Podcasts
CSO Perspectives (Pro)
Ep 67
CSO Perspectives (Pro) 1.31.22
Ep 67 | 1.31.22

Pt 2 – Students of the game: What are the Hash Table’s go-to information sources for 2022?

Show Notes
Transcript

(SOUNDBITE OF MUSIC)

Rick Howard: You're listening to one of the theme songs used by the 1970s TV show "This Week in Pro Football," produced by NFL Films. In the last episode, I described how this fantastic little show took me from being indifferent to the sport of professional football to being a student of the game. And I made the point that we are all students of the cybersecurity game. But unlike football, this game isn't static. There's always something new going on that we have to learn and understand. I wish we had a weekly 30-minute TV show that is so well-done and so compelling that watching it was all I had to do to stay up to date. 

(SOUNDBITE OF ARCHIVED RECORDING) 

Tim Allen: Oh, yeah (laughter). 

Rick Howard: But that's not the way it is in the real world. Things have gotten a bit more complicated. 

(SOUNDBITE OF ARCHIVED RECORDING) 

Tim Allen: Oh, no. 

(LAUGHTER) 

Rick Howard: So last week I talked about my favorite places to get information - essentially, books and podcasts. But I freely admit that I'm not like most people. There's a special corner reserved in infosec land for the Howard kind of crazy. So I thought I would get a second opinion - invite some subject matter experts to the CyberWire Hash Table and discuss how they do it. This should be fun. 

(SOUNDBITE OF FILM, "JURASSIC PARK") 

Samuel L Jackson: Hold on to your butts. 

Rick Howard: My name is Rick Howard, and I'm broadcasting from The CyberWire's Secret Sanctum Sanctorium Studios, located underwater somewhere along the Patapsco River near Baltimore Harbor. And you're listening to CSO Perspectives, my podcast about the ideas, strategies and technologies that senior security executives wrestle with on a daily basis. 

Rick Howard: Steve Winterfeld is Akamai's advisory CISO, and Errol Weiss is the CSO for the Health ISAC. And I've known both of them since the world was young. Steve and I served in the U.S. Army together, and Errol and I worked together in the early days of the FS-ISAC. Both of them bring a wealth of experience from the infosec world and have interesting and unique views about how to continue their education as students of the cybersecurity game. Our discussion was, shall we say, freewheeling. Here's the interview. Enjoy. 

Rick Howard: So in an effort to stay up to date on everything that's going on in the infosec world, we all consume a lot of content. And over the years, I found it to be extremely useful to pull some smart people that I run into about what they consume. But unfortunately, I couldn't find any smart people for this show, so the three of us will act as proxies. And those are the two best jokes I have, so if you guys aren't laughing, all right, this is going to be a long interview session. 

Errol Weiss: You can tell we go way back to take this kind of abuse, right? 

Rick Howard: (Laughter). 

Errol Weiss: All good. All good. 

Steve Winterfeld: I think I'll be able to match those dad jokes by the end of this. 

Rick Howard: (Laughter) Good. 

Errol Weiss: (Laughter). 

Rick Howard: All right. So we're going to do a couple of rounds each about the infosec content that the three of us consumed and thought were especially useful in 2021. So Steve, let's start with you. What's your first pick for useful infosec content this past year? 

Steve Winterfeld: So part of the challenge is - for those of us that have done this for a while - is finding something that you're getting a new idea. And for me, I consume information in a bunch of different ways. So I'm going to start off with a couple podcasts that I've really gotten something out of. The first is BBC put out a podcast on the Lazarus Heist. 

Rick Howard: Oh, I love that show. That's a great show. 

Steve Winterfeld: And I thought I kind of knew what was going on with them, but by the end of that, I had learned quite a bit. And it was nice to have it all laid out kind of end to end because it was a great flow. And the good news is they're about to come out with the second season. 

Rick Howard: Yeah. 

Steve Winterfeld: And so, you know, the BBC has put out "The Missing Cryptoqueen," "The Lazarus Heist." They've got some great podcasts. And it it's really well done. The second one is more kind of that continuous education, and that's the "Darknet Diaries." 

Rick Howard: I love the "Darknet Diaries." I love the way he tells stories about that, that makes it so approachable and understandable. 

Steve Winterfeld: Yeah, and it's interesting. Like, some episodes, I'll be like, OK, that was fine. Or I might not even make it all the way through the episode. And then there's others like the guy that actually printed fake currency. 

Rick Howard: (Laughter). 

Steve Winterfeld: And it was something I didn't know that much about, and I was amazed how he managed to get through all those security gates and actually, you know, produce realistic currency. So I really like that as far as, I'll say, continuous learning. 

Rick Howard: So I've noticed that as a trend in the podcast world this past year or so that there is these limited series. This is not a show that - like, a continuous show that happens every week. It's a we're going to do - we're going to cover a subject like the Lazarus Heist over, you know, eight, nine seasons or eight, nine episodes. And they cover it from A to Z, which I really like. Like you said, I thought I knew a lot about it until I listened to somebody put it all together and connect all the dots. Have you heard any of that, Errol? Did you guys - have you stumbled into those podcasts? 

Errol Weiss: Yeah, I've seen - some of the guys on staff here at Health-ISAC are big fans of that as well. Yeah. 

Rick Howard: All right. So, Steve, good picks. I like both of those. Errol, let's move over to you. What's your first pick for infosec content? 

Errol Weiss: So, you know, it's tough to narrow stuff like this down, so I'm going to go with my first pick. I'm going to go to our colleague from the finance sector, Phil Venables. He's on Twitter with @philvenables. And I've known Phil for a long time. 

Rick Howard: Did you used to work for him? 

Errol Weiss: Well, maybe kind of sort of during - probably during my consulting days, I'm sure I probably - I did have to do something for him, actually. 

Rick Howard: (Laughter). 

Errol Weiss: So actually, that's how I met him. He was at Standard Chartered Bank a long time ago, and I came to visit him to do some penetration testing way, way back in the day when I actually knew what I was doing on the keyboard. But he's a brilliant guy. He was - after Standard Chartered, a couple of jobs later, he was over at Goldman Sachs. He was the CISO over there. He's currently at Google now - and just an incredibly brilliant person. He's very personable and very humble as well. And he - and on Twitter, he is providing some gems. I mean, there's some maybe non-cybersecurity things out there that he's posting, but a lot of what he is posting, he's pushing you on things about everything from cloud security to risk management philosophy to incident response. And some are short. His risk management one, I think, was, like, 13 tweets broken up, covering various topics. But he'll lay it out there. 

Errol Weiss: And I think - you know, one of the things that I really enjoy about Phil is, you know, thinking about the places where he's been and especially from his days - his long career at Goldman and now at Google, you know, doing security for these large organizations, you know, he's obviously seen it all. And being able to see the wisdom coming from him on Twitter, very candid, is just enormously valuable. So really, just encourage people to take a look at that. 

Rick Howard: I met Phil, like, when he was at Goldman Sachs, too. And he and I hit it off right off 'cause he's a huge reader, and so we were comparing book notes. And he is one of the - one of our great minds in cybersecurity from the industry. So it's a fantastic book. Steve, have you ever run into Phil in your travels? 

Steve Winterfeld: Yeah, I've heard some of his wisdom as well, and I agree that it's definitely worth it. That's one I haven't done, so I'll have to start following that one - an opportunity for me. 

Errol Weiss: He's obviously really well-connected, and he just recently got nominated for one of the White House oversight and/or advisory roles. And like I said, he's very humble about it. You know, he's not the kind of guy that's going to name-drop on you. 

Rick Howard: Do either of you two get annoyed with Twitter when some - like you were describing, Errol, how Phil will give you a tome - you know, 22 Twitter messages at a time. Does anybody - does that annoy anybody besides me? - 'cause I... 

Errol Weiss: That's - yeah, yeah. 

(LAUGHTER) 

Errol Weiss: Yeah. Usually, Twitter, you're sitting there waiting for the - OK, the words of wisdom in 144 characters or less. And they're like, darn, look at that. He's got 15 tweets that I'm going to have to read now. This is going to take a while. 

Rick Howard: I didn't want to read a book on Twitter. Yeah. 

(LAUGHTER) 

Rick Howard: All right. Well, good pick, Errol. For my first pick, I'm going to go a little bit out of the ordinary here. It's called "Kill Chain: The Cyber War on America's Elections." This is an HBO documentary broadcast in March of 2020. So let me give you some context here. Harri Hursti is our guide for this movie, and it's ostensibly about how fragile the election equipment infrastructure is in the U.S. And this comes out, like, eight months before the U.S. presidential election between the incumbent President Trump and the now-President Biden. And it's also at the exact moment when the U.S. went into serious lockdown because of COVID, so people might have missed it. They may have been thinking of other things. 

Rick Howard: But Hursti is a Finnish computer expert, and he was - when he was much younger, he was kind of a child programming prodigy. But he's made his career out of hacking election hardware. And he managed to get a bunch of heavy hitters to come on the show and opine about how bad the situation was prior to the 2020 presidential election, people like Senator James Lankford - he was a Republican from Oklahoma - Mark Warner, a Democrat from Virginia. And these are just two, and there is many more in the show. He got Jeff Moss to come in, the founder of DEF CON and Black Hat, and a couple of metric tons of voting security experts like Sue Halpern. She's a freelance journalist for The New Yorker who - out of all the people that were on the show, she comes off to me as the most credible and knowledgeable. 

Rick Howard: So here's the thing I liked about it and why I'm recommending it on this show. It was published before the 2020 presidential election. The experts are a group of lefty-leaning security experts trying to highlight a real problem in the U.S. election infrastructure that, by and large, was mitigated by the efforts of Chris Krebs, the former Microsoft executive appointed by President Trump to head the Cybersecurity Infrastructure Security Agency, or CISA. And by all accounts, Krebs and his team were exponentially successful. And then President Trump fired him over Twitter, so, you know - not to mention Twitter here, but - so today... 

Errol Weiss: (Laughter). 

Rick Howard: ...In 2022, just over a year since the presidential election, this HBO documentary highlights just how fragile the U.S. election machinery is - not just the voting machine, but the entire people, process and technology apparatus. The entire system is based on low-level functionaries following the rule of law and doing the right thing when crises emerge. And in this last election, the system worked but just barely. And in our current environment with fake news and false narratives about election fraud, in my mind, the system is even more weakened to the point of collapse. So this documentary scared the crap out of me. So Steve, you haven't seen the show because you don't like HBO for some reason. 

Steve Winterfeld: Well, I don't make money like you do... 

Rick Howard: (Laughter). 

Steve Winterfeld: ...So I can't afford all those shows just like you do. But from what I - I will tell you that I caught some of it and it does a great job of blending the technical and explaining the impact, you know, and the scenes where you have people testifying - they don't touch the internet. And then he turns around and demonstrates a touch in the internet - kind of just well done. 

Rick Howard: Yeah, they - some of the scenes in the show, the equipment they were using in the last election were - or our equipment that Hursti, the guy that hosts the show - he had broke into by - in 2005, and people are still using the same unmodified equipment. So it's just kind of really scary, right? So Errol, any thoughts on election security before we move to the next topic? 

Errol Weiss: Yeah, and that's great. You know, the - I haven't seen it. Definitely something I would love to go and take a peek at, but the thing that - you know, I appreciate that this came out, like, way before the election happened, and so now I'm thinking, to your point, how fragile it is and how bad things are. Now, let's throw, like, you know, all the deepfake technology that's really starting to spark right now. Throw that at it, man. How scary is that going to get? I hope we can make some progress. 

Rick Howard: Yeah, it's pretty discouraging. All right. So that's my... 

Errol Weiss: Yeah. 

Rick Howard: ...First pick. Let's go to your second pick, Errol. What's your second pick for useful infosec content this past year? 

Errol Weiss: Yeah, so I'm going to go with a - I'll call it, like, a newsletter service that I've been using for several years called SmartBrief. And I gave you the link, so you can offer that up to our readers here, but... 

Rick Howard: Yeah, we'll put it in the show notes. 

Errol Weiss: ...Yeah, they've got over 200 - great. They've got over 200 different topics that are available. But I honed in on it because - actually when I moved from banking finance over to health care, I was like, I got to do some really quick reading and research about what I'm getting myself into... 

Rick Howard: (Laughter). 

Errol Weiss: ...When I move over to Health-ISAC. 

Rick Howard: Well... 

Errol Weiss: So what's going on? 

Rick Howard: Explain that a little bit, Errol. Explain what you - you were - you're a big deal in the finance sector, and then you moved over to the health care sector. 

Errol Weiss: (Laughter). 

Rick Howard: Explain what happened there. 

Errol Weiss: Yeah, so Rick and I met when I was working over at Citibank at the time, and I was heading up Citi's Cyber Intelligence Center and helped create and build and operate that for a while. So I was at Citi for 10 years and then Bank of America for three years before I left there to go take on this role at the Health-ISAC. And so, yeah, I felt very comfortable in the finance sector after all the work that... 

Rick Howard: (Laughter). 

Errol Weiss: ...I did between those two banks and other consulting services. And it was an uncomfortable change of jobs at that time, you know, just really putting myself out there and trying to do something to grow professionally by getting into another sector. So, yeah. So I stumbled across this SmartBrief, and they have, like I said, lots - hundreds of different topics. I found this one on health care, IT and security that was pretty good. And then since then, another one that I really have been paying attention to as of late is on - is a SmartBrief on leadership. And I like it, again, because in my short attention span that I seem to... 

Rick Howard: (Laughter). 

Errol Weiss: ...Have these days - like, you know, being a big fan of Twitter, for example - I like the fact that I can get the emails in my inbox every day. I can scan through the titles quickly and see if there's something in there that sounds interesting to me. And if it is, I'll dive into the article. So on the leadership side, you know, there'll be articles about, like, how to be an effective remote leader, and especially in the days of COVID, that's really helpful. You know, tips and tricks on motivating people in these times and other issues that you need to be sensitive to as a manager or leader or thinking about strategic leadership issues and whatnot - but every day, you know, nice little gems in there that I can learn from, so I really appreciate it. 

Rick Howard: So this is a commercial service that you subscribe to, and they summarize big categories of things, so you can get through it quickly. Is that a fair assessment? 

Errol Weiss: Yeah, I think so. There's some original - it feels like there's some original content in there. I'm sure they're leveraging it from a number of sources. Steve's going to like it 'cause it's free. 

Steve Winterfeld: (Laughter). 

Errol Weiss: That was a joke. 

Rick Howard: (Laughter). 

Steve Winterfeld: No, that's not a joke. 

(LAUGHTER) 

Errol Weiss: I like it 'cause it's free - let's face it. But it's been really helpful for me, and - like I say - good daily email content out of that. 

Steve Winterfeld: So I actually subscribe to your health care digests, and I looked at some of these topics, and you're right, they're great topics. They're well curated. With all of these, how do you keep up with those, you know, all those daily feeds? I just - I struggle with the discipline it takes to go in and review those. 

Rick Howard: If that's your thing for this year, is you're going to try to stay up to speed on a number of topics, you're going to have to dedicate yourself to, you know, carve off a couple of hours every day just to go through all of the material, right? That's what you're saying, right, Steve? 

Steve Winterfeld: Well, I don't even know that it's a couple of hours, but even like - so if... 

Errol Weiss: Yeah, you're kidding me, right? 

Steve Winterfeld: ...Let's say it's fifteen minutes you have... 

Rick Howard: (Laughter) Yeah. Yeah. 

Steve Winterfeld: ...(Laughter) I don't disagree, but... 

Rick Howard: (Laughter). 

Errol Weiss: Yeah. 

Steve Winterfeld: ...You know, even if you say - half hour every day, I'm going to open up this thread, I'm going to follow through, Reading an article often takes you - OK, they mention this author. I'm going to jump into YouTube. I'm going to see if there's a - this author is presented in YouTube, and, you know, you're off to the races doing, you know, research based on following the bread trail. It's that discipline I struggle with. I mean, Errol, how do you make yourself every day... 

Errol Weiss: Yeah. 

Steve Winterfeld: ...Read that digest? 

Errol Weiss: Well, this is - I mean, this is it, and this is exactly why we're here, so I'll give Rick a plug. Thank you for pulling us together because I - seriously, I think that this is how you find out where you focus your time, right? You don't have those four hours a day to read through all this stuff. 

Rick Howard: No. 

Errol Weiss: So how can I get it done in 20 minutes or maybe half an hour? And it's by listening to other people - hey, what are your favorites and why, and what value are you getting out of it? And make sure that that resonates with someone. You know, Rick all - you know, Rick has asked us about our favorite books, and I'm thinking, like, books? Who's got time to read a book? 

Rick Howard: (Laughter). 

Errol Weiss: I mean, seriously (laughter). 

Rick Howard: Well, though, I have a - this - I have a cybersecurity news service that we use at the CyberWire - that we publish something at the CyberWire, and our editor, who is John Petrik, goes through all the news, and it just collects it all in one spot so you can quickly get through just the newsy stuff - right? - in one place. So if you're looking for that kind of thing, I do that every day, and it's been very helpful, and it takes about 30 minutes... 

Errol Weiss: Right, I was... 

Rick Howard: ...To go through all that. Yeah. 

Errol Weiss: I was, you know - and I could put a selfless plug in there - right? - for the CyberWire. So I know I mentioned this to you before, but, you know, there's a section in that CyberWire called Marketplace... 

Rick Howard: Yeah. 

Errol Weiss: And I appreciate, like, all the M&A - mergers and acquisition news in there, and then also, like, all the startup talk that's in there. So it's a great place for me to go look and say, hey, what's hot in cyber? What's coming? What are people throwing money at, you know? What do I need to pay attention to? 

Rick Howard: So it's very similar to the service you were - and tell me the name again of the service you were plugging at the beginning of this - what was it called again? 

Errol Weiss: SmartBrief. 

Rick Howard: SmartBrief. 

Errol Weiss: SmartBrief. 

Rick Howard: So it's similar to that... 

Errol Weiss: Yeah. 

Rick Howard: ...In that it curates all that so you don't have to do that work, so that's very interesting. So great pick, Errol. That's a good one. Steve, let's go to yours. What's your second pick for infosec content of 2021? 

Steve Winterfeld: So I know there are dinosaurs out there that still read books. 

Rick Howard: (Laughter) What? What are you saying exactly? 

(LAUGHTER) 

Steve Winterfeld: And so, like Errol said, I mean, there are some books that are absolutely worth reading, you know. And I - just like you, I'm an avid reader, but I also love to get quick insights, and so I have taken to - when I see a book come out - Nicole Perlroth just came out with "This is How They Tell Me the World Ends." She has some great YouTube interviews, and I - and, you know, I shared a link for that. A bit older is Andy Greenberg and "Sandworm... 

Rick Howard: Yep. 

Steve Winterfeld: ...Lessons From the Cyberwar" - again, a number of great interviews. And so you can - you know, the book comes out. You can quickly go watch a YouTube interview of the author and get, I don't know, 5%, 10% of the value of the book instantly. And then it'll also kind of convince you, like, after seeing "This is How They Tell Me the World Ends," then I'm like, I think there's something there - went out and bought the book. And so it's just that kind of quick filter, both for education and should I be going in here a little deeper? 

Rick Howard: Well, tell me what the book's about. Because I read it too, and it's just fantastic. But give us the thumbnail of what the book's about. 

Steve Winterfeld: The world ending book? 

Rick Howard: Yeah. 

Steve Winterfeld: It is really kind of about how they opened up and are selling malware as an industry. 

Rick Howard: Mmm hmm. 

Steve Winterfeld: I think it is kind of - you know, and there's a lot of - that's like over-oversimplification, but it gives you great insights. It goes into detail to that whole concept of, you know, should we as an industry be making weapons and selling weapons? Should we be fixing vulnerabilities, both at a nation state and at business? 

Rick Howard: Yeah, it's - I would broaden it out a little bit and say it's really the history and evolution of the underground exploitation market - you know, selling exploit code to third parties. And, admittedly, I have a self-interest in it because the beginning of it all started with a small company called iDefense that I worked for after they started this program. But a guy by the name of Jon Waters kind of invented selling exploits to the government and other third parties. So I had a vested interest in the whole book. 

Rick Howard: But the thing that got me about Perlroth's book was - she was getting to the end, and, you know, she was going around the world talking to all these exploit market people, and she ended up in Argentina. And by the way, who knew that Argentina was the world capital for selling exploits? I didn't know until I read that book. But she was talking to somebody there, and she goes - she was kind of worried that they were selling all this, you know, weaponized code. And she said, well, you're only selling it to the good guys, you know, like Western governments. And the guy she was talking to looked at her and says, you've got to rethink your frame of what's good and what's bad. Do you think the United States and the West, they're the good guys? They're the ones dropping drone bombs on civilians. They're the ones going about and buying this exploitation stuff. They're probably not the good guys. And I had to stop and think about that and go, hmm, I need to reset my thinking about who the good guys in the world are. 

Rick Howard: Errol, are you - you were with me when I was at iDefense or when I was working there. So you know all about this exploitation work. What's your thought about where we are in the current state of the world? 

Errol Weiss: Well, you know, your words about who are the good guys and bad guys resonates really well because I think about my time at a place like Citibank when running threat intel there, and we're dealing with nation-state issues, and we're talking about the - you know, Brazil, Russia, China, on and on and on, right? And we're like - you know, we're trying to issue alerts and advisories internally to our staff. And we have employees in those places. 

Rick Howard: Sure. 

Errol Weiss: We have customers in those places. So, you know, how do you communicate that and those challenges associated with that? So it makes for an interesting day when you're facing that kind of issue. I certainly am sensitive to that. 

Steve Winterfeld: And by the way, Rick, I knew about Argentina as soon as I listened to an interview, so I didn't even have to read the book to get that insight. 

(LAUGHTER) 

Rick Howard: All right. So your second pick, Steve, is not to actually read the books; it's to read or - and listen... 

Errol Weiss: (Inaudible). 

Rick Howard: ...About the books, yeah (laughter). 

Steve Winterfeld: So go to the cliff notes. 

Rick Howard: Go to the cliff notes. 

Steve Winterfeld: Go to the author interviews. 

(LAUGHTER) 

Rick Howard: I think that's the running theme here. Find a way to get the cliff notes, right? So good stuff. 

Rick Howard: All right, let's go to my last pick. I'm going to go with another HBO documentary. It's called "The Perfect Weapon." And I'm a little biased here because the documentary is based on a book. How about that? It's a Cybersecurity Canon Project Hall of Fame winner written by New York Times journalist David Sanger. And in the book, Sanger covers the cybersecurity space roughly from the late 1990s to almost the 2020s. But he stays away from the traditional cybercrime and cyber hacktivism topics and concentrates only on nation-state activity and something that he describes as a continuous low-level cyber conflict between the five big players - Russia, Iran, China, North Korea and the United States. And if you want to get a handle on the history and evolution of cyberwarfare conducted by nation-states, there's no other book to read, I think. All right? So, but if you're busy and you don't have time to listen to 12 hours of audio content, this 90-minute documentary from HBO is an excellent Reader's Digest version. So there you go. I'm meeting the theme here. 

Rick Howard: So Sanger produced this thing. He's an executive producer, and he's the host. But he gets a bunch of help from people like Michael Riley from Bloomberg News, John Hultquist from FireEye, and Amy Zegart from Stanford University. And the documentary focuses just in the past decade, just from 2010 to 2020, and the realization that - by nation-state leaders during that time that cyber could be much bigger than simply an espionage vector; it can be used in a much more aggressive, offensive context, right? And it covers the U.S.-Israeli Stuxnet operations in 2010, the Chinese OPM campaign in 2013, the Iranian Sands Casino attacks, the North Korean Sony attacks and the Russian penetration of the DNC - all in the same year. You guys remember that? That was all in the same year - 2014. God, it's crazy, right? 

Rick Howard: And then they quickly go through the North Korean WannaCry attack, and the Russia NotPetya attacks against Ukraine in 2017. And they end up with - focusing on the influence operations in the U.S. presidential election in 2020. It's really comprehensive and very enjoyable. And the thing that comes out through to me loud and clear is that nation-states that compete with the West in cyberspace don't actually have to have a huge success as an attack to be effective; they just have to convince both sides on the political spectrum that there's a reason to doubt the system. Then they step back and watch each side tear each other apart. So it's just - it was - it's a really good program, but it's another book - movie that'll scare the crap out of you. And so I don't know. Errol, have you seen the movie or, more importantly, listen to David Sanger talk about this or have an opinion about these things, these influence operations? 

Errol Weiss: Yeah, no, I haven't it yet. No, just - your description's awesome. I've got to put that on the top now to get caught up with it. But my take on it - real brief - is probably four or five years ago, there was maybe less than 10 countries that had a really decent cyber offensive capability. 

Rick Howard: Yeah. 

Errol Weiss: And now where we are today, I think it's the opposite. I think it's probably less than 10 countries that don't have a cyber offensive capability - so scary stuff. 

Steve Winterfeld: Yeah, so it's interesting. Jane's Defence, which is one of the groups here in the United States that catalogs different countries' capabilities, started talking about cyber years ago and tracking which countries had military units for cyber and how mature they were. So it has definitely been blossoming and very impressive in the amount of effort and resources they put in there. I would also say, if you go back to 2018, you can see some of his - Sanger's interviews right after the book came out... 

Rick Howard: Oh, yeah. 

Steve Winterfeld: ...Going back to my technique of... 

Rick Howard: (Laughter). 

Steve Winterfeld: ...For those of us can't afford that really nice HBO membership. 

(LAUGHTER) 

Rick Howard: And not actually reading the book, you know, just reading the Reader's Digest version. 

Steve Winterfeld: Hey, ha. 

Rick Howard: (Laughter). 

Errol Weiss: Love it. 

Rick Howard: So the one thing that came out really clearly in that - in the documentary was how the nation-states learn from each other, right? - because, you know, the people that started this was the U.S. and Israel, when they did Stuxnet back in 2010. And then the other nations said, hey, this is something that we can do. And we kind of opened the door for offensive operations. You were going to say, Steve? 

Errol Weiss: And great, right? When you launch that weapon, now the other side's got it, right? And they can reverse engineer it, right? 

Rick Howard: Yeah, exactly right. Yeah. 

Steve Winterfeld: Well, and the rule of unintended consequences is there, too. But yeah, I would say that is a phenomenal piece of historical perspective. So you can watch that and, just like you said, in a real short period of time get a great perspective of some of the cyber history at the nation-state level. 

Rick Howard: So this has been good stuff. We've gone around the table a couple of times. I got some new sources of things I need to go check out. Any last words, Steve, from your side about what we should be thinking about in 2022? 

Steve Winterfeld: So I'm going to add a couple of bonuses in here. I talked about YouTube. I would also go back to the RSA Conference. They have a lot of great videos from their past speakers available. So... 

Rick Howard: Yeah, there's so much. It's tough to decide which ones to pursue. 

Steve Winterfeld: Yeah. 

Rick Howard: And we need another summary service to figure that out for you. 

Steve Winterfeld: (Laughter). 

Rick Howard: (Laughter). 

Steve Winterfeld: Yeah, I mean, if - some of it is, you know, go in there subject, you know, specific. But yeah, if you're like me getting on the elliptical, there's a ton of stuff in RSA. And then just for fun - and I'm not admitting that on conference calls I practice my lock-picking skills while I'm sitting there. 

Rick Howard: (Laughter). 

Steve Winterfeld: But I will say, if you have never watched the LockPickingLawyer on YouTube, it is a blast. 

Rick Howard: Oh, that's going to go right to the top of my list. Excellent. Errol, any last notes from you? 

Errol Weiss: This was great stuff. I've learned a few things myself. I'll just - I'll put one more plug out there for another friend, Andy Jabbour, over at Gate 15. 

Rick Howard: Oh, yeah. 

Errol Weiss: I gave you his Twitter link as well. 

Rick Howard: Yeah. 

Errol Weiss: And he's a great asset when it comes to thinking about things physical and in the security resilience space as well. He's doing a lot of great work there. And so he's a good one to follow because, especially in the physical security event space, when there's an event of interest that I need to pay attention to, he's tweeting about it pretty early and already talking about what it means from the... 

Rick Howard: Yeah. 

Errol Weiss: ...Sort of the sector standpoint. 

Rick Howard: I just recently started following him before - about a couple of weeks before the show. So yeah, it's a good one. Nice bonus pick there. And we're going to have to leave it there. So Steve, Errol, thanks for coming on the show. 

Steve Winterfeld: Thanks. 

Errol Weiss: Thanks for having me. 

Rick Howard: And that's a wrap. I want to thank my old buddies, Steve Winterfeld, the Akamai Advisory CISO, and Errol Weiss, the CSO for the Health-ISAC, for sharing their ideas with us. And if you have any suggestions about infosec content that we all should be consuming to get better at the cybersecurity game, send them to csop@thecyberwire.com. That's C-S-O-P, the at sign, thecyberwire - all one word - dot com. And if you're feeling especially adventurous, we would love to get an audio note from you. It turns out that there's an app for that. On my iPhone and my friends' Android phones, it's called Voice Memos. Record a short snippet, and email it our way. We would love to hear from you. Next week, we will be talking about supply chain security, so you don't want to miss that. 

Rick Howard: The CyberWire CSO Perspectives is edited by John Petrik and executive produced by Peter Kilpe. Our theme song is by Blue Dot Sessions, remixed by the insanely talented Elliott Peltzman, who also does the show's mixing, sound design and original score. And I am Rick Howard, signing off from our underwater lair in Baltimore Harbor. And I will see you at the next CSO Perspectives episode.

CSO Perspectives (Pro)
Podcast Info
HOST(S):
Rick Howard
Hash Table logo
Rick Howard is the CSO of N2K and the Chief Analyst, and Senior Fellow at the N2K Cyber, formerly CyberWire. His past lives include CSO at Palo Alto Networks, CISO at TASC, the GM at Verisign/iDefense, the Counterpane SOC Director, and the Commander of the Army's Computer Emergency Response Team (CERT). Rick served 25 years in the Army, taught computer science at West Point, edited two books and just published his own book, "Cybersecurity First Principles: A Reboot of Strategy and Tactics" and he is regularly joined at the N2K Cyber's Hash Table by a collection of industry experts.
Schedule: Mondays (in season)
Credits: Edited by John Petrik and executive produced by Peter Kilpe. Our theme song is by Blue Dot Sessions, remixed by the insanely talented Elliott Peltzman, who also does the show's mixing, sound, and original score
Creator: CyberWire, Inc.