This article is based on a CTO Shadowing session with Bryan Seely, an ethical hacker and cybersecurity expert. Bryan is a former marine who, by his own admission, wiretapped the US Secret Service and FBI. Later, he worked with John McAfee and Mark Cuban and founded the Black Hat Conference in Riyadh in 2021.
According to Bryan, there is a measurable and quantifiable number of ransomware strains that check for the Russian language as a second or a first language on your keyboard. So if you have a Russian language set as a first or second language, they won’t infect your machine.
Installing Wireshark should have the same effect because they’ll think you’re a honeypot because hackers don’t want you to figure out how they are doing things.
This just goes to show how important it is for technology leaders to closely follow cybersecurity news and updates.
Password length must be over 14 characters.
Encourage security fundamentals, but don’t force it. Instead, do it incrementally because people tend to resist the sudden change. As a rule of thumb, never change more than 10% of the framework in a single attempt and people will think they are part of the solution and the team that is planning everything. This approach will also prevent overload on the team implementing migration.
When evaluating a new technology, make sure it does not contain too many CVEs right off the bat. For example, a biometric fingerprint scanner without supervision.
Stay informed about the latest threats and security news (during the session, Bryan suggested Krebs on Security blog).
Biometrics work, but 2FA must be mandatory. Almost every single big breach was enabled by negligence (eg, leaving credentials to a VPN open for anyone to see them).
Shut down access immediately upon exit or predefined (read: relatively short) idle time. You can easily find yourself in a situation where you don’t have the slightest idea about an entry point which will leave attack vectors open simply because someone forgot to shut something down or close the ticket.
Never use built-in password managers.
Don’t trust an app’s permissions requests; in most instances, your consent is irrelevant and the app will pass the information anyway.
To avoid single points of failure, introduce compartmentalisation. Earlier this month, the ransomware group, Black Basta, claimed that it obtained sensitive data upon a successful breach into the BT Group’s infrastructure. However, thanks to the compartmentalisation, affected systems were quickly isolated and wider damage was prevented.
Always know what is on your network.
When training employees, always use live training instead of videos.
According to Bryan, there is a great chance of someone breaking encryption under anyone’s radar. In other words, no one will be aware of the exploit.
Many who are counting on the advanced analytical and detection capabilities of an AI should realise that they don’t actually have the AI but merely a bunch of what-if statements nested in 19,000 lines of code. — Bryan Seely
Cybersecurity is not just about technology, but also about vigilance and informed practices. Proactive steps and continuous learning are your best defence in the ever-evolving cybersecurity landscape.
If you want to learn more about the CTO’s role in cybersecurity, read this guide.
90 Things You Need To Know To Become an Effective CTO
