‘The Future of Cybersecurity: Why There is Scope for Improvement With Josh Gold’

In this episode of CHATTINN CYBER, Marc Schein interviews Josh Gold, Cyber Insurance Lead at Anderson Kill, one of the top law firms in the North-East. Josh is a shareholder in Anderson Kill’s New York office. He has represented numerous corporate and non-profit policyholders in various industries. Josh’s practice involves matters ranging from international arbitration, data security, directors and officers insurance, business income/property insurance, commercial crime insurance, admiralty, cargo, and marine insurance disputes. He has been lead trial counsel in multi-party bench and jury trials and has negotiated and crafted scores of settlement agreements including coverage-in-place agreements.

As an individual with extensive experience working around technology, Josh explains that technology is here to stay. Young attorneys can eye many opportunities in this area, counseling and guiding clients in the times to come.

Josh explains the landmark decision during the DFW case. He describes the fraud that happened and why it was a hard-fought case. He further shares that there has been some real traction for policyholders in getting insurance coverage for cyber-related claims today, not just under a cyber policy but also under many other business insurance policies.

Josh also talks about Landry’s case. He explains how they had their payment card information stolen. Landry’s got into a fight with their merchant bank, claiming that their retailer was responsible for the breach of their customers’ payment card information. The legal fight between the merchant bank and Landry’s lasted a while. However, Landry’s was, in the end, able to secure a decent win. Josh further expands on various property insurance cases in 2020 and how insurance coverage works in those cases.

Josh and Marc discuss the threats due to cybersecurity breaches in the future and why it could go beyond money and information to bodily injuries and threats to life. He explains the importance of cyber hygiene and why we need to be more thoughtful about such instances in the future.

Josh ends the conversation on an optimistic note and shares that there is scope for preventing cybersecurity crimes in the future. He shares that sound backup systems and cybersecurity hygiene could help us in the same.

Highlights:

“The changes in tech are exponential each year, and sadly, for our clients and for society at large, I don’t think cybercrime is going away, I think we’re going to be living with a lot of problems, a lot of perils. And I think they’re only going to get worse before they get better.”

“It was a hard-fought case [DFW case]; it took years to secure both the district court and the circuit court appellate rulings that we obtained, but a very good day for policyholders and I think we’re starting to see some real traction for policyholders getting insurance coverage for cyber-related claims, not just under a cyber policy, but under lots of other business insurance policies.”

“For really serious breaches, you may need all of that coverage to really fit all of the pieces of the puzzle involving the losses and damages that certainly arise from a breach.”

“If you had 10,000 great employees who were observing good hygiene, it just takes one or five of them to maybe compromise the organization systems.“

“I’m hoping that as we all become more sophisticated users, either as individuals in our personal lives or in our professional lives, when we’re remote, learning, remote working, communicating with our own devices, even if it’s through a web portal, we’re more careful about these things.”

“It’s my hope that between maybe having good backup systems that are insulated from your day to day computing operations, and then having kind of this – if all else fails group that can help you for free, get decryption tools, get your data back without having to pay a hefty ransom. That gives me some hope, that gives me some optimism that there can be an ability to fight back against some of these really strong and sophisticated cyber games that are obviously roaming the world right now, at least virtually causing all kinds of criminal mischief.”

Time-Stamps:

[00:47] – Josh Gold shares his background and about working with Anderson Kill

[04:16] – Learn in detail about the DFW case

[08:47] – About Landry’s case and how Landry’s won in the end

[13:29] – How can policyholders be hopeful about winning in the end?

[15:24] – The importance of maintaining cyber hygiene

 

 

Solving Cyber Disputes Through Arbitration- with Peter Halprin

In this episode of Chattinn Cyber, Marc Schein interviews Peter Halprin. Peter is an insurance lawyer and an arbitrator. He teaches international arbitration at Cardozo. In addition to teaching, he also writes articles and other academic pieces about different areas of arbitration.

In today’s episode, Marc and Peter talk about the challenges faced by cyber insurance, silent cyber, and arbitration. Arbitration is an alternative means of handling disputes. Peter says for sophisticated entities, especially in the cyber context, arbitration can be a really good way to resolve disputes. Apart from choosing the people to resolve the dispute, the main benefit of arbitration is that it is confidential, so you don’t have to talk about the embarrassing cyber breach or security lapse. They also talked about how the insurance coverage and mindsets of businesses changed in recent years.

Peter shared the case of G&G company. Recently the G&G company faced a ransomware attack. The company made the payment and looked to their prime carrier for reimbursement.. The carrier denied saying it was a voluntary payment and wasn’t related to the use of computers as is required under computer fraud coverage in the prime policy. The trial court agreed with the insurer saying there was no coverage, but the Supreme Court disagreed, saying the judgment for the insurer was inappropriate on two grounds. One is that they think that the use of computer could have been implicated here, and there was some measure of fraud that caused the transfer. The interesting thing about this case is that all of this stems from the idea that what enabled the ransomware attack was actually a spear-phishing or other campaign at the outset.  linkage. This is something to be considered.

Peter suggests that when you face challenges with BI claims, make sure you have the right legal counsel involved, involve forensic accounting, and work with the right broker to support you from the claims perspective. He wraps the episode telling us that it seems like because there are so many claims, carriers are very quick to bring in coverage council on their side. So, he calls upon carriers and brokers to work together on that outset.

 

Time-Stamps:

[00:53] – How did he become an insurance lawyer?

[03:09] – The benefit of cyber arbitration

[05:30] – The challenges people are facing with cyber insurance in 2021

[09:25] – The case of  G&G Oil Company

[09:52] – The obligations of cyber laws

[14:33] – Peter’s advice to people facing ransomware challenges

[16:33] – The wreak havoc of ransomware in the pandemic

[17:37] – How does ransomware affect the business income loss?

[20:10] – What the companies need to do at the moment?

[22:30] – What should be the coverage of your insurance?

[23:47] – Closing thoughts

 

Key Quotes:

“Arbitration is a really good place for cyber disputes.”- Peter [04:11]

“The main benefit of cyber arbitration is that it is confidential. And you also get to choose the people who resolve your dispute.” – Peter [03:42]

“The tentacles of cyber issues and where they pop up are unlimited.” -Peter [09:43]

“Just because you paid the ransomware, it doesn’t mean that you are necessarily in the clear. The actor can still remain in your system. Your data can still be corrupted. And dealing with OFAC and other guidance out there, there is a possibility that you may be transferring money to a sanctioned actor. And now you are exposing yourself to additional legal liability.” Peter [15:50]

“In terms of forensic accounting, clients should always check their policies to see what kind of coverage they have. Those people speak 1010 to each other, and so it’s important to have two people that speak like that to each other to resolve the issues.”- Peter [20:36]

“Having the right team in place both in the underwriting and the claim side is essential.”- Peter [22:18]

“Don’t limit your insurance to risk management.”- Peter [22:30]

“Casting your insured in a defensive position in the midst of a crisis is not the best thing to do for customer relations or otherwise.”- Peter [24:23]

Cybersecurity And Technology – Advancing Through Changes With Stu Panensky

In this episode of CHATTINNCYBER, Marc Schein interviews Stu Panensky, an experienced Privacy business attorney and commercial litigator. Stu’s law firm FisherBroyles has been established in 22 cities today. The world’s first and largest nontraditional law firm stands apart from the rest for two reasons- neither does it have any brick and mortar space nor any inexperienced associate lawyers.

Today, Stu narrates his story of being an expert practitioner in #cyberlaw. He started his cyber journey a jersey boy from the northeast. Stu did not go to law school to master cyber law. He cites two incidents that introduced him to the world of technology –

  • The first was when one of Stu’s senior colleagues decided to do a book on insurance coverage for technology. It allowed Stu to learn about the history of insuring technology assets and the issues that came along with it.
  • Stu worked as an architect and engineer liability lawyer, where he had to handle claims of technology and algorithms. He found this very interesting and challenging. Thus, cyber tech had become his area of focus.

Stu also talks about the changes in cyber and tech in the past decade. Earlier, only a few people knew about the cyber world, and even then, it needed explanation. But now, after ten years, everyone is aware of cyber insurance, thanks to news and media. The concept has become popular and far more sophisticated than how it used to be.

Stu chats about the challenges faced by higher education leadership teams understanding cyber risks – data, technology, and the nature of schools being the pain points in the work from home scenario today.

A privacy standpoint is necessary at higher levels of education. Schools need to audit and see whether the policies in their student handbook match with what they are delivering.

Tune in to learn from one of the industry’s most sought-after leaders, Stu Panensky, today!

Highlights: 

“The cyber insurance industry has a particular focus on cyber insurance and the issues are well known. And so it’s become a business peril.”

“I think almost every ransomware case we had in 2020 involves data exfiltration. It didn’t used to be like that at all. The extortions themselves are far larger now.”

“We love corporate privacy here at FisherBroyles, we have a really deep bench of corporate privacy lawyers. So we do all the website compliance, the terms and conditions, the privacy policies, we do the employee handbooks, the proactive corporate privacy, governance type of work.”

“Every case is different, and that’s why this is such an awesome practice because it really is sort of a new one every time; even in the business email compromise, which is probably the most routine matter that we get. Every system is different.”

“I think schools need to audit and see whether the policies in their student handbook match with what you are technically and technologically able to deliver.”

“It really has to do with the unique nature of FisherBroyles. FisherBroyles is the world’s first and largest nontraditional law firm. We’re in 22 cities in the US, we’re in London, and we’re growing.”

 

Time-Stamps: 

[00:56] – Stu shares his story of becoming a cyber insurance lawyer

[04:07] – How cyber insurance evolved during the past decade.

[08:26] – The cases cyber insurance deals with.

[11:30] – Challenges faced by higher education around the field of cyber risk.

[18:37] – Stu talks about FisherBroyles

 

Connect with Stu: 

Website: https://www.fisherbroyles.com/

LinkedIn: https://www.linkedin.com/in/stu-panensky-713b149

 

 

How Ransomware gangs lead Cyber Attacks : Understanding Cybersecurity with Thomas Brittain

In this episode of CHATTINN CYBER, Marc Schein interviews Thomas Brittain. He is the Associate Managing Director with the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in St. Louis. He has over 14 years of information security experience advising organizations on secure configurations, risk reduction, incident response, and tackling tough security challenges. Thomas’ expertise ranges from incident response and security assessments to building and leading security programs. He is a Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and a GIAC Certified Incident Handler.

Thomas shares his story of going from a military professional to chairing the Associate Managing Director role in one of the most prestigious IR firms in New York City. The foundation and training in the military certainly influenced Thomas’ drive. In the military, you don’t have an option to fail. You are to find a path forward, no matter what. Thomas shares carrying this perspective in his career and life.

To those looking forward to joining cybersecurity, Thomas gives away a few tips –

  • ●  Get a home lab setup – If you want to get into cybersecurity, you will have to experiment with different apps and software.
  • ●  Learn – Several sites give free education about these topics. INE and TryHackMe are examples. It would be best if you learned the basics first. There are YouTube videos you can learn from, which include videos of Professor Messer.
  • ●  Make sure you really want to work in this field. You’ll need to challenge yourself, think outside the box sometimes, and be ready to adapt to changes.Thomas then shares his views on an executive order passed by President Joe Biden on implementing new policies to improve national cybersecurity. The biggest concern in the order remains to be funding.

    We also learn about ransomware gangs, where they’re generally located, how they’re funded, and what their ransom demands are most often. Most of these gangs are located in the eastern European region and are funded by the ransom payments they have received. In 2020, their ransom demands went up to 60 million dollars even. Ransomware gangs today have started becoming more strategic.

Thomas also talks about the possible recruitment strategies for ransom gangs. He elaborates on the ransomware gang REvil, the one behind the Kaseya attack of 2021, and their attacking strategy. One of the most extensive techniques or tactics with this threat actor group is exploiting internet-connected vulnerable systems and managed security provider platforms like RMM tools (similar to Kaseya). Thomas further details the Kaseya attack, explaining why 1500 globally were put at risk – all simultaneously.

Towards the close of the conversation, Thomas explains the process of procurement of cryptocurrency by organizations – you have first to establish an account and then transfer funds to the wallet. After that, you procure your cryptocurrency, like Bitcoin.

Thomas has led an extensive discussion on ransomware gangs, cyber-attacks, and bitcoins today. There’s a lot you would take away from this episode!

Quotes:

“I think in this career field of cyber security, everybody has to be the CEO of their own career. Nobody’s going to give it to you on a silver platter.”

“This is not just a career field in which you’re going to come in, you’re going to get a great salary, and you’re going to do the job. If you don’t thoroughly enjoy it, if you don’t have the ability to think outside the box and really try to take on new challenges, this may not be the right career field for you.”

“Learn the basics first; how does a computer work? How does networking work? There are a lot of sites like, INE or TryHackMe that provide some level of foundation. There are other avenues like Professor Messer on YouTube that offer free videos to get that background or education.”

“I like to look at this as a chess game. So for every move, we make the advances, and then we make a counter move; constantly adapting to the things that we’re doing. And so we have to be ready to adapt.”

Digital Forensics, Crypto Codes, and Ransomware Attacks: A conversation on cybersecurity with Ondrej Krehel

In this episode of CHATTINN CYBER, Marc Schein interviews Ondrej Krehel, He is a former lecturer at FBI Training Academy and Chief Information Security Officer of IDT911, the nation’s premier identity theft recovery and data breach management service. Ondrej is also the Founder and CEO of LIFARS LLC,  a digital forensics and cybersecurity intelligence firm. He authors articles, conducts training, and is a frequent speaker at industry events, such as FBI Academy, RSA, HTCIA, ECTF USSS, and QuBit Prague.

In this episode, Ondrej shares history, explaining how he went from a mathematical physics student to a cybersecurity expert. His career started in crypto, working with code, and eventually oversaw nuclear power plants and Industrial Control Systems.

We chat about  Eastern European Ransomware gangs and the trends noticed in their attack measure. Ondre discusses the  Kaseya attack of  in which the hackers used chain exploit – meaning, it was all in one code. Here’s how it happened – The authentication bypass got them in the file upload and let them upload the files they needed. They got the right to deploy, did a command and code injection, and completely interacted with the system. Ondrej describes this to be a true military type of tactic on a system. The group that led this attack was formidable and had a clear understanding of the legal system in the U.S. 

Quotes:

“I actually exercise a lot and do a lot of specialized training. But I decided that cutting that social life for me, but moving to that career that was very unique, can only shape who I am today.”

“I think that’s what the industrial control system people are saying, that look, the code is so primitive, that it’s easy to do quality assurance. Once you start introducing complexity in integrations, we are not going to be able to control it.”

“These threat actors do diligence very well, they played a card of third party liability. They understand probably also insurance policy of that company not insist they read the policy, but they understand what the premium is, also what the limit of that is, and probably who owns it, and how likely they’re going to get paid.”

“These trackers right now do understand the insurance market completely, they understand how the insurance operates. I was important to this game, they understand the third party liability. And they try companies with a third party liability.”

“What the issue is when it comes to the rebel group is that the rebel group first gets maybe some intelligence. All these exploits, all the tools that we do believe in and debat are somehow connected to intelligence agencies in Russia. And at that level, basically, they truly use a cyber military type of skill set against the commercial enterprises.”

“The challenging piece for that crypto is it has some cell stacks attached to it. There are some fees attached to it, how you’re going to put that on your balance sheet at the end of the day. And also some legal aspects of dealing with the office of the asset controlling involve attorneys. ”

Time-Stamps:

[00:51] – Ondrej’s backstory and career in the crypto world

[04:26] – Ondrej shares his experience in the nuclear sector

[08:43] – The debate on whether to upgrade industrial technology or not

Connect with Ondrej:

LinkedIn  https://www.linkedin.com/in/ondrejkrehel/

How the Center for Internet Security Helps Businesses Against Cyber-Threats with Curtis Dukes

In this episode of Chattinn Cyber, host Mark Schein talks with Curtis Dukes, the former director of the National Security Agency (NSA) and the current Executive Vice President of the Center for Internet Security (CIS),  a non-profit organization that aims to make the connected world a safer place.

Their conversation begins with a discussion on Curtis’ background, specifically on his experience in the NSA. After spending more than three decades in service to the agency, he learned the following:

  • Computer systems must provide their users with a pleasing experience to ensure that they won’t switch to an alternative way.
  • Technology is so ingrained into who we are as a society that we no longer notice it, even though we’re online all the time.
  • Business owners must allocate sufficient resources for the regular upkeep of their hardware and software programs, so that these won’t be exploited by malicious adversaries.

Curtis also talks about the CIS, giving an in-depth explanation of its goals and current efforts. In addition to providing cyber-threat intelligence and analysis to State, Local, Tribal, and Territorial government entities (SLTTs), the organization has also introduced controls and benchmarks that allow businesses to develop effective strategies against cyber-threats. He further recommends that business owners show the efforts they’ve put into building their defenses when trying to obtain a cyber-insurance policy.

Regarding future trends, Curtis explains that the next few years will see ransomware playing an increasingly crucial role in cyberspace. To address this issue, the CIS has developed a community defense model that is based on genuine attack techniques. Published last August 2020 to much acclaim, this program will help businesses mitigate the risk of cyber-threats, enabling them to protect themselves from malicious agents.

Key Takeaways:

  • Technology has become so powerful and ubiquitous that our reliance on it has become invisible to us.
  • Small and medium-sized enterprises (SMEs) need to have sufficient resources to limit their cybersecurity vulnerabilities.
  • Business owners must thoroughly understand the impact of cyber-threats.
  • The cyber-insurance industry still lacks standardization.
  • Ransomware is evolving, with malicious agents often changing the way they operate.

Key Quotes:

  • “But you can quickly see that computers were going to be a disruption, not only within national security systems, which I was responsible for providing security for, but as an economic enabler for society.” – Curtis (05:07)
  • “Technology is ingrained in the fabric of who we are, and how we communicate as a society.” – Curtis (07:14)
  • “It went from ‘let me just lock up your data, and you need to pay the ransom, or you have to recover your data through some other means’ to they started modifying their operations. Not only did they lock up your data, but they also exfiltrated the data. If you didn’t pay the ransom then they threatened to expose the data, some of which could be harmful to the company or personally problematic, as well.” – Curtis (16:23)
  • “By mapping attack techniques to mitigation, I think that’s one way to raise cybersecurity across the board.” – Curtis (20:16)

 

Cybersecurity and the Role of the Board, an interview with Judith H. Germano

In this episode of CHATTINN CYBER, Marc Schein interviews Judith H. Germano, a nationally recognized thought leader on cybersecurity governance and privacy issues. She is a Senior Fellow at the NYU Center for Cybersecurity (CCS) and the Reiss Center on Law and Security and an Adjunct Professor of Law at NYU School of Law.

Judith was a federal prosecutor for 11 years, from 2002 to 2013. Today, she shares that her last role was as the Chief of economic crimes, which oversaw cybersecurity, securities fraud, and other complex fraud. She handled tremendous cases of international significance, some that were reported in the news and some that were not.

From an experience that spans over a decade, Judith learned the growing importance of cybersecurity for businesses. She realized that there were many questions regarding handling cybersecurity risks- when and whether to work with the government and protect yourself proactively from incidents. And though she loved her government job then, she wanted to help by advising companies proactively.

Judith currently leads the CCS cybersecurity task force and roundtable series of corporate executives and senior government officials addressing critical cybersecurity concerns. She is also the founder of GermanoLaw LLC, advising public and privately-held companies on cybersecurity and privacy matters and representing companies and individuals on securities fraud and other complex white-collar criminal and regulatory compliance issues. Judi counsels senior executives and corporations on cybersecurity, risk management, and strategy. Her publications include: “Cybersecurity Partnerships: A New Era of Collaboration” and “After the Breach: Cybersecurity Liability Risk.”

In today’s episode, she shares the role of boards in handling cybersecurity issues, the changes and advancements made in the industry today, and what challenges remain in the industry for cybersecurity experts to face. We also learn why boards need to proactively ensure that companies are compliant with security policies and address and document their cybersecurity effectively.

Highlights:

“Cyber security is a top priority for organizations and governments. And it is critically important that the board is well versed in cybersecurity.”

“We’ve also seen some cases outside of the cybersecurity context that show that boards have an obligation and fiduciary duty not just to ensure that policies are in place of the organization, but that they’re followed, and a responsibility to document in the minutes what the board is doing to address issues of key importance of the organization.”

“You want to make sure that the board is asking questions that have to do with basic cyber security hygiene.”

“There are some boards that have a specific risk management committee and cyber security and privacy risk may be housed there.”

“As smart as we get defending, the attackers get smart and new ways of attacks.”

“Over the years, many organizations, unfortunately, are still catching up on basic things like encryption and logging and updates and other best practices.”

Time-Stamps:

[02:58] – The role of a board in terms of cybersecurity or cyber maturity
[04:06] – What recent legal decisions helped face the developments of current board liability
[05:21] – How in depth should boards be getting within cybersecurity or cyber risk?
[07:48] – Some of the cybersecurity trends that boards are currently seeing
[10:32] – Engineering in the law school and the concerns of future leaders within cybersecurity

Connect with Judith:

LinkedIn: https://www.linkedin.com/in/judith-germano-b7a63310
Twitter: https://twitter.com/judigermano?lang=en
Website: https://germanolaw.com/

Compliance and Cyber Risk – An Interview with Matthew Pachman

In this episode of CHATTINN CYBER, host Marc Schein is joined by Matthew Pachman, the Vice President, Chief Risk and Compliance Officer at FTI Consulting. Matthew has an extensive background in Compliance and Risk Management.

Originally hailing from New Jersey, Matthew Pachman has a degree in Law from the University of Virginia. He has been awarded Compliance Week’s Top Minds Award. He was named “Top Ethics and Compliance Officer” by the Ethisphere Institute for three consecutive years. He is a recognized and decorated professional speaker in the corporate compliance space.

Welcome Matthew Pachman! Matthew  kicks it off with an explanation of the differences between Compliance and Risk Management as they relate to cyber liability. Cyber risk is top priority. It is what every board member, executive and regulator worry about on a day-to-day basis. From the compliance side of cyber security, Matthew stresses that one can implement rules and systems to control these dangerous factors.

We then move into a discussion about the importance of cyber protection within a company and the approaches we can take to make sure the company has a culture of compliance and awareness. What role does Human Resources play in this? Matthew shares his take on cyber protection and employee awareness which rely on HR communication tactics. Anywhere we talk about communication and culture, HR is involved!

Next, we shift gears to the subject of cyber insurance. Matthew shares the qualities and tools he looks for in an insurance program as well as a corporate program. If you are in the risk business, you cannot underestimate the importance of cyber insurance! This especially applies to today’s work environment which is primarily remote due to Covid-19 and thus a higher need for cyber security.

Wrapping up our interview, Matthew leaves us with some of the pros and cons for those looking to start a career in cyber risk. He says “You have to like playing defense. You are trying to protect your goal.”

 

What You Will Learn

  1. Compliance or Risk Management; which one is more difficult to approach?
  2. What is required for better risk management?
  3. What is HR’s role in cyber risk management?
  4. What makes a good cyber program for controlling cyber risks?
  5. Importance of having cyber insurance.
  6. What are the pros and cons of taking cyber risk management as a career path?

 

 

 

Embracing the “New” Frontier of Cyber – with Jeff Cohen

In this episode of CHATTINN CYBER, Marc Schein interviews Jeff Cohen, Senior Vice President of Zywave and former President of Advisen. In November 2020, Zywave acquired Advisen, the leading provider of data, media, and technology solutions for casualty insurance markets. Jeff led Advisen’s strategies for Global Business Development and for the company’s Data and Media businesses and resources.

As a sales and marketing executive, Jeff Cohen has over thirty years of experience in data management, data analytics, media, and news business aimed towards insurance and financial sectors. Jeff joined Advisen in 2003 after spending over 15 years at Bloomberg in North American Sales.

Jeff currently serves as a board member for the Spencer Educational Foundation which funds scholarships, internships, and grants for undergraduate and graduate students who will be tomorrow’s risk management and insurance leaders. Additionally, he serves as a board member of the Center for Hearing and Communication, a non-profit agency that serves all people with hearing loss.

Most recently, Advisen was acquired by Zywave, an insurance agency software company used by over15,000 insurance agencies. Zywave offers Advisen a level of scale with coinciding talent, media capabilities, and supportive infrastructure benefiting the company and the service providers, brokers, and clients that Advisen serves. Jeff and many others believe that cyber is constantly moving at the speed of light making it a space that is always adapting and needing change.

Advisen’s Annual Cyber Risk Insights Conference is one of the major cyber conference series.  Advisen’s Cyber Risk Awards event has also become one of the most prestigious awards in the cyber risk community.

Time-Stamped Segments  

  • Meet the Guest – Jeff Cohen [00:31]
  • How did Advisen grow to become one of the leading organizations in the world? [01:02]
  • What led to partnering Advisen with Zywave? [05:04]
  • What is Advisen’s role within cyber? [06:57]
  • Where Jeff Cohen feels that future of cyber will be? [06:57]
  • How is cyber different from other lines of business? [10:34]
  • How has Advisen’s Annual Advising Conference has become a major cyber event globally? [14:11]
  • Is there anything I should Have Asked you Today That I Didn’t? [23:02]
  • Closing Thoughts [25:37]

 

 

 

 

Getting Smart Against Ransomware with Sherri Davidoff and Michael A. Kleinman – part 2

In part two of our Chattinn Cyber with with host Marc Schein, our guests, Sherri and Michael, continue talking about ransomware. They start with the question of whether or not you should actually pay the ransom. Sherri recommends making sure you have backups. Have a plan to resecure your data even if you have to engage with the hackers. From the legal side, Michael recommends contacting law enforcement—but not the local police. These days, the FBI works really hard to help. It also helps to have built a relationship with federal police ahead of time. Sherri suggests looking into community partnership programs that have sprung up recently.

Regarding police takedown, Sherri explains that some leading ransomware gangs have recently been taken down, including Emotet. Emotet was one of the leading technological threat distributors. With Emotet on your computer, all your information could be stolen within 15 minutes. And then they could simply nuke it all with the Ryuk ransomware. Members of that very gang have been arrested. Emotet will uninstall itself by April of this year.

A lot of repair software may actually be working as malware itself. It’s absolutely vital to have expert help at every step of the way.

Sherri finishes the episode by giving a few key things to watch out for to protect yourself from ransomware:

  1. Exposed remote login credentials.
  2. Email phishing.
  3. Software vulnerabilities.

She recommends using two-factor authentication and a VPN. Be sure to train users to think before they click. Michael urges to do your due diligence assuming there is risk. Get ahead of the proliferation of ransomware attacks.

Key Takeaways:

  • Ask for proof of life if you’re going to pay the ransom on your data.
  • Knowing who to contact is important.
  • An advisory can help to organize your response to hackers.
  • There are downsides to getting your ransomware payments insured.
  • You must treat any threat as a potential data breach.

Key Quotes:

  • “There’s nothing new here from a legal perspective.” – Michael (13:00)
  • “We actually have seen takedowns of ransomware-as-a-service gangs.” – Sherri (22:00)
  • “You have to assume that there may have been data stolen.” – Sherri (24:50)
  • “You cannot figure out what the breach is without the technology side.” – Michael (26:00)
  • “The second you start a letter-writing campaign, you have to be mindful of the fact that you’re creating a record for court.” – Michael (33:10)