Afternoon Cyber Tea Season 4 Recap

From the cyberattacks on our food and fuel supply chains resulting in a presidential executive order, to the ongoing health crisis we face together, events like these highlight the need for organizations to have a holistic response plan that looks beyond security and scale to ensure the state of their core operations and services will not be disrupted by unexpected changes. With more enterprises relying on cloud technology,?developing a?comprehensive?cyber resilience strategy as part of?a holistic?approach?to operational?resilience makes preparing?for a wide range of?contingencies?less?complicated.

This month we wrapped season four of Afternoon Cyber Tea with Ann Johnson and while each episode surfaced perspectives on how our collective approach to cybersecurity ties directly to some of society’s most pressing issues, one of the most salient points heard from every cyber influencer I spoke with was the need greater need for cyber resilience.

Strengthening the global supply chain against cybersecurity threats

Admiral (RET) Michael Rogers, former Head of United States Cyber Command was my guest for a deep dive on the cyberattacks against the US supply chain. He shared his perspective on its frailty and the massive risk of failing to secure it. This was a fascinating discussion about both the growing sophistication of cybercrime, his thoughts around the necessity of public-private partnerships to stop them, and how we must also make people part of the solution saying, “It isn’t just about technology, never forget the human dynamic in all of this,” going further noting “We can’t solve this by just throwing money at the problem. Put it another way, we can have the greatest technology with the highest level of investment but if we don’t have a smart user community that makes smart choices, that’s part of our strategy, it will be undermined everyday by the choices our users are making.”

In my conversation about understanding the race against cybercrime with New York Times cybersecurity reporter Nicole Perlroth, she shares where the industry is most vulnerable, the danger of legacy systems, noting that while “we’re the world’s top cyber super power, but now we’re the most targeted and arguably the most vulnerable because we’re so automated,” along with practical guidance on the investments we need to make that will help us all be more cyber resilient.

Even as examine today's cyberattacks through an ancient lens, my guest Genevieve Liveley, Professor of Classics, RISCS Fellow, and Turing Fellow at the University of Bristol connected the dots between her research in the field of narratology, what ancient Greece teaches us about AI today ,and the potential threat of AI-assisted cyberattacks and the human spirit as it relates to the power of resiliency.

Ransomware and the strength of diversity

The cybersecurity industry has long recognized that the greater diversity of data, the better the threat intelligence, and AI and Machine Learning outcomes. We must apply this same principle to our cyberteams.

In my conversation with Titania Group co-founder Nicola Whiting about the rise of ransomware, Nicola shares the cyber advantage of diversity and inclusion in the workplace and how differences in thought, background, and ability can be the best defense against cybercrime. By overcoming our biases, we can build better cyber defense and a more resilient cybersecurity strategy.

Building on these important points, Dominique West, host and creator of the Security in Color podcast, joins me for a discussion about how industry professionals are changing the industry norms to make cybersecurity more accessible for people who have been historically excluded from the space. I agree with her advice to those looking to start a career in cybersecurity and how we as an industry can help ensure we are seeking cyber professionals outside of traditional channels, in addition to how we can help lower the barriers to entry into cybersecurity though simple things like more inclusive language. “It’s something that I had noticed when I was getting into the field, the different kinds of names that either sound militaristic, or maybe some things that might be offensive” she says about the deterrents that may be keeping people from cyber careers. She goes further to say, “For me, I always think our terminology should evolve just as the industry and our technologies are.”

Fighting the good fight

We know cybercriminal groups are skilled and relentless. They have become adept at evolving their techniques to increase success rates, whether by experimenting with different phishing lures, finding new ways to hide their work, or adjusting the types of attacks they execute. And these tactics include deep fakes.

My colleague Tom Burt, CVP of Customer Security and Trust, joined me for a discussion on Microsoft's work to combat disinformation and why public-private partnerships are key to this effort. Disinformation comes in many forms, and no single technology will solve the challenge of helping people decipher what is true and accurate. Tom shares the new AI and cloud technologies Microsoft has been working on to address different aspects of the problem.

The innovations that lead to new technologies that help fight cybercrime is also critical to help protect our privacy. At Microsoft, we believe that privacy is a fundamental human right. Flynn Adams, co-founder of InteliQore, joins me in our season four final episode to share her personal experience dealing with digital abuse and the technology that is being used to seamlessly integrate a user first, data governance strategy for digital safety management and incident detection, and resolution. It’s an inspiring story, about how technology is being used, to fight the good fight.

The diversity of expertise, experiences, and backgrounds reflected in these episodes is, on a grander scale, helping to shape and improve our collective understanding of cybersecurity. I hope you’ll find useful takeaways from these leaders who are at the fore of securing and strengthening our industry.

Thank you to all who listened to this past season. On October 5, 2021, we will launch a new season of Afternoon Cyber Tea on Cyberwire! Until then, all episodes are available to stream and download on PodcastOne, Spotify, and Apple Podcasts.

To learn more about Microsoft Security solutions visit our website.?Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.