Artificial Intelligence is already helping now, but the bad news is that the bad actors are also using AI to attack us;
MEDIA 7: Congratulations on your new role at Presidio! Could you please tell us a little bit about yourself and take us through your professional journey?
DAN LOHRMANN: Thank you for your interest and the opportunity to be interviewed by Media7. On November 1, 2021, I joined Presidio as the Field Chief Information Security Officer (CISO) leading cybersecurity advisory for public sector clients. Presidio is a global digital services and solutions provider accelerating business transformation through secured technology modernization. I am advising global government agencies as well as educational institutions on the best strategies for securing their technology infrastructure.
Previously, I served as the Chief Strategist and CSO for Security Mentor, Inc. for more than seven years, and was named 2017 Cybersecurity Breakthrough 'CISO of the Year' for global cybersecurity product and services companies.
I led the Michigan government’s cybersecurity and technology infrastructure teams from May 2002 – August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan. The Michigan Cyber Initiative, Michigan Cyber Disruption Response Strategy, Michigan Cyber Range efforts and Michigan Cyber Civilian Corps, were all initiatives founded and run under my leadership. During these years in Michigan Government, we had amazing cybersecurity and technology teams. I was blessed to be named as the SC Magazine CSO of the Year, Governing Magazine Public Official of the Year and Computerworld Magazine Premier 100 IT Leader.
In total, I have more than 30 years of experience in the computer industry, beginning my career with the National Security Agency (NSA). I worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a U.S./UK military facility in the 1990s. I have been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. I am also a Senior Fellow with the Center for Digital Government and a blogger and contributor to Government Technology magazine. I have advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and non-profit institutions. I hold a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.
M7: That is impressive. Cybersecurity is getting more complex every day, especially with the rise of connected techs and cloud. What do you think are the most important cloud and IoT security challenges that businesses face today?
DL: Great question, and whole books can be written on the answers. Nevertheless, I will briefly name three items.
First, the cyber threat landscape is rapidly evolving and getting worse. The breadth and depth of threats are accelerating. Simply stated, the bad actors are getting better all the time and they are well-resourced – often staying ahead of cybersecurity teams. This is showing up in the number of ransomware attacks – and financial and operational impacts. One U.S. Congressional report claimed that we have seen as many ransomware attacks in 2021 as the last 10 years combined.
Second, cloud and IoT protections, like other online protections, require actions that include people, repeatable processes and refreshed technology. However, many security leaders only focus on the technology procured – which is a big mistake.
Put simply, do your teams know what they have in the way of devices and risks enterprise-wide? Where is the data? Have you done recent and ongoing risk assessments? Have you activated the controls and tools that are available in the cloud or with your IoT devices?
Equally important, can you keep your controls going over time – and not just as a one-time action. This means trained staff, repeatable processes, patched systems and coordination with partners.
Finally, think about end-to-end protections in the cloud and with your devices. This includes encryption of sensitive data and effective identity management with access controls. Remember, you can outsource the responsibility, but not the risk. Many organizations rely on a managed service or outside contractors. They think “the big boys” (like Amazon, Google or Microsoft) will keep them safe, but they neglect to realize that poorly configured servers in the cloud or managed devices required shared responsibilities. Failure in any of these areas can lead to data breaches.
Many organizations rely on a managed service or outside contractors. They think “the big boys” (like Amazon, Google or Microsoft) will keep them safe, but they neglect to realize that poorly configured servers in the cloud or managed devices required shared responsibilities.
M7: Data breaches cost billions of dollars in damages annually. Do smaller businesses face the same risks today as the larger companies we are seeing being hacked in the headlines?
DL: Generally, yes. Larger companies may have a broader online footprint, but bad actors are going after everyone. No organization is immune or safe from cyberattacks. Sadly, small businesses and governments can be MORE at risk, if they don’t take cybersecurity seriously and don’t put the right protections in place.
M7: With your vast experience in various cyber security roles, how do you see AI changing the world around us few years down the line
DL: Again, AI is a complex topic that is evolving rapidly – with many books on AI and cyber.
Artificial Intelligence is already helping now, but the bad news is that the bad actors are also using AI to attack us. I see more machine learning and AI is built into tools going forward, and it will become clear that those without AI will not be able to keep up with the mounting cyberthreats. In the next few years, more and more cyber tools will also claim to utilize AI, but in reality, most will implement machine learning that examines millions and billions of threats and automatically responds faster than humans can respond. This will become commonplace in security operations centers (SOCs). Companies claim that this AI development will ultimately take the place of humans in cybersecurity, but I see removing people taking more than just a few years – maybe decades. Can AI supplement your staff – sure, but we still have a big shortage of cyber pros. My advice, when people use the word “AI,” with “Cyber” examine the details. What exactly are they doing? How? For more details on this from me, see this blog I wrote on the topic last May.
Sadly, small businesses and governments can be more at risk, if they don’t take cybersecurity seriously and don’t put the right protections in place.
M7: What is your advice to our readers to prevent and be aware of fraud and eCrime?
DL: There are many excellent articles available on this topic, including this blog by me.
Here are some of my top tips:
-
Stick to online retailers you know, trust, and preferably, have shopped with before.
-
Research a business you haven’t purchased from before by checking customer reviews or complaints with the Better Business Bureau.
-
Refrain from using public Wi-Fi to make purchases, or use a VPN to avoid hackers intercepting your information.
-
Check a webpage’s security by looking for the lock icon in the URL field, and making sure the URL starts with “https”, not just “http”. The “s” means the site is safer and more secure.
-
Use two-factor (or-two step) authentication. It’s free and easy to use – and VERY important.
-
Avoid tempting ads and phishing links in email and social media – especially from unexpected sources reaching out. If you remain intrigued, go to the company website yourself via your favorite search engine to get the deal.
M7: That is really helpful, Thank you. You are a co-author of the much-anticipated cyber book 'Cyber Mayday and the Day After,' which will be released in November; could you please tell our readers more about it and how the idea came about?
DL: Cyber security failures made splashy headlines in recent years, giving us some of the most spectacular stories of the year. From the Solar Winds hack to the Colonial Pipeline ransomware event, these incidents highlighted the centrality of competent crisis leadership.
Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions offers readers a roadmap to leading organizations through dramatic emergencies by mining the wisdom of C-level executives from around the globe. It’s loaded with interviews with managers and leaders who've been through the crucible and survived to tell the tale.
From former FBI agents to Chief Information Security Officers, these leaders led their companies and agencies through the worst of times and share their hands-on wisdom. In this book, you’ll find out:
-
What leaders wish they'd known before an emergency and how they've created a crisis game plan for future situations
-
How executive-level media responses can maintain – or shatter – consumer and public trust in your firm
-
How to use communication, coordination, teamwork, and partnerships with vendors and law enforcement to implement your crisis response
Cyber Mayday and the Day After offers managers, executives, and other current or aspiring leaders a first-hand look at how to lead others through rapidly evolving crises.
As for more background on where the idea came from,
Shamane Tan, who is my outstanding co-author from Australia, reached out to me in the summer of 2020 to ask if we could collaborate on a writing project. We had worked together on several virtual events, and I contributed to her first book on CISO Leadership.
After brainstorming ideas, we decided the biggest need that we saw for the cyber industry around the world was a guide for business leaders to navigate significant cyber emergencies (such as a ransomware attack or a major data breach) included with true global stories from top leaders in the public and private sectors. We came to this idea BEFORE the Solar Winds, Colonial Pipeline, JBS Meats or other major cyber incident news broke.
Our proposal was well-received by several publishers, and we completed our writing in July 2021. Wiley did a great job getting this timely book out fast, and it is planned for multiple languages with worldwide distribution. We cover true cyber emergency stories from small, medium and large organizations with best practices and also failures that taught leaders many lessons. For example: What would they do differently, now that they have lived through a major ransomware attack?