The Security Detail

In this episode of The Security Detail, we explore the complex domain of election cybersecurity with Marci Andino, senior director of the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC). From international interference threats to localized phishing attacks, discover the varied challenges election offices face and the strategies deployed to safeguard the integrity of electoral processes.
 
Resources:
EI-ISAC Resources: https://www.cisecurity.org/ei-isac
Marci Andino Bio: https://safeelections.org/marci-andino/
EI-ISAC's Essential Guide to Election Security: https://essentialguide.docs.cisecurity.org/en/latest/index.html
How Investigators Solved the Biden Deepfake Robocall Mystery (Bloomberg): https://www.bloomberg.com/news/newsletters/2024-02-07/how-investigators-solved-the-biden-deepfake-robocall-mystery
Splunk research on generative AI spear phishing email translation: https://www.splunk.com/en_us/blog/security/old-school-vs-new-school.html
 

Cybersecurity is crucial for journalists and newsrooms to safeguard sensitive information, protect sources, and ensure the integrity of their reporting in an increasingly digital and interconnected media landscape. Episode 3 of The Security Detail features an interview with Runa Sandvik, a security researcher and founder of Granitt, a consulting firm that focuses on digital security for journalists and other at-risk people.
 
Resources: 
Granitt Website
Runa's Website
Follow Runa on X
Runa's blog posts
Tor Project
Google Summer of Code
Security Expert: Apple's Lockdown Mode Still Defeats Commercial Spyware
Columbia Journalism Review profile on Runa
Citizen Lab
Amnesty International

Water treatment facilities are part of the critical infrastructure that supports essential services. A cyberattack on these facilities could disrupt the supply of clean water, leading to severe consequences for public health, safety, and the economy. In this episode, two representatives from the US Cybersecurity and Infrastructure Security Agency, or CISA, share strategies to defend the water sector from cyberattacks. They also provide an update on CISA's investigation into an Iranian-linked campaign targeting Israeli-made Programmable Logic Controllers (PLCs) at a number of US water utilities.
Resources: 
CISA Risk and Vulnerability Assessments program
CISA Security Advisors
Top Ten Cybersecurity Misconfigurations (NSA and CISA Advisory)
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities (CISA Advisory)
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs (CISA Alert)
CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords (CISA Alert)
States and Congress wrestle with cybersecurity after Iran attacks small town water utilities (Associated Press)
CVE-2023-6448 (NIST NVD)
CISA's Known Exploited Vulnerabilities Catalog 
Report a cyber issue to CISA
Water and Wastewater Cybersecurity toolkit (CISA)
China’s cyber army is invading critical U.S. services (Washington Post)
Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft)
Stop Ransomware website (CISA)
The Dragos Community Defense Program Helps Secure Industrial Infrastructure for Small Utilities (Dragos)
Cybersecurity for Rural Water Systems Act
Energy Circuit Riders Act
 
 

Season 2 of The Security Detail kicks off with an inside look at Cyber Coalition 2023, NATO's flagship cyber defence exercise. Audra Streetman traveled to Tallinn, Estonia to tour the exercise and interview creators and participants about the knowledge and collaboration needed to defend the Alliance from cyber threats. 
 
Links: 
Cyber Coalition 2023 NATO Blog

Wrapping up Season 1 of The Security Detail, episode 14 features interviews with a number of past guests about the best advice they've received in their career along with the failures they've learned the most from. 
Stay tuned for Season 2 of The Security Detail, which kicks off on January 3, 2024 with an episode about Cyber Coalition 2023, NATO's flagship cyber defense exercise. Audra Streetman traveled to Tallinn, Estonia to tour the exercise and interview creators and participants about the knowledge and collaboration needed to defend the Alliance from cyber threats. 

Cybersecurity in the energy sector is crucial for safeguarding critical infrastructure, preventing potential disruptions to power grids, and mitigating the risk of cyberattacks that could have severe economic, environmental, and societal consequences. In this episode, Joe Slowik, threat intelligence manager at Huntress, discusses the top cyber threats to the energy sector. 
 
Resources: 
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology (Mandiant)
Attaining Focus: Evaluating Vulnerabilities In The Current Threat Environment
Exorcising the Ghost in the Machine: Debunking Myths Around Supply Chain Intrusions
Assessing The Balance Between Visibility & Confidentiality In ICS Network Traffic
E-ISAC
Cybersecurity Risk Information Sharing Program (CRISP)

Cybersecurity is crucial for the defence industry as it safeguards sensitive information, intellectual property, and critical infrastructure from cyber threats, ensuring the integrity and resilience of military technologies. In this episode, Luke O’Brien, NATO's principal engineer for cyber defence explains NATO’s unique approach to cybersecurity.
 
Resources: 
NATO Cyber Defence
NATO Malware Information Sharing Platform (MISP)
NATO Crisis Management Exercise 2023 (CMX23)
2023 NATO Summit in Vilnius
NATO Rapid Reaction Team
Albania weighed invoking NATO’s Article 5 over Iranian cyberattack (Politico)

Cybersecurity has become a critical element in geopolitics, shaping international relations as nations grapple with the challenges of protecting their digital infrastructures and safeguarding national security in an interconnected world. In this episode, Dmitri Alperovitch, Executive Chairman at Silverado Policy Accelerator, discusses the intersection between cybersecurity and geopolitics and the evolving role of cyber in modern conflict.
 
Resources:
World on the Brink: How America Can Beat China in the Race for the Twenty-First Century
Geopolitics Decanted podcast by Silverado
Follow Dmitri on X
Infamous Chisel report
Storm-0558 Report
Volt Typhoon Report
The Alperovitch Institute
Silverado Policy Accelerator

Cybersecurity in aviation is paramount as it safeguards critical systems, ensuring the safety of passengers and the integrity of flight operations. In this episode, Richard Waine, head of SecOps at easyJet, discusses the aviation cyber threat landscape and how easyJet is tackling a range of technical and policy issues. 
Resources: 
easyJet.com
Aviation ISAC

The cyber threat landscape for education has evolved rapidly, with ransomware attacks and data breaches targeting schools and universities, highlighting the critical need for robust cybersecurity measures in the sector. In this episode, Brett Callow, threat analyst at Emsisoft, shares his observations about the cybercrime ecosystem and how schools and universities can best defend against these attacks. 
 
Resources: 
Unpacking the MOVEit Breach: Statistics and Analysis (Emsisoft)
The State of Ransomware in the US: Report and Statistics 2022 (Emsisoft)
Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity (CISA)