CyberWire Daily

Rick Howard, N2K’s CSO and The Cyberwire’s Chief Analyst and Senior Fellow, interviews Andy Greenberg about his 2024 Cybersecurity Canon Hall of Fame book: “Tracers in the Dark.” References: Andy Greenberg, 2022. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book]. Goodreads. Larry Pesce, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Rick Howard, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Ben Rothke, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. TheScriptVEVO, 2012. The Script - Hall of Fame (Official Video) ft. will.i.am [Music Video]. YouTube. Satoshi Nakamoto, 2008. Bitcoin: A Peer-to-Peer Electronic Cash System [Historic and Important Paper]. Bitcoin. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. RSA Presentation:  May. 9, 2024 | 9:40 AM - 10:30 AM PT Rick Howard, Simone Petrella , 2024. The Moneyball Approach to Buying Down Risk, Not Superstars [Presentation]. RSA 2024 Conference. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this Solution Spotlight, guest Seeyew Mo, Assistant National Cyber Director, Office of the National Cyber Director at the White House, shares the nuances of the White House's skills-based approach (and how it's not only about hiring) with N2K President Simone Petrella. Seeyew shares a progress report on the National Cyber Workforce and Education Strategy nearly one year out. For more information, you can visit the press release: National Cyber Director Encourages Adoption of Skill-Based Hiring to Connect Americans to Good-Paying Cyber Jobs. The progress report Seeyew and Simone discuss can be found here: National Cyber Workforce and Education Strategy: Initial Stages of Implementation.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Maria Varmazis, N2K host of T-Minus Space Daily, talks with WiCyS Executive Director Lynn Dohm and N2K's Simone Petrella, Dr. Heather Monthie, and Jeff Welgan about the 2024 Cyber Talent Study. N2K and WiCyS have come together under a common mission to attract, retain, and advance more women in cybersecurity. Together, we strive to support women throughout their career journey, and secure the future of our industry.   This groundbreaking report leverages skills data from the professional members of Women in CyberSecurity (WiCyS), and offers valuable insights into cybersecurity competencies within the industry. The Cyber Talent Study establishes a new benchmark for understanding the capabilities and potential of women in cybersecurity, and can be used to inform both individual training needs and organizational strategies for career advancement and skills enhancement.  Resources: Landing page: WiCyS Partners with N2K to deepen understanding of cyber competencies within the industry. Study Launch article: WiCyS Partners with N2K Networks for Pioneering Cyber Talent Study. Key Takeaways: Outstanding Performance: WiCyS members have demonstrated exceptional performance across several key areas of the NICE Framework, underscoring the importance of WiCyS’s training and development programs. Strategic Insights: Analysis revealed remarkable strengths and areas for development, providing WiCyS with actionable data to tailor future programs and initiatives and ensure its members remain at the forefront of cybersecurity excellence. Actionable Insights for Cybersecurity Workforce Development: The study revealed critical areas for targeted development to enhance cybersecurity workforce readiness. This insight empowers WiCyS to tailor its programs specifically to meet the diverse needs of its members, ensuring all participants are prepared to take on significant roles and lead in the cybersecurity industry. Leadership Readiness Among WiCyS Members: The study highlights that WiCyS members are highly skilled and uniquely prepared for leadership roles within the cybersecurity industry. Proven Expertise in Critical Cybersecurity Domains: The data show the outstanding capabilities of WiCyS members within the cybersecurity landscape. Excelling in nearly every N2K Functional Area mapped to the NICE Framework, WiCyS members have shown they not only meet but exceed the standards in key domains. You can access the final report of the 2024 Cyber Talent Study here. Learn more about your ad choices. Visit megaphone.fm/adchoices

As part of our series on the 2024 NICE Conference, we turn our focus to the one of the keynote speakers of the conference. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap.  In her keynote coming up on Tuesday, June 4th, Deneen DeFiore, Chief Information Security Officer of United Airlines, will discuss "A Journey with No Destination: A CISO’s Pathway to a Cybersecurity Career." Prior to the conference, Simone Petrella, N2K President, caught up with Deneen DeFiore. They discussed Deneen's history with NICE, the importance of prioritizing cyber talent and workforce issues, what stakeholders need to more effectively tackle the cyber skills and experience gap across the profession, and more. Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Listen to our podcast about the update. Stay tuned for our coverage of the 2024 NICE Conference. Learn more about your ad choices. Visit megaphone.fm/adchoices

As part of our series on the 2024 NICE Conference, we turn our focus to the Business Roundtable. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap. Business Roundtable is an association of chief executive officers of America’s leading companies working to promote a thriving U.S. economy and expanded opportunity for all Americans through sound public policy. The Business Roundtable launched its Cybersecurity Workforce Corporate Initiative in December of 2022. In coordination with its members and inputs from experts at Department of Commerce’s National Initiative for Cybersecurity Education (NICE), it recently released a Cybersecurity Workforce Playbook to help employers create entry points to cybersecurity careers and strengthen cybersecurity talent pipelines across various industries and sectors. Simone Petrella, N2K President, speaks with Erin White, Business Roundtable's Senior Director, Corporate Initiatives, about the Cybersecurity Workforce Corporate Initiative, the recently released Cybersecurity Workforce Playbook, key takeaways for the private sector, and how the Business Roundtable and NICE are working together to support these initiatives. Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Stay tuned for our coverage of the 2024 NICE Conference. Learn more about your ad choices. Visit megaphone.fm/adchoices

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In this episode, we center our conversation around the Cyber Workforce Pipeline. We discuss where the next great wave of talent is going to come. We talk more about these sources of new talent, such as K-12 programs, higher education, and trade school programs, transitioning military, and other initiatives and programs focused on cultivating the next generation of cyber professionals. Explore Cyber Talent Insights N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquisition Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar Learn more about your ad choices. Visit megaphone.fm/adchoices

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In this episode, we shift our point of view to provide guidance for an individual's first career or perhaps considering a career change transitioning into the field. We discuss a market-driven approach to career development. We also explore how to discover one’s niche in cybersecurity, including how to stand out in this competitive market and align personal interests with career goals. Lastly, we examine the role certifications play when navigating your path throughout the talent acquisition, development, and retention of the cybersecurity workforce management lifecycle.   Explore Cyber Talent Insights N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Cyber Talent Acquisition Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar Learn more about your ad choices. Visit megaphone.fm/adchoices

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.  In the first episode of the series on cybersecurity workforce development, we dive into the complex world of cyber workforce management and planning, particularly as it pertains to the perspective of the enterprise. We explore the current state of the cybersecurity workforce, navigate various challenges in talent acquisition, and explore the nuances of job classifications, titles, compensation, and the dynamics of remote, onsite, and hybrid work environments.  Our experts further address talent development strategies like professional development, training, conferences, mentorship programs, communities of interest, and corporate cyber academies.  Finally, we touch upon the critical aspect of talent retention, an essential component in closing the cybersecurity talent gap. We hope you will join us on this journey. Connect with the N2K Cyber Workforce team on Linkedin: Dr. Sasha Vanterpool, Cyber Workforce Consultant  Dr. Heather Monthie, Cybersecurity Workforce Consultant Jeff Welgan, Chief Learning Officer Resources for developing your cybersecurity teams: N2K Cyber Workforce Strategy Guide Workforce Media Resources Strategic Cyber Workforce Intelligence resources for your organization Cyber Talent Acquistion Woes for Enterprises Workforce Intelligence: What it is and why you need it for cyber teams webinar Setting Better Cyber Job Expectations to Attract & Retain Talent webinar Learn more about your ad choices. Visit megaphone.fm/adchoices

The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1) provides a set of building blocks for describing the Tasks, Knowledge, and Skills (TKS) that are needed to perform cybersecurity work by individuals or teams. Through these building blocks, the NICE Framework enables organizations to develop their workforces to perform cybersecurity work, and it helps learners to explore cybersecurity work and to engage in appropriate learning activities to develop their knowledge and skills. On this Special Edition podcast, N2K CyberWire's Dave Bittner is joined by the team at NIST and FIU's Jack D. Gordon Institute for Public Policy to delve into the history of the NICE Framework through its latest update and looking into the future. Brian Fonseca, Director at the Jack D. Gordon Institute for Public Policy, shares an introduction to the NICE Framework. Karen Wetzel, NICE Framework Manager, discusses the updates to the framework. Rodney Petersen, Director of NICE, talks about what these updates mean to cybersecurity education's future. Resources: NICE Framework Resource Center Getting Started with the NICE Framework 2024 NICE Conference and Expo: Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap Take advantage of the early bird pricing until March 19, 2024. Don’t miss out on this opportunity! Jack D. Gordon Institute for Public Policy at Florida International University (FIU) Veterans and First Responders Training Initiative Intelligence Fellowship And be sure to check out our live webinar: CISOs are the new Architects (of the Workforce) Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page. Learn more about your ad choices. Visit megaphone.fm/adchoices

In honor of Women's History Month, please enjoy this encore of Dr. Sasha Vanterpool's webinar. In this webinar, N2K Networks Cyber Workforce Consultant Dr. Sasha Vanterpool shares how to update job descriptions to better reflect cyber role expectations to improve hiring, training, and retention. To view the original webinar on demand, visit here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, the cybersecurity workforce skills gap with N2K’s President, Simone Petrella regarding how security professionals might learn from the movie “Moneyball” about how to train their team in the aggregate about first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices

TeamViewer tackles APT29 intrusion. Microsoft widens email breach alerts. Uncovering a malware epidemic. Google's distrust on Entrust. Safeguarding critical systems. FTC vs. MGM. Don’t forget to backup your data. Polyfill's accidental exposé. Our guest is Caitlyn Shim, Director of AWS Cloud Governance, and she recently joined N2K’s Rick Howard at AWS re:Inforce event. They're discussing  cloud governance, the growth and development of AWS, and diversity. And a telecom titan becomes telecom terror. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Caitlyn Shim, Director of AWS Cloud Governance, joined N2K’s Rick Howard at AWS re:Inforce event recently in Philadelphia, PA. They spoke about cloud governance, the growth and development of AWS, and diversity. Caitlyn was part of the Women of Amazon Security Panel at the event. You can read more about Caitlyn and her colleagues as they discuss their diverse paths into security and offer advice for those looking to enter the field  here.  Selected Reading TeamViewer investigating intrusion of corporate IT environment (The Record) Microsoft reveals further emails compromised by Russian hack (Engadget) Chicago Children's Hospital Says 791,000 Impacted by Ransomware Attack (SecurityWeek) Unfurling Hemlock: New threat group uses cluster bomb campaign to distribute malware (Outpost 24) Google to block sites using Entrust certificates in bombshell move (The Stack)  US House Subcommittee examines critical infrastructure vulnerabilities, role of cyber insurance in resilience efforts (Industrial Cyber)  FTC Defends Investigation Into Cyberattack on MGM as Casino Giant Seeks to Block Probe (The National Law Journal) This is why you need backups: A cyber attack on an Indonesian data center caused havoc for public services – and its forcing a national rethink on data security (ITPro) Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator (Bleeping Computer)  ISP Sends Malware to Thousands of Customers to Stop Using File-Sharing Services (Cybersecurity News)   Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Arkansas sues Temu over privacy issues. Polyfil returns and says they were wronged. An NYPD database was found vulnerable to manipulation. Google slays the DRAGONBRIDGE. Malwarebytes flags a new Mac stealer campaign. Patch your gas chromatographs. Microsoft warns of an AI jailbreak called Skeleton Key.  CISA tracks exploited vulnerabilities in GeoServer, the Linux kernel, and Roundcube Webmail.  In our  'Threat Vector' segment, host David Moulton speaks with Jim Foote, CEO of First Ascent Biomedical, about his transition from Chief Information Security Officer (CISO) to leading a biotech company utilizing AI to personalize cancer treatments. Metallica is not hawking metal crypto.  Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of the Palo Alto Networks podcast 'Threat Vector,' host David Moulton speaks with Jim Foote, CEO of First Ascent Biomedical, about his transition from Chief Information Security Officer (CISO) to leading a biotech company utilizing AI to personalize cancer treatments. They discuss how Foote's personal experience with his son's cancer diagnosis drove him to apply cybersecurity principles in developing an innovative approach, called Functional Precision Medicine, which tailors cancer treatment to individual patients. The conversation also covers the role of mentorship, the importance of interdisciplinary skills, and the transformative potential of AI in both cybersecurity and medical fields. You can listen to the full episode here.  Selected Reading Arkansas AG lawsuit claims Temu’s shopping app is ‘dangerous malware’ (The Verge) Polyfill claims it has been 'defamed', returns after domain shut down (Bleeping Computer) NYPD officer database had security flaws that could have let hackers covertly modify officer data (City & State New York) Google TAG: New efforts to disrupt DRAGONBRIDGE spam activity (Google) ‘Poseidon’ Mac stealer distributed via Google ads (Malwarebytes) Gas Chromatograph Hacking Could Have Serious Impact: Security Firm (SecurityWeek) Microsoft warns of novel jailbreak affecting many generative AI models (CSO Online) CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities (SecurityWeek) Metallica’s X account hacked to promote crypto token (Cointelegraph) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

LockBit drops files that may or may not be from the Federal Reserve. Progress Software patches additional flaws in MOVEit file transfer software. A popular polyfil open source library has been compromised. DHS starts staffing up its AI Corps. Legislation has been introduced to evaluate the manual operations of critical infrastructure during cyber attacks. Researchers discover a new e-skimmer targeting CMS platforms. A breach at Neiman Marchus affects nearly 65,000 people. South African health services grapple with ransomware amidst a monkeypox outbreak.  Medusa is back. On the Learning Layer, Sam and Joe discuss the CISSP's CAT format and how to walk into test day with confidence. The VA works to clear the backlog caused by the ransomware attack onChange Healthcare. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, which includes a simulated Computer Adaptive Test (CAT) final exam. Sam and Joe discuss the CISSP's CAT format and how to walk into test day with confidence. Good luck Joe! Selected Reading Lockbit Leaks Files for Evolve Bank & Trust in Its Alleged ‘Federal Reserve’ Data Dump (Metacurity) Progress Software warns of new vulnerabilities in MOVEit Transfer and MOVEit Gateway (Cyber Daily) Polyfill supply chain attack hits 100K+ sites (Sansec) Exclusive: DHS hires first 10 AI Corps members (Axios) US House bill seeks to assess manual operations of critical infrastructure during cyber attacks (Industrial Cyber) Caesar Cipher Skimmer targets popular CMS used by e-stores (Security Affairs) Neiman Marcus confirms breach. Is the customer data already for sale? (Malwarebytes) South Africa’s national health lab hit with ransomware attack amid mpox outbreak (The Record) New Medusa malware variants target Android users in seven countries (Bleeping Computer) After Crippling Ransomware Attack, VA Is Still Dealing with Fallout, Trying to Pay Providers (Military.com) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The US scrutinizes Chinese telecoms. Indonesia’s national datacenter is hit with ransomware. RedJulliett targets organizations in Taiwan. Researchers can tell where you are going by how fast you get there. A previously dormant botnet targeting Redis servers becomes active. Thousands of customers may have had info compromised in an attack on Levi’s. A new industry alliance hopes to prevent memory-based cyberattacks. Guest Seeyew Mo, Assistant National Cyber Director, Office of the National Cyber Director at the White House, shares the nuances of the White House's skills-based approach with N2K President Simone Petrella. Assange agrees to a plea deal. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight, guest Seeyew Mo, Assistant National Cyber Director, Office of the National Cyber Director at the White House, shares the nuances of the White House's skills-based approach (and how it's not only about hiring) with N2K President Simone Petrella. Seeyew shares a progress report on the National Cyber Workforce and Education Strategy nearly one year out. For more information, you can visit the press release: National Cyber Director Encourages Adoption of Skill-Based Hiring to Connect Americans to Good-Paying Cyber Jobs. The progress report Seeyew and Simone discuss can be found here: National Cyber Workforce and Education Strategy: Initial Stages of Implementation.  Selected Reading Exclusive: US probing China Telecom, China Mobile over internet, cloud risks (Reuters)  Indonesian government datacenter locked down in $8M ransomware rumble (The Register) Taiwanese tech firms, universities, religious groups among targets in cyber-espionage campaign (The Record) New security loophole allows spying on internet users' online activity (HelpNet Security) P2PInfect botnet targets REdis servers with new ransomware module (Bleeping Computer) Credential Stuffing Attack Hits 72,000 Levi’s Accounts (Infosecurity Magazine) CHERI Backers Form Alliance to Promote Memory Safety Chip (GovInfo Security) Julian Assange, WikiLeaks Founder, Agrees to Plead Guilty in Deal With U.S. (The New York Times)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices