Cyber Security Threats and Strategies – with Hon. Michael A.L. Balboni

In this episode of CHATTINN CYBER, Marc Schein interviews Michael A.L. Balboni, CEO of Redland Strategies Inc. Prior to Redland Strategies, Mike worked as a New York State Senator and chairman of Homeland Security and Law Enforcement committee.

Born in Burns Town New York, Mike studied law and had a unique experience of serving in the New York State Senate for 10 years. Afterward, he went to Albany where he was appointed the first chairman of the Senate homeland security committee. As a chairman of the 9/11 homeland security committee, he learned all aspects of homeland security including cybersecurity. By acknowledging the risks of chemical plants he created regulations for the infrastructure protection – by passing legislation and supervising the implementation process – by the department of homeland security and emergency services within New York City.

His firm, Redland Strategies, assists companies and government agencies to develop and implement security strategies to improve business performance and maximize growth. For example, in the cybersecurity space, he helps companies to develop strategies for data management, data processing, storage, cyber breach issues, threats from an energy perspective (mainly due to sensors that are used for energy digitization which are itself Internet Of Things (IoT) components), etc.

Additionally he talks about the threats of malicious-payloads taking over a physical operating system (cross over from IT to OT) – for example manipulation of a nuclear power plant via cyber-attack. This type of threat was faced by the Ukraine in 2017 when their 2 nuclear power plants were disrupted as a result of internet manipulation.

Mike also talks about the importance of home network security. He says that it is now more important than ever to secure home networks because our society is moving toward a home-based virtual-workforce and cyber threats are growing continuously. According to the FBI home routers are vulnerable, so it should be everyone’s focus to invest in a cyber-infrastructure and cybersecurity. Having said that, everyone should understand that cybersecurity is not a destination, it is a journey; you must continue to evolve because threats are evolving.

Lastly, he shares his thoughts about the impact of Covid-19 on large organizations and the accessibility of the Covid-19 vaccine. He talks about sports organizations, they are employing the best strategies to keep their players, coaches, and staff safe. However, sports organizations right now are facing a huge challenge in bringing indoors. Everyone is waiting for the Covid-19 vaccine, but the distribution of a safe vaccine to enough people to bring us back to some sense of normalcy is not going to happen overnight.

Topics Discussed in the Podcast

  1. The journey of Michael A.L. Balboni’s professional life.
  2. Balboni’s experience of serving at New York State Senate and Senate Homeland Security Committee.
  3. Cyber threats from energy perspective and the role of digitization in that.
  4. Cyber attacks to take over a physical operating system (cross over from IT to OT).
  5. Recent presidential elections’ security.
  6. Importance of securing home-networks and investing in cyber-infrastructure and cybersecurity.
  7. Some fundamental cybersecurity strategies.
  8. Perks of working with the best and brightest people.
  9. Thoughts about the accessibility of the Covid-19 vaccine.

 

Cybersecurity and the Role of the Board, an interview with Judith H. Germano

In this episode of CHATTINN CYBER, Marc Schein interviews Judith H. Germano, a nationally recognized thought leader on cybersecurity governance and privacy issues. She is a Senior Fellow at the NYU Center for Cybersecurity (CCS) and the Reiss Center on Law and Security and an Adjunct Professor of Law at NYU School of Law.

Judith was a federal prosecutor for 11 years, from 2002 to 2013. Today, she shares that her last role was as the Chief of economic crimes, which oversaw cybersecurity, securities fraud, and other complex fraud. She handled tremendous cases of international significance, some that were reported in the news and some that were not.

From an experience that spans over a decade, Judith learned the growing importance of cybersecurity for businesses. She realized that there were many questions regarding handling cybersecurity risks- when and whether to work with the government and protect yourself proactively from incidents. And though she loved her government job then, she wanted to help by advising companies proactively.

Judith currently leads the CCS cybersecurity task force and roundtable series of corporate executives and senior government officials addressing critical cybersecurity concerns. She is also the founder of GermanoLaw LLC, advising public and privately-held companies on cybersecurity and privacy matters and representing companies and individuals on securities fraud and other complex white-collar criminal and regulatory compliance issues. Judi counsels senior executives and corporations on cybersecurity, risk management, and strategy. Her publications include: “Cybersecurity Partnerships: A New Era of Collaboration” and “After the Breach: Cybersecurity Liability Risk.”

In today’s episode, she shares the role of boards in handling cybersecurity issues, the changes and advancements made in the industry today, and what challenges remain in the industry for cybersecurity experts to face. We also learn why boards need to proactively ensure that companies are compliant with security policies and address and document their cybersecurity effectively.

Highlights:

“Cyber security is a top priority for organizations and governments. And it is critically important that the board is well versed in cybersecurity.”

“We’ve also seen some cases outside of the cybersecurity context that show that boards have an obligation and fiduciary duty not just to ensure that policies are in place of the organization, but that they’re followed, and a responsibility to document in the minutes what the board is doing to address issues of key importance of the organization.”

“You want to make sure that the board is asking questions that have to do with basic cyber security hygiene.”

“There are some boards that have a specific risk management committee and cyber security and privacy risk may be housed there.”

“As smart as we get defending, the attackers get smart and new ways of attacks.”

“Over the years, many organizations, unfortunately, are still catching up on basic things like encryption and logging and updates and other best practices.”

Time-Stamps:

[02:58] – The role of a board in terms of cybersecurity or cyber maturity
[04:06] – What recent legal decisions helped face the developments of current board liability
[05:21] – How in depth should boards be getting within cybersecurity or cyber risk?
[07:48] – Some of the cybersecurity trends that boards are currently seeing
[10:32] – Engineering in the law school and the concerns of future leaders within cybersecurity

Connect with Judith:

LinkedIn: https://www.linkedin.com/in/judith-germano-b7a63310
Twitter: https://twitter.com/judigermano?lang=en
Website: https://germanolaw.com/