Last Month in Security 010: Richard Stiennon on the EO and Cyberwarfare

In this edition of the Halcyon video/podcast series Last Month in Security, host Anthony M. Freed and panelists Ben Carr and Stacey Cameron sit down with Richard Stiennon, Founder and Chief Research Analyst at IT-Harvest:

We jump right with a discussion around President Biden's Executive Order to Strengthen U.S. Cybersecurity, which – among other things – follows on to previous Secure-by-Design initiatives from CISA. These efforts are ostensibly good, but the panel considers whether the US government is offering enough “carrots” in thew form of incentives for free market solution acceleration, or whether these provisions include too many “sticks” in the form of punitive regulatory actions.

The EO also included specific measures to combat ransomware attacks, including Enhanced Sanctioning Authority that allows the Department of Justice to go after the assets of known offenders. It also includes language around the Promotion of Advanced Technologies to encourage adoption of AI-based defenses and accelerates the transition to post-quantum cryptographic algorithms.

While the EO seems to address a lot of things that were issues more than a decade ago (save for mentions of AI and quantum capabilities), the panel debates whether the order goes far enough and discusses whether the government can do more for organizations being overwhelmed by ransomware attacks than offer guidelines and frameworks.

The conversation then moves to the ongoing attacks by China's Salt Typhoon attacks. Between December and January, the Chinese operation infiltrated five major telecoms and internet service providers worldwide including entities in the US. The operation compromised the communications of U.S. political figures – notably of President Trump and Vice President Vance.  

Other “Typhoon” operations being tracked include Volt Typhoon and Flax Typhoon, both targeting organizations within U.S. critical infrastructure sectors. The panel discusses where we should draw the line on cyberwarfare; at infiltration, or after they execute disruptive or destructive payloads.

We close out the discussion with Stiennon with a look at his amazing work putting together the Security Yearbook 2024, an annual publication that documents the history and current state of the IT security industry, which serves as a valuable resource for understanding industry developments and trends.

Stiennon tells us more about the genesis of the project, explains the process to put all this info together and keep it updated, and what he learned along the way when putting the book series together.

About Our Guest:

Richard Stiennon is a prominent cybersecurity expert and industry analyst with a career spanning several decades. He is the founder and Chief Research Analyst at IT-Harvest, an industry analyst firm he established in 2005 to cover the extensive landscape of IT security vendors. Throughout his career, Stiennon has held significant positions, including Vice President of Research at Gartner, Chief Marketing Officer at Fortinet, Vice President of Threat Research at Webroot Software, Chief Strategy Officer at Blancco Technology Group, and more.

Stiennon’s educational background includes a Bachelor of Science in Aerospace Engineering and a Master of Arts in War in the Modern World from King’s College, London. In addition to his writing and research, Stiennon advises a range of security companies, from startups to large enterprises, and contributes articles to publications such as Forbes, CSO Magazine, and The Analyst Syndicate.  

Stiennon is also a prolific author, with notable works including:

• Surviving Cyberwar: Stiennon introduces the concept of cyberwarfare, outlines effective defenses against cyber threats, and explains how to prepare for future attacks.

• There Will Be Cyberwar: Stiennon examines how the U.S. military's transition to network-centric warfare has introduced vulnerabilities exploitable through cyberattacks.

• Secure Cloud Transformation - The CIO’s Journey: Stiennon explores the experiences of 16 IT leaders from organizations such as Fannie Mae, Siemens, Google, Microsoft, and Amazon.

• Security Yearbook 2024 - A History and Directory of the IT Security Industry: The latest complete desk reference for the entire cybersecurity industry with a comprehensive directory of cybersecurity vendors.

• Analyst AI and Architect AI: Provide access to IT-Harvest's extensive database of over 4,000 cybersecurity vendors and tailored guidance on more than 11,000 cybersecurity products.

Stiennon has also delivered presentations on cybersecurity topics in 29 countries across six continents and has served as a lecturer at Charles Sturt University in Australia.

Your Hosts:

Anthony M. Freed, Halcyon Director of Research and Communications: Freed is a strategic communications leader, award-winning writer, publisher and podcast producer who was previously a freelance security journalist leading headline-making investigations that included the Symantec NAV source code leak, the mass compromise of US government agency account credentials, the denial-of-service attack that took down WikiLeaks, and more. Freed is also the principal researcher who produces the quarterly Halcyon report Power Rankings: Ransomware Malicious Quartile - Inside Data Extortion Attacks.  

Ben Carr, Halcyon Chief Security and Trust Officer: Carr is a Security & Risk Executive and recognized thought leader with more than 25 years of results driven experience in developing and executing security strategies. Carr has served in global leadership roles at advanced technology, high risk, and rapid growth companies such as Ericsson (Cradlepoint), Qualys, Aristocrat, Tenable, Visa and Nokia. Ben has served as a member of the Board of Directors for organizations such as IT-ISAC and NTXPKUA. He is an advisor for Noname Security and Syn Ventures and has previously served on Advisory boards for Living Security, TruStar, Mimecast, Qualys, and Accuvant.  

Stacey Cameron, Halcyon Chief Information Security Officer (CISO): Cameron has over twenty years of industry experience in information security supporting private corporations, civilian federal agencies, and DoD agencies’ classified and unclassified environments. She has supported a variety of compliance initiatives such as DoD Information Technology Security Certification and Accreditation Process (DITSCAP), DoD Information Assurance Certification and Accreditation Process (DIACAP), DISA’s Computer Network Defense Service Provider (CNDSP) program, Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), FBI Criminal Justice Information Services (CJIS), North America Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP), PCI DSS, ISO 27001/2, HIPAA, SOC 2, NIST SP 800-171 (DFARS) - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and Cybersecurity Maturity Model Certification (CMMC) readiness.  

Subscribe to the Show:

• Apple Podcasts  

• Spotify  

• Amazon  

• Podcast Index  

• Podcast Addict  

• Podchaser  

• Pocket Casts  

• Deezer  

• Listen Notes  

• Player FM  

Halcyon.ai eliminates the business impact of ransomware. Modern enterprises rely on Halcyon to prevent ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal data, and extort companies – talk to a Halcyon expert today to find out more, and check out our quarterly RaaS and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile.