Posted by Gaya M on May 8, 2024 at 10:08pm in Blog
Embark on a captivating journey through the complexities of cybersecurity and human behavior, where anecdotes of missed context, unexpected encounters, and security dilemmas converge to unveil invaluable insights. Our narrative begins with a recounting of a cybersecurity exercise, where the consequences of missing crucial context lead to unexpected challenges during a recovery attempt from an encrypted backup. Amidst the discourse, Bikash Barai, co-founder of FireCompass and CISO Platform, initiates a conversation with a quick introduction, setting the stage for a rich exchange of experiences and perspectives. Meanwhile, a humorous encounter unfolds as a man attempts to sell an iPhone and camera for a bargain price, only to reveal a bag of potatoes upon inspection. The narrative crescendos with a high-stakes security dilemma, as a CISO faces the ultimatum of implementing WiFi in government buildings or facing termination, prompting a nuanced exploration of principle and pragmatism. Join us as we navigate the intersections of cybersecurity challenges, human behavior, and ethical dilemmas, illuminating the complexities of decision-making in an ever-evolving digital landscape.
Here is the verbatim discussion:
But in a few cases where I had been part of The Advisory Board Etc had done some of these exercise so I I recall one of the cases where uh some of the folks got into the room late around half an hour late so they missed the complete context and the setting and then during the session we did this carve ball wherehey wanted to uh kind of revive everything from the backup and we said that the backup is encrypted.Let's get started probably with a quick small intro um I'll start a quick intro from my side I'm bash baray the host I am one of the co-founders of fireCompass as well as I'm one of the co founders of ciso platform so Dan let's start with a quick baseball card kind of intro and eventually he told me you know what I need it very badly can you give it to me I mean I'll give it to you at €1 or something like that and here is the iPhone and I'm also going to give you this camera a small point and shoot Auto automatic camera and I took that phone and I swiped and everything was working fine and i thought this is interesting because at € 10 if you get a device which is working in worst case even if things are not perfect we can go open it up and look into and use it for hackingso I found that and I'm i think i became a little bit greedy I wouldn'tsay I tried to help that guy uh but I said okay here you go I gave the € 10 EUR he took this uh iPhone and the camera put it into a small brown bag and gave it to me and i took that and he started running up the stairs and I opened this brown bag and inside that there were two potatoes oh wow so right in front of me he did the classic switch which I I was pretty well potatoes i have still and Terry just looked at me with this stunned look you know and and I have you know she asked everyone to leave the conference room but me so it was just me and Terry looking looking at each other and I've never seen a government agency meeting end so quickly in my life because you know this was an hourong meeting it was 15 minutes in and she just ended it and she looked me in the eye and she said Dan if that's your answer you cannot bethe ciso in the state of Michigan basically I was worried I was gonna get fired and I said well wait a minute Terry know you don't understand let me explain I had all these white papers and this I was going to show her all my background materials about and articles and and books about why this was a bad idea and she says no stop I've read all those articles I know what you're gonna say I I know what your thing is but but she said um I've been to DAL Ford Chrysler and General Motors they all have Wi-Fi in their conference rooms what do they know that you don't know and so they're like telling so I'm like whoa she says I'm giving you one week to to figure this out and come back and give us a plan not to not to deliver it but to give us the plan to do it securely or you're fired.
Highlights:
Consequences of Missed Context: The narrative unveils the repercussions of missing crucial context during a cybersecurity exercise, highlighting the importance of full engagement and presence to navigate complex scenarios effectively.
Unexpected Encounters and Humorous Anecdotes: Amidst discussions of cybersecurity, a humorous encounter unfolds as a man attempts to sell an iPhone and camera for a bargain price, only to swap them for a bag of potatoes, leaving the narrator stunned and bemused.
High-Stakes Security Dilemma: The narrative reaches a climactic moment as a CISO faces a high-stakes security dilemma, tasked with implementing WiFi in government buildings despite security concerns. The ultimatum of termination underscores the delicate balance between principle and pragmatism in cybersecurity decision-making.
As our exploration draws to a close, we are reminded of the multifaceted nature of cybersecurity challenges, where technical expertise intersects with human behavior and ethical considerations. Through anecdotes of missed context, unexpected encounters, and security dilemmas, we gain invaluable insights into the complexities of decision-making and the importance of resilience and adaptability in navigating cybersecurity landscapes. Join us in embracing the spirit of innovation, collaboration, and ethical stewardship as we navigate the ever-evolving challenges of cybersecurity in an increasingly interconnected world.
Speakers:
Dan Lohrmann is an esteemed cybersecurity expert and Field Chief Information Security Officer (CISO) for Presidio, celebrated for his impactful career across both public and private sectors. With beginnings at the National Security Agency and roles at Lockheed Martin and ManTech, he has been recognized as CSO of the Year among other accolades. Dan is also a prolific author and speaker, sharing insights on cybersecurity and technology modernization through his award-winning blog and publications.
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.
Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to the cloud.
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
We are hosting an exclusive "Best of the World" Talks session on "The CISO’s Journey: From Expert to Leader" featuring David B. Cross (SVP & CISO at Oracle), Bikash Barai (Co-founder of CISO Platform & FireCompass) & David Randleman (Field CISO at FireCompass).
The journey from cybersecurity expert to strategic leader is a transformative one for CISOs. This session delves into the stages of a CISO’s evolution, the balance…
Comments