How Should Security Teams Measure the Risks They Least Control?
In our last Super Cyber Friday, "Hacking Narrative Threats: An hour of critical thinking about measuring the risks you least control," we examined how online conversations can become real-world security threats and what security teams can do to prepare. Our discussion went over ownership of narrative risks, when they shift from PR to risk management, and how generative media has amplified their scale and speed.
Joining us for this conversation were Nick Loui , CEO and co-founder, PeakMetrics , and Jason Elrod , CISO, MultiCare Health System .
HUGE thanks to our sponsor, PeakMetrics
Watch the full video here:
Join us next Friday [03-28-25] for “Hacking Fragmented IAM”
Super Cyber Friday will be back Friday [03-28-25] for our discussion “Hacking Fragmented IAM: An hour of critical thinking of how to simplify the confusion on identity management, governance, and security.” It all starts at 1 PM ET/10 AM PT.
Did you know that we have an events calendar? Visit our events page to subscribe so you can stay up to date on Super Cyber Friday and other CISO Series content.
领英推荐
Best Quotes from our guests
"Most threat actors come from one of three motivations: cash, cause, or chaos. What’s changed is that now they don’t need the skills. They’ve got AI and automation that make it easy to manufacture narrative threats at scale." – Jason Elrod, MultiCare Health Systems
"Narrative threats are no longer just a PR issue. We need to treat them as a security concern and bring PR, legal, and compliance into the same fusion center that manages threat intelligence and incident response." – Jason Elrod, MultiCare Health Systems
"We treat incidents as cyber-only events, but reputational threats should be part of incident response too. We need to move beyond ‘cyber threat intelligence’ and think about threat intelligence, period." – Jason Elrod, MultiCare Health Systems
"A narrative threat can start on Telegram, move to Reddit, then surface in mainstream media. If you're not watching that progression, by the time it hits major channels, it’s too late to shape the story." – Nick Loui, PeakMetrics
"We’re entering an age where 90 percent of online content will be AI-generated. The scale and speed of narrative threats will overwhelm any human-only monitoring strategy. You have to use AI to fight AI." – Nick Loui, PeakMetrics
"Narrative threats are not one-time events. They’re long-tail risks. Something that starts as a fringe conspiracy can evolve into reputational or even physical threats months later." – Nick Loui, PeakMetrics
"Organizations need to move narrative threat detection into the risk and security function. If you leave it to PR alone, they may see the threat but won’t understand the operational or security implications." – Nick Loui, PeakMetrics
Quotes from the chat room
"Narrative as a smokescreen is undoubtedly happening. Consider the APT (advanced persistent threats) going after county water systems AND the US Department of State." - Gary Longsine
"If possible, allow the individual who discovered the threat to participate in some manner with the mitigation. Giving people ownership increases awareness." - James S.
"Sometimes responding brings attention to something that otherwise wouldn't be noticed, but if it's getting a ton of attention already, responding (well) can outweigh the risk." - Kira Rose Wojack , partner, Merritt and Rose Communications
Collaborate ? Deliver ? Iterate. ??
6 天前There are some #NatSec voices on LinkedIn engaged in thinking about narrative warfare. Here are some to follow: Narrative Strategies Small Wars Journal War on the Rocks Ajit Maan, Ph.D. Remington Whiteside, Ph.D. Howard Gambrill Clark, Ph.D.