Uncovering cyber security blind spots: My reflections from hosting an expert webinar

Geopolitical context and its impact on cyber security

Karl kicked off the webinar by discussing how geopolitical shifts affect national security. He suggests that the scale of cybersecurity operations, which he compares to the economic turnover of major states like the US and China, indicates state-sponsored activities. This implies that cybersecurity is not just a technical issue but also a geopolitical one, influenced by state actions and international relations.

He highlighted that in the current historic times, with the decline of the unipolar world order and the challenge to the rules-based international system, cybersecurity plays a crucial role. The ongoing conflicts, such as the war in Ukraine, demonstrate how non-democratic states are gaining ground, leading to a battle over values and the future world order. In this context, cybersecurity becomes a key area where these geopolitical struggles manifest, affecting national security, economic stability, and global governance.

I found it really interesting that Karl connected cybersecurity to the broader geopolitical landscape, illustrating how state-sponsored cyber activities are part of the larger struggle between democratic and non-democratic states in shaping the future international order.

Insider threats and the human element in cyber security

Carolina Angelis focused on the human aspect of cyber security. She reminded us that while technical solutions are important, we can't ignore the human factor. She discussed the tactics used by both criminal and state actors to recruit insiders for infiltrating organizations. Further, she explained how these actors exploit vulnerabilities to gain access to sensitive data and systems, and shared insights into the methods used to identify and leverage these weaknesses.

Carolina also gave an example of an American company developing wind turbine technology targeted by a Chinese company, likely backed by the Chinese Intelligence Service. In 2010, the American company recruited a software engineer at the company's research facility in Austria, which housed critical turbine control software.

Despite robust security measures, such as keeping the source code isolated from the Internet and encrypting it, the insider was able to bypass these protections and facilitate access to the sensitive data. He leaked the source code to the Chinese company and the stolen code was quickly integrated into over a thousand Chinese turbines, rendering the American company obsolete in the Chinese market. As a result, the American company lost its largest client, leading to an 84% drop in its stock value and the layoff of 600 employees, which constituted about two-thirds of its workforce. This catastrophic impact underscores the significant risks associated with insider threats and the limitations of technical security measures alone.

Addressing cyber risks with NetClean

Bob Lewis discussed the role of NetClean software in finding overlooked vulnerabilities and mitigating insider risks by detecting compromised assets. He highlighted the disturbing trend of employees viewing child sexual abuse material (CSAM) on corporate devices, especially with the shift to remote work and the geopolitical instability we face. Bob explained that consuming CSAM on corporate devices opens up a range of vulnerabilities and leaves digital footprints that can be exploited by criminal actors. He emphasized that businesses need to realize that the real threat comes from insiders who bypass security controls and have behavior that can be exploited, not just external attackers. Using tools like NetClean to identify and mitigate these risks is crucial for uncovering blind spots in businesses’ cyber security.

Key takeaways and recommendations

The threat landscape is becoming increasingly complex and it’s clear that there is no holy grail; effective cyber security requires a holistic approach. An approach that integrates technical solutions for detecting vulnerabilities with human intelligence and behavior analysis. Furthermore, collaboration between state and private sectors is also essential for robust cyber security.

NetClean's role in detecting and addressing CSAM-related risks is a crucial part of broader cybersecurity measures. By following the trail from detected CSAM, businesses can take control of vulnerabilities and, as the title of this webinar stated, uncover a blind spot in cybersecurity.