Margo KONIUSZEWSKI’s motto in tackling cyber challenges is « Cybersecurity education is like a marathon, not a sprint. It calls for a sustained effort, crosscutting approach and questions that lead to novel thinking and action! »
She champions digital literacy, cybersecurity and lifelong learning as the new imperatives of Economy 4.0, from junior to senior.
Her Cybersecurity Challenge, that took place despite the COVID crisis, was the world’s first competition to bring together multi-disciplinary “tiger groups” - student teams from IT/engineering, business, law, medicine and military academies in tackling a massive and far-reaching cyber-crisis.
Building on this success she launched a Regional Cyber Labs network run by students for students and the wider community as centers of cyber competence to raise awareness and educate.
The project went worldwide with the Global Cyber Lab to promote cross-sectoral action between the private/public sectors, academia, and diplomats. Her « New Roadmap for Cybersecurity Education » report was adopted and commended by the United Nations Open Ended Working Group on Cybersecurity as a benchmark in cyber capacity-building for all 193 Member States to take-up to boost their cybersecurity landscape.
She then organized the first Global Cybersecurity Roadshow 2021-22 event as part of a year-long program of exchanges between university students from all continents and world class cybersecurity champions. She is now touring Poland with events and conferences around her new audiobook: “Striptease in the age of apps and algos” on technology and how the digital transformation is impacting every aspect of our lives.
For Margo, cybersecurity is too important to leave in the hands of bureaucrats or technicians. We must get everyone on board!
------------------------------------
Adam KONIUSZEWSKI is Adam Koniuszewski serves as President of the Warsaw Security Hub of the Swiss Embassy in Poland and as Executive in Residence at the Geneva Center for Security Policy (GCSP), an international think-tank on global affairs diplomacy to promote security and cooperation.
A social entrepreneur and philanthropist, he launched The Bridge Foundation with his wife Margo to promote awareness and cooperative action on pressing security, economic and social challenges.
Adam has extensive experience in a wide range of sectors including Big Four, Fortune 100, and global non-profit in close cooperation with the United Nations and international organizations. For close to a decade, he worked with President Mikhail Gorbachev as executive director of his international initiative to address global security and sustainability. He was particularly successful in developing partnerships with the private sector to implement development projects around the world.
Adam is actively engaged with the CPA and CFA organizations to promote the highest ethical standards and professional compliance for their members.
Adam holds a Graduate Diploma and ...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Top Cyber News Magazine. Margo Koniuszewski
1. MAGAZINE
TOP CYBER NEWS
HOW MARGO KONIUSZEWSKI IS BUILDING BRIDGES FOR THE DIGITAL AGE, CHAMPIONING DIGITAL LITERACY AND
CYBERSECURITY AS THE NEW IMPERATIVE OF ECONOMY 4.0
DECEMBER EDITION
NEW ROADMAP
FOR CYBERSECURITY EDUCATION
THE BRIDGE FOUNDATION
Margo KONIUSZEWSKI
MEET
DANIEL J. LOHRMANN
CISO at PRESIDIO
Author of
“CYBER MAYDAY &
THE DAY AFTER”
2. Set sails
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 2
a brilliant
TOWARD
FUTURE
3. Rhythm for security: Siemens' ProductCERT team regularly
informs its customers about current security vulnerabilities in
Siemens products and provides solutions to eliminate them.
The ProductCERT is connected – globally
Cybersecurity at
3
4. About Margo KONIUSZEWSKI
4
Margo KONIUSZEWSKI’s motto in tackling cyber challenges is « Cybersecurity
education is like a marathon, not a sprint. It calls for a sustained effort, crosscutting
approach and questions that lead to novel thinking and action! »
She champions digital literacy, cybersecurity and lifelong learning as the new
imperatives of Economy 4.0, from junior to senior.
Her Cybersecurity Challenge, that took place despite the COVID crisis, was the
world’s first competition to bring together multi-disciplinary “tiger groups” -
student teams from IT/engineering, business, law, medicine and military academies
in tackling a massive and far-reaching cyber-crisis. Building on this success she
launched a Regional Cyber Labs network run by students for students and the wider
community as centers of cyber competence to raise awareness and educate.
The project went worldwide with the Global Cyber Lab to promote cross-sectoral
action between the private/public sectors, academia, and diplomats.
Her “New Roadmap for Cybersecurity Education” report was adopted and
commended by the United Nations Open Ended Working Group on Cybersecurity
as a benchmark in cyber capacity-building for all 193 Member States to take-up to
boost their cybersecurity landscape.
She then organized the first Global Cybersecurity Roadshow 2021-22 event as part
of a year-long program of exchanges between university students from all
continents and world class cybersecurity champions. She is now touring Poland
with events and conferences around her new audiobook: “Striptease in the
age of apps and algos” on technology and how the digital transformation
is impacting every aspect of our lives.
For Margo, cybersecurity is too
Important to leave in the hands of
bureaucrats or technicians.
We must get everyone on board!
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
5. TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 5
Striptiz
In the age of apps and algorithms
Moving back a century to work on the first computers, robots and
artificial intelligence, it illustrates the role that humans should play in
the tech ecosystem in the 21st century.
"Let's be wisely open to the tech dimension!"
A story about progress, the prospects for the development of the digital
world and our ‘intimate’ relationship with social media. The digital
revolution is presented as a synergy resulting from the BIO-TECHNO-
LOGIKA interaction. Bio, that is man, techno - this is technology, and
logic - it does not need to be explained to anyone. Margo Koniuszewski
captures the cyber dimension in a philosophical, scientific and business
framework. It takes the listener on a journey to the past and the future.
6. About Adam KONIUSZEWSKI
Adam KONIUSZEWSKI serves as President of
the Warsaw Security Hub of the Swiss Embassy
in Poland and as Executive in Residence at the
Geneva Center for Security Policy (GCSP), an
international think-tank on global affairs
diplomacy to promote security and cooperation.
A social entrepreneur and philanthropist, he
launched The Bridge Foundation with his wife
Margo to promote awareness and cooperative
action on pressing security, economic and social
challenges. Adam has extensive experience in a wide range of sectors
including Big Four, Fortune 100, and global non-profit in close
cooperation with the United Nations and international organizations.
For close to a decade, he worked with President Mikhail Gorbachev as
executive director of his international initiative to address global security
and sustainability. He was particularly successful in developing
partnerships with the private sector to implement development projects
around the world.
Adam is actively engaged with the CPA and CFA organizations to
promote the highest ethical standards and professional compliance for
their members.
Adam holds a Graduate Diploma and a Bachelor of Commerce from
Concordia University in Montreal. He is also a Fellow of the Quebec
Order of Chartered Professional Accountants (FCPA, FCA), Associate
Fellow of the World Academy of Art and Science, a Chartered Financial
Analyst (CFA) and Certified Fraud Examiner (CFE).
He is the recipient of numerous professional and community leadership
awards including the Honoris Gratia Medal of Honor from the City of
Krakow (Poland), Third Degree Medal of Honor from the Red Cross,
Community Leadership Excellence Award from the CPA Order.
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 6
7. The Bridge Foundation is an independent and non-political non-profit
launched by Margo and Adam Koniuszewski to promote education and
cooperation in tackling global challenges. The Bridge Foundation enjoys
special consultative status with the United Nations Economic and Social
Council (ECOSOC) in Geneva, Switzerland, and works closely with the
world of diplomacy and international organizations.
The Bridge organized the first ever multi-sectoral cybersecurity
challenge involving student teams with representatives from
IT/engineering, business, law, medical and military academies. These
“tiger groups” advised the government in a massive and far-reaching
cyber-crisis. Participants, representing 65 universities with a student
population of over 700 thousand, were later involved in launching
Regional Cyber Labs as centers for building cyber-competencies in their
regions.
The Bridge Foundation
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 7
8. TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 8
The report is available for download on the website of the United Nation
Office for Disarmament Affairs (UNODA).
The Bridge organized the Global Cybersecurity Roadshow, as a free
online conference accessible to all, ahead of the US-Russia Geneva
Summit 2021 to raise global awareness about the importance of
cybersecurity with students and professionals around the world. Students
had the opportunity to exchange with leading minds in the field
including Ambassador Lauber (UN OEWG), Gen (Ret) Keith Alexander
former Director of the NSA, best-selling author Bruce Schneier, and
COL Jeffrey Erickson, Director of the US Army Institute at West Point.
https://www.thebridge-foundation.org
For more information contact: office@thebridge-foundation.org
The Regional Cyber Labs carried out a review of university programs in
each field, involving international student associations, and provided
hands-on recommendations for improving digital literacy and
cybersecurity content in each field.
The “New Roadmap for Cybersecurity Education” was delivered to
Ambassador Jürg Lauber, Chair of the United Nations Open Ended
Working Group on Cybersecurity (UNWG). The report and cyber lab
initiative were circulated by the UNWG on Cybersecurity to political
leaders and diplomats as an excellent initiative to implement to improve
their countries cybersecurity landscape.
The Bridge Foundation
9. What is Cybersecurity?
Cognitive Computing, which affords new
cybersecurity products such as Quantum-AI
services based on learned behavior of a
given system and with this potential
outcome, the need for cyber leadership to
understand these types of innovation
becomes paramount.
According to the Federal Bureau of
Investigation, “the rise of cybercrime is
apparent; however, the diversity of the
attack-surface space continues to expand
and our funding is limited, we have to
prioritize our approach to perceived versus
real threats in the 21st century.”
Cyber leadership should consider how
conflict, management, providers, users
and information technology all affect
the outcome of its organizational
protection programs for the immediate
future and the long-term effects that it
may have on its bottom line.
Each organization should strive to define
the cyber domain not as conflict but of
domain activities, define the importance of
education on all areas of topical interest,
build a well-trained and defined work force,
and most importantly build the next
generation of cyber leaders based on fact
based analysis that goes beyond the cost and
ease of implementation but to the ability to
provide true cybersecurity to itself and its
clients.
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 9
Editorial by Dr. Merrick WATCHORN
The Watchorn Innovation Group, Inc.
Dr. Merrick WATCHORN, DMIST
Chief Executive Officer for The
Watchorn Innovation Group, Inc.
(TWIGI), Program Chair at Quantum
Security Alliance, Advisory Board
Member at Purdue University
Cyber is a team sport with no distinction
between the offense and the defense.
Cyber leadership strives to build the best
possible balance of potential risk and threat
mitigation strategies to offset unknown
threat-actors. Thus, all areas of cyber are
affected by the decisions made by another
area of influence and often are
misunderstood at the time of the decision-
making process.
Without this underlying understanding and
approach cyber leaders are left to play
“Whack-A-Mole” for the myriad of cyber-
related issues facing any organization.
As the 21st century moves the cyber-
domain to the forefront of investment, the
innovations associated with them become
more important.
The various threats, cyber-actors and nation
state actors require that investigation into
5G, Internet of Things, Quantum, Artificial
Intelligence (AI), Machine Learning (ML),
Natural Language Processing (NLP) and
Semantic Ontologies (SO) can now be
blended into a unified service offering of
10. A page was turned on September 24, 1877, as sword-bearing Samurai rebels fighting to
preserve traditional ways were crushed by a Japanese army of peasant recruits with modern
rifles and cannons. Much like the textile workers resistance in 19th Century England, their
Luddite rebellion against development, technology and progress proved shortsighted and
futile. History would soon show the astonishing success of modern Japan while the
industrial revolution propelled England into a new age of progress and prosperity.
Fast forward to our information age where everything, from education to healthcare, is
transformed by technology that is impacting not only how we live but even who we are.
However, technological progress remains contentious as detractors continue to long for a
return of the good old days. It is true that innovation is not good or bad in itself. Take
social media. Facebook, Twitter, and their peers were meant to connect us and could have
promoted mass-cooperation and community building. But experience shows that
algorithms are polarizing us, making our societies ever more divided.
The trial of Kyle Rittenhouse, the 17 year-old charged with murder during the social unrest
in the US last year, is a case in point. Well before the verdict, public opinion was
entrenched on his guilt or innocence. His acquittal did nothing to appease the echo
chambers of the two camps, serving to boost user engagement and participation of the
profit-making platforms as both sides continued to vilify each other.
But understanding how social media feed us likeminded content is just the tip of the
iceberg. We all have a role to play if the digital revolution is to deliver on its promises. Key
priorities include understanding the cyber-ecosystem, critical thinking and championing a
new form of citizenship for technology to serve humankind.
We, at The Bridge Foundation, rejoice seeing the enthusiasm of students in high
schools and universities, and young professionals alike committed to improving
their own skills and engaging their leaders for better digital governance.
Citizenship For The
Digital Age
Authors: Margo and Adam KONIUSZEWSKI
“In 2021, an estimated 2.5 quintillion bytes of data was generated per day.
Statistics show that by 2025, 463 exabytes of data will be produced on a daily
basis. Described as the ‘oil’ of the 21st century, the potential of data to
achieve breakthroughs in various industries and fields is significant.
Diplomacy is no exception. Despite popular belief that diplomacy is
traditional in nature, it is tasked to continuously adapt to an ever-changing
world.“ ~ Dr. Jovan Kurbalija
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 10
11. TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
by Margo and Adam KONIUSZEWSKI
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
In 2020, The Bridge Foundation organized a survey of digital literacy and cybersecurity
content in the programs of 65 universities (covering engineering/IT, business, law,
medicine and military academies).
Students assembled practical recommendations in each field while international student
associations provided a transnational perspective. Proposed improvements were prepared
by the students and reviewed by experts from the private sector and academia.
The “New Roadmap for Cybersecurity Education” report was delivered to the Chair of the
United Nations Open Ended Working Group on Cybersecurity, Ambassador Jürg Lauber.
The report, that is available on the platform of UN Office for Disarmament Affairs
(UNODA) was circulated to political leaders and diplomats of all member states as an
excellent example of capacity-building to implement to enhance their cybersecurity
landscape. The students behind the report were part of the Regional Cyber Lab initiative, a
nationwide network of centres to raise awareness, promote best practices and develop
cross-sectoral cooperation to enhance the Polish cybersecurity ecosystem.
The Samurai and 19th century Luddites missed their chance to engage constructively and
vanished, yet the progress continued unabated. Our students took a more productive
approach by bringing their contribution to a nascent digital society where the future is by
no means pre-determined. How this story unfolds is up to each and every one of us. From
junior to senior, our future is in our hands!
11
12. Technology is a beautiful thing. It’s also scary.
The internet as we know it and advancements in technology have enabled economic and
social progress around the world and helped us all remain connected.
At the same time, increased threats from organized crime syndicates and state threat actors
have dramatically increased in size, sophistication, and volume.
We also see policy threats to the structure and governance of the internet and attempts by
oppressive regimes to control online discourse and undermine freedom of their citizens.
Threats in cyberspace usually have an international impact and as such, we have a need for
diplomacy among nation states to combat these threats and drive further the social and
economic opportunities that technology offers. We must couple not only security and
economics, but also the human rights element to be successful because all of these are
interdependent.
So, what is cybersecurity diplomacy? Think of it like a police department and citizens in a
neighbourhood working together to stop burglars.
Cybersecurity diplomacy is the collective action and cooperation
against cyber threats.
A combination of building strategic partnerships among nation states,
information sharing, and developing coalitions on policy issues are critical to
combating today’s threat actors.
Let’s digress for a moment from the conversation about nation state threat actors, so you
can see similarities to real life and cybersecurity diplomacy.
“Ahhhh!” came the sound from the next aisle over. I thought someone was being attacked
by a crazed knife-wielding attacker. As I rounded the corner of the grocery store to save the
day with my massive biceps, I could see a child of about seven rolling around the floor,
crying and screaming at his mother. Do your kids do this too? This child was hungry and
wanted a bologna sandwich. What does any of this have to do with cybersecurity
diplomacy? I’m glad you asked.
Cybersecurity diplomacy is similar to bologna. For those that don’t know, bologna is made
with different types of meat, like turkey, chicken, and pork and many other ingredients,
some of which most of us can’t pronounce.
Cybersecurity Diplomacy
is like Bologna
Author: Ken UNDERHILL
“Digitalization can help restore faith in the multilateral system through
increased transparency of diplomatic deliberations, offering digital publics
access to diplomatic negotiations once they have concluded and enabling
digital users to take an active part in diplomatic process. ~ Dr. Ilan Manor
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 12
13. In a similar fashion to different nation states coming together for a common good in
cybersecurity diplomacy, the random ingredients of bologna come together as one to help
parents deal with screaming children all over the world.
Let’s look at a few fictitious examples, based on real events, of how cybersecurity
diplomacy can have a positive global impact.
Example #1 The Beehive Gang was a state-sponsored group from the country of Beyonce.
This group targeted financial institutions in the country of TLC. A coordinated effort
between the countries of TLC, Shaq, and Shakira, where each country shared its resources,
helped stop the Beehive Gang attack.
Example #2 The country of Bernie Madoff Land was known globally for stealing trade
secrets and other intellectual property from companies located in Michael Jackson Land.
State-sponsored threat actors in Bernie Madoff Land had also stolen from the countries of
Enron and Elvis. By using combined diplomatic pressure and economic sanctions, these
countries were able to reach an agreement with Bernie Madoff Land to reduce the thefts.
So why should you and I work together to protect the cyber space?
We all share unique backgrounds as individuals and nation states, along with unique
resources. Threat actors today are more sophisticated than the 12 year old hacker kid from
the 1980’s, so we need diversity of thought and resources to stop them.
By leveraging cybersecurity diplomacy, we can help protect core values of
internet freedom for all, multi-stakeholder governance, and openness.
We must work together to push back on nation states with regulatory and policy regimes
that threaten these freedoms and human rights so that everyone can enjoy the benefits our
cyber space has to offer.
by Ken UNDERHILL
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 13
Ken Underhill is the Executive Producer & Host of
the Cyber Life television show which reaches
millions of viewers each month around the world on
the Binge Networks TV channel, Amazon, Roku,
and more. Ken has worked a number of security
roles in his career including as a pen tester.
He has won multiple industry awards for his work to
improve diversity in the industry and is an advocate
for women’s rights. Ken educates around 2.6
million people each year through his online
cybersecurity courses and is a cybersecurity
executive at an Ed Tech startup and vCISO.
He holds a graduate degree in cybersecurity from
Western Governors University, mentors thousands of
young women in cyber each year and sits on the
advisory board for several startups in the U.S.
14. We have seen significant and rapid growth in the use of the internet over the last decade. Many
applications integrate and seamlessly pass information across various web platforms. Today,
we have information available across mobile devices, apps, and web platforms, facilitating
instant communication across public digital platforms.
The presentation of diplomacy has changed radically with the internet and social media, and
digital diplomacy is becoming increasingly important. The digital revolution led to a rise in
cybersecurity risks, with the COVID pandemic witnessing cybercrimes increasing by 600%.
With the free flow of information across various online platforms, applying digital diplomacy
in the proper context and the appropriate manner is necessary.
Digital Diplomacy: What does it mean?
Digital diplomacy, also popularly referred to as eDiplomacy or Digiplomacy,
represents the perfect amalgamation of diplomacy and the internet. It is the
utilization of the internet and Information Communication Technologies
(ICT) for achieving diplomatic objectives.
Digital diplomacy is the unique interplay between diplomacy and the internet in the form of
internet-driven environmental changes. Novel emerging topics regarding diplomatic agendas
are privacy and cybersecurity issues, among others. Digital diplomacy also incorporates areas
like the application of internet tools and ICT tools to practice diplomacy. Digital diplomacy is
suitable for practice by state agencies like diplomats, embassies, consulates, besides civil
society and human rights groups.
The opportunities in Digital Diplomacy
The popularity of social media as a digital diplomacy tool has paved the way for effective
online dialogic communication (two-way communication) between states and their foreign
public and other diplomatic actors. Traditional diplomacy, on the other hand, only happens
offline and is relatively more private. Therefore, the use of dialogic communication in digital
diplomacy has facilitated the participation of multiple diplomatic actors in foreign policy-
making.
The public nature of digital diplomacy has also increased the value and scope of public
opinion on foreign policy agendas. States now have the opportunity to listen to and understand
the perceptions of the public concerning foreign policy. It is a significant benefit of digital
diplomacy.
Digital diplomacy provides different avenues for diplomatic actors to collaborate with
organizations and enigmatic and influential individuals. Such collaborations take place on
multilateral diplomatic campaigns. The campaign targeted to end Sexual Violence and Conflict
(2012-2014) launched by William Hague (then British foreign secretary) is a good example. It
utilized a multi-channel digital as well as offline approach.
Digital Diplomacy
Challenges and Opportunities Today
Author: Prabir SAHA
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 14
15. Moreover, when Angelina Jolie supported this campaign, it attracted an
impressive 15,000+ views.
The utility of social media as an effective digital diplomacy tool has provided
the opportunity to states with relatively less hard power to become supernodes
amongst online diplomatic networks.
Challenges in Cyber Digital Diplomacy
Cybersecurity issues and privacy-related issues are some critical threats or challenges
associated with digital diplomacy. The utilization of the internet and the involvement of
channels such as social media platforms give rise to privacy and cybersecurity risks.
Unfortunately, messages, images, and other content shared on various social media platforms
have led to diplomatic crises in the past.
For instance, a tweet made by Global Affairs Canada in 2018 directed at Saudi Arabia to free
the imprisoned human rights activists resulted in Saudi Arabia’s response by cutting diplomatic
ties with Canada.
The heavy use of digital platforms for digital diplomacy has also led to the rampant spread of
misinformation intending to undermine and belittle states' international and domestic stability.
Cybersecurity Risks and Digital Diplomacy
Hacking and cyber-attacks are potential cybersecurity risks that face all organizations.
Measures are essential to protect digital assets as diplomatic rivals may attack government
systems to extract information. Potentially devastating consequences of cyber-attacks make it
all the more important to manage risk and compliance effectively.
Digital diplomacy is a beautiful practice to facilitate dialogic communication
and empower the opinion and perception of the general public in matters of
internal relations.
An appropriate utilization of cybersecurity services can maximize the benefits of digital
diplomacy and minimize the threats and challenges associated with digital diplomacy today.
by Prabir SAHA
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 15
Founder of Transformationplus, which specializes in
IT consulting and product delivery services, and Co-
Founder of iSecureCyber, Prabir Saha is leading a
Group, which enthusiastically pursues innovation
through its product offerings in two most emerging
fields of Technology Adoption, contributing in
developing and augmenting Digital Disruptive
Resources for its customers. Prabir credits his success
to his willingness to solve clients' problems and the
adaptability of his products to their requirements.
Mr. Saha asserts that the right mindset is a
prerequisite to being an entrepreneur. He strongly
believes in the principle of giving and tries his best to
provide value to every person he meets, in every
situation he finds himself in. An entrepreneur by
profession, a philanthropist by heart and actions.
16. The Ongoing
Ransomware Crisis:
A Cyber Expert’s Perspective
“A summary of the first half of 2021, finds that not only has ransomware
exploded, but bad guys have unveiled new extortion methods, targeting critical
infrastructure business operations continuity in particular. My questions are, how
long and under what circumstances will it take before our leaders declare a
national emergency, and if they do, will our highly polarized society continue to
prevent rational exercises of authority.”
~ Steve King, Founding Board Member at CyberEd.io
“This is truly the 911 moment for the
current generation (Can anyone recall
what life was like prior to March
2020?).
The pandemic has long term
implications both for our economy and
our very way of life.
The way we view cybersecurity must
change in these times as the virtual
boundaries of our enterprise networks
now extend into the bedrooms and
home offices in millions of homes
across our nation.” ~ Dr. William Butler
Today, ransomware gangs are becoming
more aggressive: stealing and/or leaking
data or locking your systems or files in
exchange for ransom payments.
The facts are that $20 billion in damage from
attacks on small businesses occur every 14
seconds. While there is an increasing
threat of ransomware, it may not
necessarily be related to solely remote
work. There have been several ransomware
attacks that targeted hospitals and local or
state governments pre-Covid. Unfortunately,
the rise of “Ransomware as a Service” has
made it far easier for malicious actors of any
variety to conduct ransomware attacks.
Ransomware packages are now sold and
distributed as means of income for malicious
actors.
[Dr. William Butler] From a cybersecurity
standpoint, are ransomware attacks more
difficult to combat than other types of
network attacks/hacks? Why/why not?
[Dr. Nikki Robinson] “One can
unknowingly download ransomware onto a
computer by opening an email attachment,
clicking an ad, following a link, or even
visiting a website that’s embedded with
malware.”
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 16
This interview is courtesy of:
Dr. William (Bill Butler), Chair of Cyber
Programs at Capitol
Dr. Nikki Robinson, Security Architect and
Adjunct Professor, Center for Cybersecurity
Research and Analysis (CCRA)
[Dr. William Butler] Why do you think
there is a sudden influx of cyber attacks?
Could this relate to the increasing use of
remote technology due to Covid?
[Dr. Nikki Robinson] Ransomware attacks
increased by over 300% last year as
companies switched to remote work.
17. “With threats growing in volume and sophistication, today’s cyber attacks are
outpacing many organization’s defensive capabilities. All around the world,
these organizations are being compromised and held hostage by ransomware,
with many being forced to pay cyber criminals because they’re not equipped to
combat the adversary.” ~ Tom Field, Senior Vice President, Editorial, ISMG
[Dr. William Butler] Have you ever seen a
ransomware attack happen in any of the
places you have worked? What happened?
[Dr. Nikki Robinson] Fortunately, not to my
knowledge.
[Dr. William Butler] In a cybersecurity
department, is there a specific protocol in
place for if a hack or ransomware attack
takes place? Does it depend on the company
or is there a generally standardized course
of action?
[Dr. Nikki Robinson] Enterprises should have
a response plan and an incident response team
or contractor ready for such an occurrence.
The plan should specify what actions should
be taken and by whom once the breach has
been detected. Businesses should consult the
NIST SP 800-61, NISTIR 8374, and the CISA
site which addresses incident response and
specifically how to prevent and respond to
ransomware attacks.
[Dr. William Butler] What new measures
are companies putting in place to ramp up
cybersecurity and prevent ransomware
attacks?
[Dr. Nikki Robinson] Companies are
recommended to take the following actions by
the FBI: keep software up to date, back up
data regularly, secure the backups separate
from your network, and create and test your
continuity plan. Both CISA and FBI have put
together open-source documentation to work
towards a more secure environment against
ransomware and other types of attacks.
[Dr. William Butler] What would you
personally do if you worked at a company
that was hit with a huge ransom demand?
What steps would you take to resolve the
issue?
[Dr. Nikki Robinson] The CISA “stop
ransomware” website outlines seven steps to
take immediately once an attack has been
detected. For example, the first step is to
determine which systems were impacted, and
immediately isolate them. Once the incident is
contained step seven is to consult federal law
enforcement regarding possible decryptor
availability, as security researchers have
already broken the encryption algorithms for
some ransomware variants.
The countermeasures include implementing
multi-factor authentication (MFA), backups,
continuity of operations plans, and other
measures as recommended by the Multi-State
Information Sharing and Analysis Center (MS-
ISAC) and Cybersecurity and Infrastructure
Security Agency (CISA).
The good news is several suggestions from
MS-ISAC and CISA to protect against
ransomware can also protect against a variety
of other attacks. And working on an Incident
Response program can also help if a
ransomware attack does happen. CISA also
has comprehensive resources for creating an
Incident Response (IR) plan and other
organizations to assist with IR planning.
[Dr. William Butler] In some situations,
does it make more sense to just pay the
ransom, or should companies always try
their best to fight the attack?
[Dr. Nikki Robinson] This is a very
controversial issue today. The FBI
recommends not to pay because it finances
more cybercrime, and one is never sure if their
data was exfiltrated and/or they will not return
in the future.
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 17
18. [Dr. Nikki Robinson] Recently there was some success recovering paid ransom paid in
Bitcoin. United States law enforcement has clawed back approximately $2.3 million of the
ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice
(DOJ) and the FBI announced in a recent joint press conference according to threatpost.com.
[Dr. William Butler] Anything else you would like to share about ransomware attacks,
hacking and cybersecurity?
[Dr. Nikki Robinson] The U.S. response to ransomware attacks is taking on a higher priority
within the current administration. President Biden has warned Russia and China that our
critical infrastructure is off limits to state sponsored or supported cyber-attacks and those
nations that support or harbor these cybercrime organizations within their borders will be held
responsible. Several recent high level cyber policy appointments within the administration
show promise that a whole of government approach is being crafted to respond to what is
clearly a national security issue. With the Emergency Directive given by President Biden from
May of this year, cybersecurity is a much higher priority for all governmental agencies.
Direct Link to the interview:
https://www.captechu.edu/blog/ongoing-ransomware-crisis-cyber-experts-perspective
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 18
“The definition of War: War is an intense armed conflict between states,
governments, societies, or paramilitary groups such as mercenaries,
insurgents, and militias. It is generally characterized by extreme violence,
aggression, destruction, and mortality, using regular or irregular military
forces.
This definition needs updating to include Cyberwar. Unfortunately, just like the
majority of previous physical, military wars, this one has also been fuelled, and
our adversaries armed, by our own governments. Guns and tanks are simply
replaced by the internet, keyboards and PC's...
~ Andy Jenkinson, Group Chief Executive Officer at Cybersec Innovation Partners
Interview with Dr. Nikki ROBINSON
19. TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 19
Nikki Robinson teaches at Capitol Technology University. She teaches post-graduate level
courses in Quantitative Methods, Incident Response, and Healthcare Mobile Device Security.
She also works in the cybersecurity and IT industry as a Security Architect for IBM on the
CISO Security Innovation & Remediation team.
She also holds multiple industry certifications, including CISSP and CEH. Her research is
focused on improving security practices through the incorporation of human factors
engineering principles and emerging vulnerability management trends.
Dr. Nikki Robinson
Holding a Doctor of Science in Cybersecurity as
well as a PhD in Human Factors from Capitol
Technology University, Nikki Robinson is a
strong information technology professional, an
experienced Cybersecurity Architect with a
demonstrated history of working in the IT and
cyber fields. Skilled in statistical data analysis,
vulnerability management, team leadership,
DFIR, and risk management. Dr. Robinson is
Vice President of the Board of Directors for the
InfraGard Maryland Chapter and provides
support for InfraGard at the national level on the
Journal Review Committee.
Dr. William Butler
Holding advanced degrees from Brenau
University, U.S. Army War College, National
Defense University, the University of
Maryland, and Doctor of Science in
Cybersecurity from Capitol Technology
University, with over thirty-five years of
experience in the public and private sectors as
a security engineer and consultant, Dr. William
Butler is passionate about preparing
underrepresented groups for STEM careers.
Dr. Butler served in the U.S. Marine Corps
Reserves and retired as a Colonel specializing
in designing communications systems and
securing them.
in cybersecurity, wireless, and cloud computing curricula, Dr. William Butler is Chair of
Cybersecurity Programs at Capitol Technology University.
In 2021 Bill was selected for the prestigious SC Media Leadership Award for Outstanding
Educator for 2021. SC Media also recognized Capitol for the best cybersecurity program in
2020 and as a finalist in 2021. Bill was awarded the faculty teaching award for 2020 and
2021 at Capitol.
With extensive experience building standards-based courses, certificates
21. BRING
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 21
TRUSTED EXECUTIVE RISK ADVISORS
CISOs ARE BECOMING
THE BOARDROOM
Your CISO
INTO
22. Field Chief information Security Officer
(CISO) for Public Sector & Client Advisor at
Presidio, Mr. Daniel J. Lohrmann is an
internationally recognized cybersecurity leader,
technologist, keynote speaker and author.
During his distinguished career, Dan has
served global organizations in the public and
private sectors in a variety of executive
leadership capacities, receiving numerous
national awards including: CSO of the Year,
Public Official of the Year and Computerworld
Premier 100 IT Leader. Lohrmann led
Michigan government’s cybersecurity and
technology infrastructure teams from May
2002 – August 2014, including enterprise-wide
Chief Security Officer (CSO), Chief
About Daniel J. LOHRMANN
22
Technology Officer (CTO) and Chief Information Security Officer (CISO roles in
Michigan. He works with cybersecurity technology companies to provide insights and
long-term strategic support. Dan is a Senior Fellow with the Center for Digital
Government and a contributor to Government Technology magazine. He has advised
senior leaders at the White House, National Governors Association (NGA), National
Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS),
federal, state and local government agencies, Fortune 500 companies, small
businesses and non-profit institutions.
Dan has more than 30 years of experience in the computer industry, beginning his
career with the National Security Agency. He worked for three years in England as a
senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four
years as a technical director for ManTech International in a U.S./UK military facility.
He has been a keynote speaker at global security and technology conferences from
South Africa to Dubai and from Washington D.C. to Moscow.
D. Lohrmann is the co-author of Cyber Mayday and the Day After: A Leader's Guide
to Preparing, Managing, and Recovering from Inevitable Business Disruptions,
published by Wiley in November, 2021. He is also the author of two earlier books:
Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The
Guide to Bring Your Own Device to Work.
Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins
University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso
University in Indiana.
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
23. "Cyber Mayday and the Day After"
A Leader's Guide to Preparing, Managing, and
Recovering from Inevitable Business Disruptions
Authors: Daniel Lohrmann and Shamane Tan
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 23
Tuesday, May 1, 2035
Something was not right.
As Julie stood by the front door of her parents’ home in Park Ridge, Illinois,
her A-ride (slang for autonomous transportation) was nowhere in sight. She
was going to be late for work. “My new boss is going to be furious,” she
inwardly panicked.
This was the one day a month that she actually was required to be downtown
for a team meeting, and her 7:15 a.m. FastUber pickup (with nonstop express
service to the Chicago Loop) was nowhere to be found.
And FastUbers are never late.
“Miranda – where is my ride? What’s going on? Where are all the cars?”
Strange, no response from her automated assistant, which usually answered her
questions before she even finished her sentences. Julie momentarily thought
about her grandmother as she peered angrily at the small speaker over her
glasses. She briefly smiled when she thought about how she nicknamed her
personal assistant Miranda, in memory of her grandmother.…
A reporter standing in front of New York’s One World Trade Center responded:
“That’s certainly a likely possibility. Mass transit has stopped, banks are down,
some cities are experiencing power outages, hospitals are on emergency
generators, school technology is down, universities have canceled classes, and,
most shocking of all – trading floors from London to New York to Chicago are
now closed.”
“Hold on a moment, please, we are receiving word that the president of the
United States has just declared a Nationwide Cyber Emergency, under the
authority of the Cyber Disruption Act of 2028.”
“While this 2035 Mayday scenario is just fiction, the bombardment of daily
security incidents is beyond eye-opening in real life.” - page viii of Mayday Book.
24. TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED 24
Successfully lead your company through the worst crises with this first-hand
look at emergency leadership.
Cyber security failures made for splashy headlines in 2020, giving us some of
the most spectacular stories of the year. From the Solar Winds hack to the
Colonial Pipeline ransomware event, these incidents highlighted the centrality
of competent crisis leadership.
Cyber Mayday and the Day After offers readers a roadmap to leading
organizations through dramatic emergencies by mining the wisdom of C-level
executives from around the globe. It's loaded with interviews with managers
and leaders who've been through the crucible and survived to tell the tale.
From former FBI agents to Chief Information Security Officers, these leaders
led their companies and agencies through the worst of times and share their
hands-on wisdom. In this book, you'll find out:
o What leaders wish they'd known before an emergency and how they've
created a crisis game plan for future situations
o How executive-level media responses can maintain - or shatter - consumer
and public trust in your firm
o How to use communication, coordination, teamwork, and partnerships with
vendors and law enforcement to implement your crisis response
Cyber Mayday and the Day After is a must-read experience that offers
managers, executives, and other current or aspiring leaders a first-hand look at
how to lead others through rapidly evolving crises.
“We have over 200 countries globally that set their own laws, set their own
policies, and resource the government capabilities that provide a government
response to some of the threats that we’re seeing around cybercrime. Each
country has their own thoughts and ideas about what’s right and what’s
wrong, based on a range of different mechanisms and issues.”
~ Doug Witschi, assistant director of Interpol’s Cybercrime Threat Response
25. 25
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
TOP CYBER NEWS MAGAZINE
EDITORS RECOMMEND
27. 27
From Top Cyber News team!
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED
28. MAGAZINE
TOP CYBER NEWS
PUT TECHNOLOGY AT THE FOREFRONT OF THE BUSINESS
We communicate
Technology, Innovation, and Cybersecurity
28
«Cyber-attacks can cause widescale disruption, economic upheaval,
and even physical damage. If nothing is done, future attacks could
become even more destructive and impact the power, transport, and
communications systems we all depend upon to live and work.»
Arvind KRISHNA
Chairman and Chief Executive Officer, IBM
«Before you embark on the digital (and) diplomacy journey, make
sure you clarify any terminological ambiguities…
Should it be ‘digital’, ‘cyber’, ‘tech’, ‘net’, ‘virtual’, or ‘e-‘
diplomacy? The use of different adjectives and prefixes to describe
the digitalisation of diplomacy tends to create confusion in
discussions and policies in this field. This confusion could be
reduced by having clearer instructions on what certain terms, such
as ‘cyber’, ‘digital’, and ‘tech’diplomacy cover.»
Dr. Jovan KURBALIJA
Founding Director DiploFoundation
TOP CYBER NEWS MAGAZINE - December 2021 - ALL RIGHTS RESERVED