Layered Security And Protection Against Ransomware Attacks With Greg Edwards

In this episode of CHATTINN CYBER, Marc Schein interviews Greg Edwards, the Founder of Canauri, a well-known cybersecurity firm, to discuss the growing threat of ransomware attacks and how businesses can safeguard against them.

Greg has been involved in the backup and disaster recovery industry since 2007. In 2012, as ransomware attacks rose, he observed that many of his off-site backup clients were affected and needed full recovery. Recognizing that this could escalate into a greater issue, he founded Canauri and decided to address this threat using deception technology.

According to Greg, the rise of ransomware coincides with the increased use of cryptocurrency. He believes that cybercrime, in general, gained momentum in 2012 when Bitcoin became mainstream. He emphasizes the significance of layered security and recommends that businesses configure and manage all layers of defense effectively.

During this discussion, Greg also talked about how MSPs (Managed Service Providers) can fall prey to ransomware, and the devastating impact it can have on their clients. Greg narrated an incident where an MSP’s RMM (Remote Monitoring and Management) was hit by ransomware, causing 80 of their clients to be affected simultaneously.

With the shift towards remote work, Greg suggests that businesses must secure all endpoints, including laptops, desktops, and mobile devices, and ensure that the networks they use are secure. He also stresses the importance of patching systems as the most crucial action people can take to defend themselves against ransomware.

In conclusion, Greg shares valuable insights into the increasing prevalence of ransomware, the importance of layered security, and the measures businesses can take to protect themselves from ransomware attacks.




“If you look back again to 2012, the rise of ransomware coincides with the use of cryptocurrency. So not (that) I’m a fan of cryptocurrency, personally, but the rise of ransomware and cybercrime in general, all started to take off around that 2012 mark. And that’s when that’s when Bitcoin became really big and started to become mainstream.”


“In the pandemic, everyone said, go home, go work from home, here’s your laptop, or even people were carrying desktops in their monitors out of the office to go work from home, and then connecting remotely in any fashion that they could. And so that inherently just opens up lots of additional vulnerabilities and attack surfaces for the attackers. So what has to be done is all of those endpoints, laptops, desktops, even mobile devices, need to be properly locked down, and then also need to make sure that the networks that they’re on got to have the proper security now, across all of those remote workers, and manage them, just like you would if it were in an old corporate network environment.”




[00:50] Greg’s experience starting an off-site backup company in 2007.

[02:37] The rise of ransomware coincided with the rise of cryptocurrency.

[03:56] Layman’s understanding of layered security.

[06:01] Ransomware attack on remote monitoring and management.

[07:16] Advice on how to better protect yourself.

[08:41] What to do to protect yourself from ransomware?


Connect with Greg:



The Challenges To Cybersecurity In Critical Control Systems With Joe Weiss

In this episode of CHATTINN CYBER, Marc Schein interviews Joe Weiss, the Managing Partner at Applied Control Solutions LLC, Managing Director at ISA99 ICS Cyber Security Pioneer and keynote speaker. The discussion revolves around cybersecurity challenges in control systems, with a focus on those in critical infrastructure like nuclear plants. Joe was formerly a control system engineer who worked on instrumentation controls, primarily control and safety systems in nuclear plants.

Joe notes the different challenges in implementing effective cybersecurity measures in control systems. The first, he shares, is the cultural gap between engineers and IT personnel. He explains that these two groups have different mindsets and concerns, which makes it challenging to work together. For example, IT personnel might need to upgrade a computer or perform maintenance, but engineers might resist because taking a workstation down could cause the entire plant to shut down. Joe suggests that doughnut diplomacy, which involves getting engineers and IT personnel together to work out their differences over doughnuts and coffee, has not worked in bridging this cultural gap.

Another challenge is the technical gap in control systems. Joe explains that many control systems are older systems that have been upgraded from a very insecure base. Legacy devices lack basic security features like passwords, authentication, and encryption, which makes them highly vulnerable to cyberattacks. He provides an example of how some brand-new digital sensors installed at a petrochemical plant in Abu Dhabi did not have any passwords in their vendor spec sheets. Therefore, there was no way to send calibration data to the cloud securely.

Joe adds that control systems are very different from traditional IT systems, and security measures that work in one domain might not work in the other. For example, while data is the main focus in traditional IT systems, physics is the primary concern in control systems. Control systems are designed to manipulate physical processes, and the closer they get to the edge, the more efficient the processes become. This makes it difficult to implement traditional security measures like zero trust, which assumes that nothing can be trusted until proven otherwise.

Joe concludes the conversation by suggesting that insurance companies and credit rating agencies can play a significant role in driving improved cybersecurity in control systems. These organizations are highly risk-averse and can convince boards to take cybersecurity more seriously. He believes that control system cybersecurity is not going to be solved by the government and requires a concerted effort from all stakeholders involved.



“The general rule is that these big control systems are 1980s, 1990s technology that have been in a funny sense upgraded. But they’ve been starting with a very, very insecure base.”


“To a sensor controller in real time, this thing is happening in milliseconds, it’s 100% trust. What’s worse, these devices are built in backdoors, directly to the internet. So everything you’re trying to say not to do on the network side is exactly what’s in this most critical of all of our critical devices.”




[01:53] Joe’s journey into cybersecurity

[04:10] Everything is about data and data processing.

[05:52] The engineers and the network people don’t get along.

[09:04] Calibrating the sensors

[10:39] Zero trust is 100% trust


Connect with Joe:




AI, Propaganda, and Lessons On Advanced Cybersecurity with Paul Christopher

In this episode of CHATTINN CYBER, Marc Schein interviews Paul Christopher, Senior Social Scientist at the RAND Corporation, where he serves as the principal investigator for various defense and security related research projects. In today’s conversation, Paul talks mainly about AI and the need for introducing/enhancing AI cybersecurity and advancing information technology protection with time.

Paul begins the conversation by discussing cognitive security, or the concept of protecting the safety of ideas and thought processes. From a national perspective, it is about protecting citizens from foreign interference in their right to think and participate in national politics. It is an old concept, rooted in the idea of war being a contest of wills and politics by other means.

Further into the conversation, he discusses AI and how it is affecting propaganda by allowing for automated amplification through the use of bots. As AI becomes more sophisticated, there is a greater danger of it being used for propagandistic purposes. One example is using a Gann, a generative adversarial network, where one AI generates messages and the other detects and prevents them, but in an unethical manner, the second AI could be removed and the messages could be directed at real people. Countries are spending more money on propaganda, but it is still cheaper than traditional military capabilities. The effectiveness of propaganda is difficult to measure, but the power of an integrated physical and informational campaign, as seen in the 2014 Russian annexation of Crimea, is highly effective.

Paul and Marc also discuss deep fakes and shallow fakes—methods of creating fake videos using AI technology and how both these types of fakes can be effective in deceiving people. They also discuss counter propaganda—a method of countering the effects of propaganda by providing counter messaging or a counter narrative to counteract it.

Towards the close of the conversation, Paul highlights the human vulnerability to misinformation and disinformation and how it’s important for everyone to remember that we are challenged cognitively. Humans often think fast and use heuristics, which make them more susceptible to being tricked, manipulated, or deceived. He also mentions the cognitive bias called Blind Spot bias, where people are willing to see vulnerabilities in others but not in themselves. He advises people to be aware of these vulnerabilities, not to believe everything they see and to find ways to improve their media literacy and to use tools to screen disinformation or at least pop up warnings when there’s an uncredible source.


“If you’re countering propaganda, either your counter messaging or doing a counter narrative, where you’re trying to claim the opposite of whatever the propaganda is, or overwhelm it with the truth or counteract it. Which unfortunately, the research in social psychology suggests isn’t very effective, because the first mover advantage is hugely important.”

“There are things that the government can do to pass laws and regulations to make foreign propaganda, either require labels or to be illegal so that you can then indict foreign propagandists and affect them.”

“There’s this thing called Blind Spot bias, where we’re willing to see these vulnerabilities in others but we imagine that we ourselves are special or magical or invulnerable.”


[00:14] – How Paul ended up becoming a senior social scientist at the Rand Corporation

[01:35] – What is cognitive security?

[04:15] – Are countries spending money on propaganda campaigns?

[06:26] – Distinguishing deep fakes and shallow fakes

[12:21] – Understanding counter propaganda and the ways to curb it

[17:24] – Final thoughts

Connect with Paul:


















Underwriting and The Future Of Cybersecurity With Marcin Weryk

In this episode of CHATTINN CYBER, Marc Schein interviews Marcin Weryk, Head of Business Development at Coalition Inc. The duo get into underwriting, cyber risks, and the future of cybersecurity, among other discussions on business and the changing world.

Marcin began by providing background on his upbringing, sharing that he was born in Poland and raised in Brooklyn. He also mentioned his journey to becoming a renowned cyber underwriter after graduating from St. John’s University with a major in finance and later participating in a training program at CNA to gain knowledge in the insurance industry. The training program ultimately led to his placement on CNA’s cyber tech NPL team and his entry into the field of cyber insurance.

Marcin stresses the importance of having a strong underwriter in the team who’s knowledgeable in both analytics and marketing. The key for underwriters is to not only be creative and thorough but also reliable and trustworthy. It is also critical to learn to interpret and analyze data in cybersecurity.

Further in the conversation, Marcin mentions Coalition and introduces it as the most innovative insurance company for reasons including its careful and correct analyses of data and the risk selection and prevention mindset of its employees. At its core, Coalition is a technology company that uses data more effectively than other insurance companies.

Marcin also shares two concerns businesses will face in the coming years. One is the need to improve the quality of data collection and utilization to reduce cyber risks. The second was about the data currently being used to underwrite better from a loss perspective, which leads to many issues. Business controls are essential in underwriting and risk mitigation.

He wraps up the conversation by highlighting the future of cyber issues, focusing on two of the most pressing issues: the exposure of systemic failure and privacy concerns.

Listen to the conversation for more details!


“I think what’s different about Coalition is the ability to understand that learning from data is important. And learning from data is even more important in the ever-changing space of cybersecurity. I think we at Coalition differentiate in that we are continuously making sure we look at risk selection and risk prevention. From a forward-looking perspective, not a backward-looking perspective.”

“And I think that’s the big differentiation is, most people are stuck looking backward, Coalition is good at looking forward. And I think that is what drives our value. The other part that’s been imperative to the growth and success of Coalition and others in this space that is leaning on data better, is the concept of continuous monitoring.”

“One is the systemic failure exposure that we’re all dealing with. I personally think that the marketplace will evolve into a space where there will be standard coverage, and yet also separate catastrophe cyber coverage. I don’t think that that’s that far in the future. Just for clarity purposes, I think many people will be interested in that type of cover. The other one that some people have started to speak about, but I don’t think it’s getting as much attention as it should is privacy as a peril.”


[01:08] – How did Marcin become a cyber underwriter and how did he get involved in cyber?

[02:53] – Important roles of an underwriter

[04:43] – What is so unique about Coalition and how they are the most creative insurance company?

[07:42] – What made Marcin go to the technology from phenomenal insurance carriers?

[10:33] – Challenges and cyber risks businesses are going to face in the next two years that concerns underwriters

[13:52] – How important are controls for a business?

[16:10] – Some of the future issues we may be facing

Connect with Marcin:



Economic Sanctions, Cyber Law Enforcement, And Private-Government Collaboration For Cyber Protection With Emil Bove

In this episode of CHATTIN CYBER, Marc Schein interviews Emil Bove, Trial and Investigations Lawyer at Chiesa Shahinian Giantomasi (CSG). Emil has extensive experience working in both the public and private sectors, starting his career as an assistant United States attorney specializing in cyber risk. Today, he speaks about the new sanctions announced against Russia following the invasion of the Ukraine, why Russia might push its financial transactions and assets into the crypto space, cyber enforcement trends pertaining to the same, and the recent collaboration of the private sector and the government sector for speedy cyber law enforcement and protection.

Recently, in the aftermath of the Russian invasion of Ukraine, the US Treasury department announced a lot of sanctions against Russia. One result of that is that banks are trying to comply with the sanctions on both US financial institutions and international institutions, identifying their exposure to the sanction parties, sanction relationships, and figuring out how to address that exposure – whether that’s blocking assets in some instances, or ending client relationships in others. Secondly, we’re anticipating mechanisms for any sanction party to engage in sanctions evasion and access the international financial system and even the US financial system directly through correspondent accounts. Sanction parties need to innovate. Russian parties are also expected to push financial transactions and assets into crypto.

Emil also discusses the trends in cyber enforcement. With Russia likely to venture into the crypto space, care needs to be taken while enforcing sanctions as not everybody is a Russian actor. Clients have to be sensitive to sanctions compliance. Recently, the OFAC has been sanctioning crypto service providers, some of which are based in Russia, who are non-compliant with US expectations for transparency and staying away from ransomware. Both on the regulatory and criminal sides, the government will be looking at public examples of non-compliant actors who are not seeking to implement the sanctions intended to choke back on Russia’s access to the financial system.

Another thing Emil talks about is the private sector’s collaboration with the government in connection with the above sanctions. He predicts that the partnership will be significant because the technological expertise of the private sector can help speed up the government’s work. The technologies used so far have repeatedly shown themselves reliable and trustworthy and have generated accurate results.

For more, tune in to today’s episode!


“There’s a cyber component to the banks trying to comply with the sanctions to both US financial institutions and really international institutions, taking a look at what OFAC is doing. And identifying their exposure to these now sanctioned parties and sanction relationships, and figuring out how to address that exposure, whether that’s blocking assets in some instances, or ending client relationships in others.”

“There are a few understood mechanisms for any sanction party to engage in sanctions evasion, to access the international financial system, and sometimes even the US financial system directly through correspondent accounts. Sanction parties are going to need to take some new steps to do some innovation. And I think that one way that we’re going to see that is Russia as a sovereign, and also just sanctioned Russian parties over there are going to push financial transactions and assets into the crypto space.”

“There’s then now a public opinion that sort of authorizes and endorses law enforcement collaboration with the private sector and use private sector tools in a sophisticated and developing space where government technology, especially in the law enforcement side, may not be quite as up to speed as where the more well resourced private sector parties are endorsing that and I think you’ll see that going forward.”


[00:43] – The journey to becoming an assistant United States attorney
[19:45] – About the US Treasury Department announcing sanctions against Russia [21:49] – The biggest things around cybersecurity being ignored right now
[29:58] – Closing thoughts

Connect with Emil:


The Russian-Ukrainian War Is A Lesson On Information Security and Leverage With Greg Radabaugh

In this episode of CHATTIN CYBER, Marc Schein interviews Gregory Radabaugh about his wide range of experience in the military and information security, what the Russian-Ukrainian war illuminates about information security, and the essential practices civilians and security forces must equally adopt to strengthen cybersecurity.

Retired Air Force veteran of 30 years, Greg comes with a repertoire of wealth that ranges beyond overseas reconnaissance missions. He has experience as a DOD civilian, a Defence Intelligence Agency analyst, senior Information Operations planner for the Air Force ISR agency (Intelligence Surveillance Reconnaissance), Director of the Joint Information Operations Warfare Centre, and many high-importance controlled defence and intelligence roles. But after finally retiring from the Department of Defense after 44 years, Greg has founded his own consulting company, Greg Bear Consulting.

With the ongoing Russian-Ukrainian war always keeping world tensions high, Greg suggests you give “Unrestricted Warfare by Colonel Qiao Liang and Colonel Wang Xiangsui” a read for learning in depth about permanent warfare and the absence of a difference between civilian and military targets in the Ukraine-Russia war. Noting from the war updates, Greg shares that although Russia seems to be focussing on justifying their actions to their internal audience, making them see that all is being done to protect them, Ukraine is focussing on the external audience, primarily the West, trying to gain support from the US, NATO, and others providing material, financial, and medical support. He also discusses how both the countries are gathering and making use of commercially available data for warfare – from tracking locations, to cellphone ranges, and a whole lot more. Everything happening in the war is striking from an information perspective.

The civilian sector, he adds, must prepare for war at this point as they could be used to incite or escalate conflict. There could be Denial Of Service attacks, deception, and other planned operations to impact the military by attacking people relevant to its personnel. Families of military personnel are especially targeted by these attacks. This is a side most people aren’t prepared for.

In conclusion, Greg shares that the civilian private sector needs to start thinking about security the same way the military does – for operational security. Using mobile phones and cameras in essential meeting places, not considering the secondary and tertiary access points in places, are a couple of the many things that go unnoticed. For more about it, tune in to this episode with Greg!


page1image12665408 page1image12665984

“The Western concepts of the law of armed conflict relying on Westphalian concepts of chivalry, interior, and territorial integrity, and what constitutes an armed attack don’t apply to our adversaries and potential adversaries in the information environment.”

“Think about how to provide operational security to your business. And then think about how do you shut down our second and tertiary information leakages and then decide, how do I mitigate this threat by doing things, for example, having an offline backup of my network, or having a secondary network that’s offline that can go online immediately, if your primary one goes down?”

“A greater awareness of these operations in the information environment is crucial to private sector success of industrial control systems, security is going to be absolutely critical to maintaining our first world environment that we live in and enjoy today.”


[00:40] – Greg’s early life and founding Greg Bear Consulting [05:29] – Where to connect with Greg
[06:26] – What’s happening with the Russian-Ukrainian war?
[15:19] – Should the civilian sector prepare for a conflict at this point?         [20:42] – What can you do to protect yourself from cyber attacks?

Connect with Greg:

Website: baugh/

Understanding Ransomware Double, Triple, and Quadruple Extortion With Brad LaPorte

In this episode of CHATTIN CYBER, Marc Schein interviews Brad LaPorte, former top-rated Gartner Analyst for cybersecurity, veteran US Cyber Intelligence, and product leader at Dell, IBM, and several startups. He is currently the Advisor at Lionfish Tech Advisors and Partner at High Tide Advisors, apart from being the Board Advisor at 4 early-stage startups – NetRise, rThreat, RunSafe Security, and TBD. He is also the author of the recently released cybersecurity book, The Rise Of Cybercrime. Today, he discusses the reasons for the increasing number of ransomware attacks worldwide and the measures to avoid or mitigate the risks from the same.

Explaining the increasing number of ransomware attacks, Brad shares that these days, all that is required to extort money from organizations is access to a keyboard on the internet. The barrier of entry to systems has been reduced. Additionally, over 98% of ransomware is paid out in Bitcoin, which is difficult to track. Starting November 2019, double, triple, and quadruple extortion tactics have started to be used, which has also added to this.

Double, triple, and quadruple extortion tactics can be explained hence:

  1. Double extortion is the exfiltration of sensitive data. So, companies are forced to pay the attackers despite having the encryption key or backup data.
  2. Triple extortion is when attackers disrupt the critical operations of organizations involved in, say, manufacturing, healthcare, or education. The criticality of the attack makes organizations highly likely to pay the attackers.
  3. Quadruple extortion is when attackers directly attack your customers or key stakeholders also. Also called supply chain attacks, they are like a force multiplier and cause an exponential increase in the damages.

Answering the question of whether or not to pay when ransomware attackers demand you to, Brad explains that one must try their best not to unless they’re left with no other choice. He also touches on the best cybersecurity practices to follow to mitigate the risks due to the attack, like the 12 key controls given by Marc around cyber resilience. He adds that even though the actual amount paid to ransomware attackers is coming down over time, the number of threat actors is increasing with the decrease in their barriers of entry.

One of the most overlooked reasons for cyberattacks is that over half of the organizations worldwide don’t know about the assets they have in their environment, the third-party vendors and other organizations associated with them, and over 75% manage everything through an Excel spreadsheet as their asset inventory database.

page1image62169536 page1image62163584

Care must be taken to ensure organizations are well aware of their assets, as these could be one of the easiest ways for attacks to happen.

For more, tune in to today’s episode!


“In trying to extort money from organizations, ultimately, all you need is access to a keyboard on the internet. So if you look at some of them (attackers), the people that can actually wreak havoc on organizations are quite vast.”

“Even though the actual numbers of payments are going down and declining… The amount of groups are increasing because of that low barrier of entry and actually increasing it over time. ”

“Over half of (the) organizations don’t know what assets they have in their environment, and over 75% actually manage everything out of an Excel spreadsheet as their asset inventory database.”


[02:33] – Why are ransomware attacks increasing?
[07:15] – Should you or should you not pay when ransomware attacks require you to? [09:45] – The biggest things around cybersecurity being ignored right now
[12:49] – Get in touch with Cory

Connect with Brad:


Navigating Cybersecurity Risks in Modern Communication Platforms With Max Buchan

In this episode of CHATTINN CYBER, Marc Schein interviews Max Buchan, founder and CEO of Worldr. The conversation gets into cybersecurity for communication platforms, hybrid and in-person communication channels, and the factors that might change the way we communicate in the future.

Max tells us how he got into cybersecurity while growing up in a small town in the United Kingdom (Canterbury), and how he revolutionized communication encryption around the world. He also worked as one of Coinshare’s first employees, which helped him learn about data jurisdictional issues and encryption keys. Max has spent the last three years building his own company, Worldr, and has been offering security for communication platforms through it.

Now, this might make you wonder: why is there a need for a company like Worldr for additional security services when most popular communication platforms have built-in encryption and security? Max explains that his company’s products are not for every other user on the internet, but rather for those who do not want to change their communication platform and want to communicate in a more scalable and secure environment with no third-party inference. Worldr works with large corporations having a significant employee strength who want all of their data to be secure.

Max also shared his thoughts on the best way to communicate in the future, saying that he believes it will be a hybrid style because some people prefer in-person communication while others prefer online communication for time efficiency.

Max also addresses the current challenges that the CISO community is facing, as well as how they approached this application. He stated that the CISO community is currently very small and needs to scale and that people and governments all over the world are taking small but progressive steps in this space. He later mentions the concept of zero trust and how it influences product development.

The conversation winds up with Max discussing the ever-changing and shifting cybersecurity space.

Listen to the conversation for more details!


“We’re not building these products for every single user on these platforms. I mean, these are great products, I believe, you know, for instance, Microsoft Teams, I think is approaching 300 million users, which is an incredible number. I mean, we don’t build these solutions for the broad base, we build them for specific industry verticals that have needs that go a little bit beyond a one-size-fits for certain products.”

“I want to caveat this by saying there are no zero-trust products, right? Because I feel like, you know, you go to one of these conferences, I was lucky enough to speak at InfoSec Europe, a month or whenever it was ago. And I mean, just everyone’s got zero trust everywhere. And you know, it’s an important concept. But it’s not a product And again, it all comes down to essentially, least privileged access and building in controls and governance every step of the way, right into your entire policy outlook.”


[00:42] – How did Max, while growing up in the UK, revolutionize communication encryption in not only the US but abroad?

[02:07] – Why is there an additional need for security in various communication platforms when they are already highly encrypted?

[05:29] – The communication styles of the future

[09:12] – Challenges CISOs are facing today?

[12:10] – What is zero trust?

[13:34] – How cybersecurity space is ever-changing and shifting

[15:11] – How to reach out to Max Buchan

Connect with Max Buchan:






How The Russia-Ukraine War Is Bolstering Ransomware Gang Attacks With Sherri Davidoff and Michael Kleinman

In this episode of CHATTIN CYBER, Marc Schein interviews Sherri Davidoff and Michael Kleinman about the rising ransomware attacks in cyberspace and the legal and operational ways to confront them. Sherri Davidoff is the CEO of LMG Security, and the author of three books, including “Ransomware and Cyber Extortion” and “Data Breaches: Crisis and Opportunity.” Michael Kleinman is Special Counsel in the Data Strategy, Security, and Privacy Practice at Fried, Frank, Harris, Shriver & Jacobson LLP.

The Russian-Ukrainian war has given us an open window into ransomware gang operations, thanks to some gangs facing internal discord, like the Conte ransomware gang, which became known for putting a pro-Russia statement and having a gang affiliate steal their internal information and put it out online. If sources are to be believed, the Conte ransomware gang has made at least $2.7 billion in Bitcoin over the past three years – a number drastically higher than any previous ones we’ve seen. The result of the explosive growth of such ransomware gangs is also that law enforcement is getting better at following the money and busting cybercriminals. However, the fight gets tougher as criminals move to more privacy-oriented cryptocurrencies.

With the current geopolitical state with Russia and Ukraine in the way, cyber attacks are focused on more than economic gains, as our guests share. Vulnerabilities and attacks on critical infrastructure are predicted to rise. An interesting point to note is the OFAC advisory on ransomware from September 2021, which tends to assuage the risks towards individuals considering making a ransomware payment and avoid being hit with sanctions violation and the reputational and financial risks associated with that. This new advisory helps you if you implement cybersecurity practices, including those highlighted by Cisco, like having an offline backup, incident response plan, cyber training, and authentication protocols, and cooperating with law enforcement during and after an attack. You might never get a full sign-off, but these would certainly help your company’s image significantly.

The FTC is on the watch, and you need to look for a lock for vulnerabilities and repair or remediate them. If not, you’d land in hot water.

The Ukraine-Russian war has also seen the introduction of new kinds of malware like wiper ransomware that wipe out the complete information from a system. These are known to have been distributed through software vendors like tax software. Though Ukraine is on the receiving end of these attacks at the moment, fears are the attack could extend to more countries.

In situations like this which jeopardize our cyber health, early detection is critical. Also important is the need to have a coordinated industry-wide response to reduce

the damage. As attackers get better at sneaking in and damaging our systems, our defense style also needs to grow from reactive to proactive. Prevention methodologies must also go hand-in-hand with government regulations. For more on this, listen to this episode!

Please note that this podcast was recorded on February 25,2022  prior to the passage of the Cyber Incident Reporting for Critical Infrastructure Act of 2022.


“One of the points from the White House is to bolster resilience to withstand ransomware attacks. And for the past two decades, we’ve seen almost a reticence to push our businesses and organizations too much. Because we recognize cybersecurity as a cost.”

“The new banking law was designed not to be overly burdensome to banks, but to give regulators an early heads up about issues. And that is super important, especially if you’re concerned about large scale operational impact on our financial sector.”

“Now is the time to deploy proactive measures, things like multi factor authentication, endpoint detection and response security training, we have to figure out what is blocking organizations and just jump over those hurdles and make it happen.”

“At an organizational level, we need visibility by installing appropriate detection systems and response systems monitoring. Because the earlier you detect an incident, the better able you will be to prevent it from metastasizing into a bigger problem like ransomware.”


[01:05] – Hot topics in cybersecurity today
[03:55] – How is the US government responding to the increased supply chain kind of cyber attacks?
[09:47] – How to reach out to Sherri Davidoff and Michael Kleinman
[13:03] – About the FTC providing notice about patching up their systems to companies
[15:31] What is meant by wiper malware?
[24:30] Key takeaways from today’s conversation

Connect with Michael and Sherri:

Michael Kleinman:

Sherri Davidoff:


Driving Pay Equity In Workplaces With Maria Colacurcio

In this episode of CHATTIN CYBER, Marc Schein interviews Maria Colacurcio, CEO, Syndio, bringing pay equity in workplaces worldwide.
Maria talks about switching from her liberal arts background to enter the tech space and eventually finding her purpose in leading the movement for pay equity in companies.

A history and political science student, Maria’s entry into tech happened by chance when she met a woman at a dinner party at the height of the tech boom, who suggested she move from nonprofits to tech, and even got her a referral to a marketing role at her company. Maria grabbed the opportunity and worked in the marketing division for the National Museum of American History at the Smithsonian and has over time, switched jobs and moved to technological roles at companies.

At a point while she worked at Starbucks, the company was hyping about their pay equity announcement. Considering such things weren’t mainstream conversation back then, it meant a lot. While exploring more about it during that time, Maria got to know the Head of the Global Employment Law at Starbucks very well, and learned the way that a typical traditional pay equity analysis is done – it wasn’t good. She realized that not only was the system backward-looking and cumbersome, it also didn’t reveal anything about the behaviors or practices that drive the pay gap in the first place. Desiring to make it better, Maria tried to infuse software innovation with proactive research to bridge the pay gap in organizations. She shares that this research has taught her the importance of starting pay in bridging pay gaps – you’ve to make sure it’s done right to avoid pay disparities in the chain of employment roles.

Maria also talks about the rising awareness around ESG commitments, including the perspective of institutional investors from the ESG lens and how they’re trying hard to figure out what it means to have social ESG commitments as a company that has workplace equity embedded in the human capital. Another thing she talks about is how shareholder proposals requiring companies to disclose adjusted and unadjusted pay gaps have been featured in proxy season since 2015. As per statistics, 7 of the Fortune 100 companies face these pay gap disclosure proxies. And at 2 of these companies, it has succeeded. She also discusses pay transparency legislations that are forcing companies to post a good faith range for any new job position to avoid pay disparities.

There are two sides to pay equity – equal pay for equal work and the median pay gap. Our litigation is largely centered around the first and there’s a lot of legal risk to that. Companies also need to focus on the median pay gap, which is a reflection of opportunity – it’s the averages. In California’s SB 1162 – the legislation that just passed the California State Senate, it’s not just about pay transparency on job ranges.

It also includes disclosure of your median pay gap to the state and public reporting of your W2 earnings by EEO category. Companies need to do a full-body scan to adapt their practices to bridging the pay gap.
Towards the end of the conversation, Maria also shares actionable ways to implement equal pay opportunities at workplaces. Tune in to this episode to hear all about it!

“It was this crack in the door, which has been a real consistent theme in my career, seeing sort of a door cracked open, and then just being curious, having that intellectual curiosity to say, I wonder what wonder that leads, and then kicking it open.”“The Head of Global Employment Law at Starbucks, and I started talking about, ‘Is there a way to infuse innovation in software to make this something that is more proactive to make this something that looks at for example, starting pay is the biggest factor in any pay equity analysis?’. So how do you look at starting pay, make sure at that moment in the employee lifecycle that you’re getting it right so that you’re not having this consistent and ongoing backwards looking repeat have the same remediation over and over and over.”
“The median pay gap is really just a reflection of opportunity. It’s the averages. So do you have all of your men, for example, in the highly paid positions at your company? And why (though you may have really good gender diversity) are all your women sort of in the lower levels? If you had to disclose your median pay gap that would become very obvious to the outside world.”
[00:37] – Maria’s early life and advent into the cyberspace [05:04] – Trends in the ESG space
[07:45] – What should companies do to ensure pay equity? [09:31] – Connect with Maria
Connect with Maria: