The collective defense: Why transparency and knowledge sharing are essential in cybersecurity
In the world of cybersecurity, transparency and knowledge sharing are vital tools for collective defense.
Thus, organizations must learn to improve their cybersecurity practices by studying incidents that have occurred at other companies as a starting point.
“A lot of times, people are afraid to do this, because there’s a stigma against data security events,” said Charles Carmakal (pictured, left), chief technology officer of Mandiant, a Google LLC company. “But we all learn when we openly share learnings from the variety of security attacks that we all deal with on a day-to-day basis.”
Carmakal and Jeff Lunglhofer (right), chief information security officer at Coinbase Global Inc., spoke with theCUBE industry analysts Rob Strechay and Rebecca Knight at the mWISE Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the importance of open conversations, robust authentication methods, key protection and the value of information sharing among organizations. (* Disclosure below.)
Social engineering and ‘push fatigue’
Social engineering, the act of unwittingly extracting access information from within an organization, is a popular tactic today. In the recent Coinbase Inc. incident, a threat actor used persuasive tactics to trick an employee into providing their username and password on a phishing website, according to Lunglhofer.
“The situation we dealt with at Coinbase was a traditional but sophisticated and advanced social engineering attack,” he said. “It occurred over the course of about four hours. We had several dozen of our employees who were contacted directly by a threat actor that we lovingly call ‘Scattered Spider’ and a few other code names that Mandiant and our other colleagues have come up with.”
There’s also the concept of “push fatigue,” where users may become desensitized to authentication prompts, potentially compromising security. There needs to be stronger authentication methods, such as One-Time Passwords (or OTP) and physical security tokens, such as YubiKeys, to enhance security while maintaining convenience, Lunglhofer added.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the mWISE Conference:
(* Disclosure: Google Cloud sponsored this segment of theCUBE. Neither Google Cloud nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.