Table of Experts: Cybersecurity

Table of Experts: Cybersecurity

Paul Mazzucco, Chief Information Security Officer, Tierpoint

Paul oversees company standards for physical, information, and network security, and leads the charge in maintaining industry-specific compliance certifications. An IT security market veteran, he has successfully trained with government agencies and become an expert in security standards and system hardening. He is a Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE), and Certified Ethical Hacker (CEH), working with the FBI, U.S. Secret Service, and U.S. Computer Emergency Readiness Team (U.S. CERT).

Jason Clark, Chief Strategy & Marketing Officer, Netskope

Jason has designed, built, and executed successful strategic cybersecurity programs for more than 30 years. As CSO and CMO for Netskope, he is a widely recognized expert on the use of security transformation to manage risk and drive business value for the world’s most discerning enterprise and government customers. Prior to Netskope, Jason held chief security and strategy officer positions for organizations such as Optiv, Websense, Emerson Electric, The New York Times Company, EverBank, BB&T, and the United States Army.

Dave Chronister, CISSP, CISM, CISA, PCI-DSS QSA, Founder/CEO, Parameter

As founder and CEO of Parameter Security, Dave B. Chronister is an experienced and proven forensic investigator and information systems security professional. He is highly sought after by organizations of all sizes for his expertise in building and maintaining corporate security programs in some of the most heavily regulated industries such as financial services, government, and healthcare. He is known within the industry as a subject matter expert in Sarbanes Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), Payment Card Industries (PCI), Criminal Justice Information Services (CJIS) Security Policy, and the Health Insurance Portability and Accountability Act (HIPAA).

Aaron Plaza, Area Vice President, Specialty Solutions Practice – Security | DC | Cloud, World Wide Technology

As AVP of WWT’s Specialty Solutions practice, Aaron Plaza is responsible for building, managing and driving a Specialty Sales organization within a $15B organization, focused on Security, DC and Cloud solutions for the Global Enterprise business segment for WWT.

His background spans across multiple engineering and sales leadership roles as a customer, as well as a vendor at #1 market share companies as well early-stage startups and helping bring new, innovative technologies to market.

Can you talk a little bit about what exactly happens during a cyberattack?

Plaza: We see a ton of this literally one a week with our customers asking about building a cyber resilient practice, but specifically I’d say the vast majority of customers are really asking how to recover from a cyberattack. That’s a big distinction, because it’s about whether you’re looking to prevent a cyberattack, which is more of the cybersecurity tools that help identify, detect and protect, or are you looking to recover from a ransomware attack, which is more of an infrastructure solution. Ninety-nine percent of the time it’s the latter. Assume that I’ve been breached, assume I don’t know I’ve been breached and help me with the capabilities to restore and recover from a cyberattack. In light of that, we talk with many customers – enterprise class Fortune 2000 – and the single biggest thing they ask is “where do we begin”?

The cyberattack most reported last year was Colonial Pipeline, which affected oil production and gasoline for the entire Eastern Seaboard for about two weeks. A lot of people think they got into the operational technology (OT) security component which is how you control the valves for how oil production actually moves, but that’s not true. What actually happened is that they took down just one very critical component of the customer’s environment and stopped what was their e-business suite on an Oracle database that helps them understand cash flow. If they don’t know for example how money is flowing into the organization, they don’t know where oil is supposed to go from the pipeline. Suddenly oil production stopped and the ability to get that distributed was affected.

We now know It was a Russian nation-state-sponsored type of attack from a cybercrime group the FBI traced back to an organization referred to as the DarkSide. They got in by using a single password and username account they found on the dark web and a couple of other pieces. The tools that a typical organization would use like multi-factor authentication, Colonial Pipeline unfortunately didn’t have. When they encrypted that, suddenly a $4.4 million ransom for bitcoin was requested. In hours, Colonial Pipeline made the decision to shut down because they didn’t know how bad it was. Even though they could pay the ransom immediately, it took […]

source Table of Experts: Cybersecurity

Leave a Reply