The Security Detail

Cybersecurity in the energy sector is crucial for safeguarding critical infrastructure, preventing potential disruptions to power grids, and mitigating the risk of cyberattacks that could have severe economic, environmental, and societal consequences. In this episode, Joe Slowik, threat intelligence manager at Huntress, discusses the top cyber threats to the energy sector. 
 
Resources: 
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology (Mandiant)
Attaining Focus: Evaluating Vulnerabilities In The Current Threat Environment
Exorcising the Ghost in the Machine: Debunking Myths Around Supply Chain Intrusions
Assessing The Balance Between Visibility & Confidentiality In ICS Network Traffic
E-ISAC
Cybersecurity Risk Information Sharing Program (CRISP)

Cybersecurity is crucial for the defence industry as it safeguards sensitive information, intellectual property, and critical infrastructure from cyber threats, ensuring the integrity and resilience of military technologies. In this episode, Luke O’Brien, NATO's principal engineer for cyber defence explains NATO’s unique approach to cybersecurity.
 
Resources: 
NATO Cyber Defence
NATO Malware Information Sharing Platform (MISP)
NATO Crisis Management Exercise 2023 (CMX23)
2023 NATO Summit in Vilnius
NATO Rapid Reaction Team
Albania weighed invoking NATO’s Article 5 over Iranian cyberattack (Politico)

Cybersecurity has become a critical element in geopolitics, shaping international relations as nations grapple with the challenges of protecting their digital infrastructures and safeguarding national security in an interconnected world. In this episode, Dmitri Alperovitch, Executive Chairman at Silverado Policy Accelerator, discusses the intersection between cybersecurity and geopolitics and the evolving role of cyber in modern conflict.
 
Resources:
World on the Brink: How America Can Beat China in the Race for the Twenty-First Century
Geopolitics Decanted podcast by Silverado
Follow Dmitri on X
Infamous Chisel report
Storm-0558 Report
Volt Typhoon Report
The Alperovitch Institute
Silverado Policy Accelerator

Cybersecurity in aviation is paramount as it safeguards critical systems, ensuring the safety of passengers and the integrity of flight operations. In this episode, Richard Waine, head of SecOps at easyJet, discusses the aviation cyber threat landscape and how easyJet is tackling a range of technical and policy issues. 
Resources: 
easyJet.com
Aviation ISAC

The cyber threat landscape for education has evolved rapidly, with ransomware attacks and data breaches targeting schools and universities, highlighting the critical need for robust cybersecurity measures in the sector. In this episode, Brett Callow, threat analyst at Emsisoft, shares his observations about the cybercrime ecosystem and how schools and universities can best defend against these attacks. 
 
Resources: 
Unpacking the MOVEit Breach: Statistics and Analysis (Emsisoft)
The State of Ransomware in the US: Report and Statistics 2022 (Emsisoft)
Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity (CISA)

Cloud security is essential to safeguarding sensitive data and ensuring the reliability of digital services in an increasingly interconnected and data-driven world. In this episode, Sean Heide shares some of the top threats to cloud computing that he's seeing as technical research director at the Cloud Security Alliance. 
 
Resources:
CSA's 2022 Top Threats to Cloud Computing report
CIS Critical Security Controls
Shared Responsibility Model in the Age of Cloud 

Cybersecurity in the financial sector is of paramount importance due to the highly sensitive and valuable nature of the data and transactions involved. In this episode, Paul Trueman, the executive vice president of segments in cyber and intelligence at Mastercard, shares insights from his extensive experience in the industry and provides advice on navigating challenges. 
Resources: 
FS-ISAC's Navigating Cyber 2023 report
Digital Intelligence Index
Digital Trust at the World Economic Forum
Oxford Cyber Security for Business Leaders Programme

The cyber threat landscape for the retail and hospitality sector is marked by persistent and sophisticated attacks, targeting both customer data and financial information. With the widespread adoption of e-commerce and digital payment systems, threat actors exploit vulnerabilities in online platforms and point-of-sale systems to steal sensitive data and execute financial fraud. Additionally, the interconnected nature of supply chains in these industries presents further risks, demanding heightened cybersecurity measures to safeguard customer trust and protect against potential disruptions to business operations.
In this episode, Suzie Squier, president of the Retail and Hospitality ISAC, shares the top concerns she's hearing from ISAC members and her recommendations to better defend against these threats. 
 
Resources: 
RH-ISAC website
MISP threat sharing platform
RH-ISAC Benchmark Survey
2022 Zscaler ThreatLabz - State of Phishing Report
Bluenomicon: The Network Defender's Compendium
 

Threat actors continue to exploit vulnerabilities in healthcare systems, leading to data breaches, ransomware incidents, and disruptions in critical medical services. The sector's increased reliance on interconnected devices and electronic health records has amplified the risks, necessitating robust cybersecurity measures and constant vigilance to safeguard patient information and maintain the integrity of healthcare operations.
In this episode, Zach Nelson, Assistant Vice President of Health-ISAC's Threat Operations Center, shares his insight on the top cyber threats to the healthcare sector.
 
Resources: 
H-ISAC website
FDA Guidance regarding cybersecurity in medical devices
MSFT Blog on court order regarding cracked copies of Cobalt Strike
 

In this episode of The Security Detail, Kirsty and Audra take a look at the cyber threat landscape for the public sector from an Australian perspective. The episode features an interview with Dan Tripovich, who is currently the Assistant Director-General Standards, Technical Advice and Research (STAR) within the Australian Signals Directorate’s Australian Cyber Security Centre Group. STAR Branch delivers ACSC’s flagship publications, including the Australian Government Information Security Manual, the Essential Eight and Protective Cyber Security guidance to the Australian public. Dan is also responsible for the delivery of the ACSC’s Research, International Standards and Technical Advice capabilities to support the secure operation of Critical, Emerging and Operational Technologies.
 
Resources:
- Australian Cyber Security Centre
- An Introduction to Securing Smart Places
- Essential Eight
- REDSPICE investment