and business trades”. And as the digital landscape continues to expand to parts of the business endeavors and goals, the CISO’s depth and breadth of knowledge regarding business, its underlying technology, and core risks will jettison them to be viewed as a peer of the CIO.
Sean and Dan’s Key Takeaways:
- Forrester has been conducting a lot of research on the future of the CISO position. One piece of information from the research is that there are six types of CISOs: transformational, post-breach, tactical-operational, compliance risk, steady-state, and customer-facing evangelists.
- Piggybacking off of the ideas from the article, the CISO really does have to be able to communicate from the top-down throughout the company. When you have a “deputized” workforce that is held accountable for the security of the company, you need someone like a CISO to really translate technical language to non-tech people.
- Speaking the language of the C-suite is imperative for a CISO to communicate the business value and business risks of cybersecurity initiatives.