ITSPmagazine Podcasts - Hurricanes, Hacktivists, & HPCs: Building Resilience for the Compute Era | A Conversation With Dr. Melanie Garson and Sean Martin | Redefining Society with Marco Ciappelli

Hurricanes, Hacktivists, & HPCs: Building Resilience for the Compute Era | A Conversation With Dr. Melanie Garson and Sean Martin | Redefining Society with Marco Ciappelli

06/19/24 • 36 min

Guests: ✨

Dr. Melanie Garson, Cyber Policy & Tech Geopolitics Lead, Tony Blair Institute for Global Change [@InstituteGC]

On LinkedIn | https://www.linkedin.com/in/melaniegarson/

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

____________________________

Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
_____________________________

This Episode’s Sponsors

BlackCloak 👉 https://itspm.ag/itspbcweb

Bugcrowd 👉 https://itspm.ag/itspbgcweb

_____________________________

Episode Introduction

In an era where technology is the backbone of society, resilience in the face of cyber threats, natural disasters, and geopolitical strife is paramount. This was the focal point of the discussion between Sean Martin, Marco Ciappelli, and Dr. Melanie Garson in their recent conversation on "Hurricanes, Hacktivists, & HPCs: Building Resilience for the Compute Era."

Dr. Melanie Garson, the Cyber and Tech Geopolitics Lead at the Tony Blair Institute for Global Change and Associate Professor at University College London, brings a wealth of expertise to the topic. Her work revolves around understanding how new and disruptive technologies like cyber warfare, brain-computer interfaces, and genetic engineering affect global stability. This episode delves into her insights on the evolving landscape of cyber resilience and the steps needed to brace for future challenges.

The conversation begins with an exploration of how legacy infrastructure poses a significant risk to our digital and physical security. Dr. Garson emphasizes the importance of addressing these foundational elements, noting examples like the 2006 earthquake in Taiwan, which disrupted 22 communication cables. She warns of the potential catastrophes linked to outdated infrastructure and underscores the need for modernization and robust protection against not just cyberattacks but physical disruptions as well.

The geopolitical aspect of technology is another critical element discussed. Dr. Garson highlights the role of private companies like Microsoft and Amazon in global conflicts, noting the effects seen during the Russia-Ukraine conflict where cloud services played a pivotal role in preserving data. This involvement signals a shift in how we understand power dynamics and control over critical technologies and raises questions about the responsibilities and decision-making processes of these tech giants. Furthermore, the discussion covers the intersection of emergency situations and technological dependencies.

Using real-world instances like the hurricane in West Africa that knocked out major cables, Marco Ciappelli and Sean Martin emphasize how such events lead to significant economic impacts, illustrating how interconnected and vulnerable our systems are. Dr. Garson also touches upon the evolving nature of warfare, especially with the advent of electromagnetic spectrum manipulation and the reliance on GPS technologies. She notes the increasing use of electromagnetic interference for strategic advantage, a trend seen in ongoing global conflicts. The idea of compute diplomacy—ensuring countries have the sustainable computational power needed to remain competitive and secure—resonates strongly throughout their dialogue.

The conversation wrapped with a powerful call to action: the need for both public and private sectors to address vulnerabilities throughout the entire tech stack, not just the application layer. This holistic approach is essential to safeguarding our digital infrastructure against a multitude of threats.

In conclusion, building resilience in the compute era requires a multi-faceted approach that integrates robust cyber defense, modernized infr...

Guests: ✨

Dr. Melanie Garson, Cyber Policy & Tech Geopolitics Lead, Tony Blair Institute for Global Change [@InstituteGC]

On LinkedIn | https://www.linkedin.com/in/melaniegarson/

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

____________________________

Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
_____________________________

This Episode’s Sponsors

BlackCloak 👉 https://itspm.ag/itspbcweb

Bugcrowd 👉 https://itspm.ag/itspbgcweb

_____________________________

Episode Introduction

In conclusion, building resilience in the compute era requires a multi-faceted approach that integrates robust cyber defense, modernized infr...

Previous Episode

undefined - In the Same Site We Trust: Navigating the Landscape of Client-side Request Hijacking on the Web | An OWASP AppSec Global Lisbon 2024 Conversation with Soheil Khodayari | On Location Coverage with Sean Martin and Marco Ciappelli

In the Same Site We Trust: Navigating the Landscape of Client-side Request Hijacking on the Web | An OWASP AppSec Global Lisbon 2024 Conversation with Soheil Khodayari | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Soheil Khodayari, Security Researcher, CISPA - Helmholtz Center for Information Security [@CISPA]

On LinkedIn | https://www.linkedin.com/in/soheilkhodayari/

On Twitter | https://x.com/Soheil__K

____________________________

Hosts:

Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli

____________________________

Episode Notes

In this episode of On Location with Sean and Marco, co-host Sean Martin embarks on a solo journey to cover the OWASP AppSec Global event in Lisbon. Sean welcomes Soheil Khodayari, a security researcher at the CISPA Helmholtz Center for Information Security in Saarland, Germany, to discuss the intricacies of web security, particularly focusing on request forgery attacks.

They dive into Soheil’s background, noting his extensive research in web security and privacy, with interests spanning vulnerability detection, internet measurements, browser security, and new testing techniques. Soheil aims to share valuable insights on request forgery attacks, a prevalent issue in web security that continues to challenge developers and security professionals alike.

The conversation transitions to an in-depth exploration of client-side request forgery and how these attacks differ from traditional cross-site request forgery (CSRF). Soheil elaborates on the evolution of web applications and how shifting functionalities to client-side code has introduced new, complex vulnerabilities. He identifies the critical role of input validation and the resurgence of issues related to improper handling of user inputs, which attackers can exploit to cause unintended actions on authenticated sessions.

As they prepare for the upcoming OWASP Global AppSec event, Soheil highlights his session, titled "In the Same Site We Trust: Navigating the Landscape of Client-Side Request Hijacking on the Web," scheduled for Thursday, June 27th. He emphasizes the relevance of the session for developers and security professionals who are eager to learn about modern request hijacking techniques, defense mechanisms, and how to detect these vulnerabilities using automated tools.

The discussion touches on the landscape of modern browsers, the effectiveness of same-site cookies as a defense-in-depth strategy, and the limitations of these measures in preventing client-side CSRF attacks. Soheil mentions the development of a vulnerability detection tool designed to mitigate these sophisticated threats and invites attendees to integrate such tools into their CI/CD pipelines for enhanced security.

Sean and Soheil ultimately reflect on the importance of understanding the nuances of web application security. They encourage listeners to attend the session, engage with the community, and explore advanced security practices to safeguard their applications against evolving threats. This engaging episode sets the stage for a deep dive into the technical aspects of web security at the OWASP Global AppSec event.

Next Episode

undefined - AI Development: Can Ethics Keep Up with Innovation? | A Conversation with Aric Perminter, Pam Kamath, Darrell Hawkins, and Taiye Lambo | Redefining CyberSecurity with Sean Martin

AI Development: Can Ethics Keep Up with Innovation? | A Conversation with Aric Perminter, Pam Kamath, Darrell Hawkins, and Taiye Lambo | Redefining CyberSecurity with Sean Martin

Guests:

Taiye Lambo, Founder of Holistic Information Security Practitioner Institute (HISPI), Founder and Chief Technology Officer of CloudeAssurance, Inc.

On LinkedIn | https://www.linkedin.com/in/taiyelambo/

Pam Kamath, Founder, Adaptive.AI

On LinkedIn | https://www.linkedin.com/in/pamkamath/

Aric Perminter, CEO, Lynx Technology Partners, LLC.

On LinkedIn | https://www.linkedin.com/in/aricperminter/

Darrel Hawkins, Cyber Chief Technology Officer, Otis Elevator Co.

On LinkedIn | https://www.linkedin.com/in/darrellhawkinscissp/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/sean-martin

View This Show's Sponsors

___________________________

Episode Notes

The latest episode of Redefining CyberSecurity Podcast brought together a distinguished panel of experts to delve into the intricacies of artificial intelligence, its benefits, and its risks. Hosted by Sean Martin, the panel included Aric Perminter, Founder and Chairman of Lynx Technology Partners; Pam Kamath, Founder of Adaptive AI; Darrell Hawkins, an IT industry veteran with extensive experience in cybersecurity; and Taiye Lambo, who established the Holistic Information Security Practitioner Institute in Atlanta, Georgia. One of the primary topics discussed was the pervasive influence of AI in various industries, particularly the dichotomy between generative AI and traditional AI.

Pam Kamath highlighted the overlooked capabilities of traditional AI in fields like healthcare, which already show significant advancements in areas such as radiology. This underscores the point that while generative AI, epitomized by models like ChatGPT, garners much of the public's attention, traditional AI applications continue to evolve and solve complex problems efficiently.

Darrell Hawkins brought a commercial perspective into the discourse, emphasizing the balancing act between leveraging AI for profitability versus ensuring societal safety. The key takeaway was that AI's role in enhancing productivity and creating new opportunities is undeniable, yet it is imperative to remain vigilant about its societal implications, such as privacy concerns and job displacement.

Taiye Lambo shared insights from his experience with AI's practical applications in cyber operations. He underscored the diversity of AI's utility, from improving threat intelligence to automating secure responses, demonstrating its potential to transform cybersecurity protocols dramatically. Lambo also provided a thought-provoking view on privacy, suggesting that with the integration of AI into daily operations, the traditional concept of privacy might inevitably evolve or even diminish.

Aric Perminter, focusing on sales and operational efficiencies, shared his insights on how AI-driven analytics can profoundly impact sales strategies, enhancing proposal effectiveness and positioning high-value services. This reflects AI’s broader potential to revolutionize internal business processes, making organizations nimbler and more data-driven. A common thread throughout the discussion was the emphasis on learning from past technological advances, like the adoption of cloud services, to guide AI implementation.

Sean Martin and the panelists agreed that clear use cases and identified outcomes remain critical to leveraging AI effectively while managing risks thoughtfully. In doing so, organizations can harness AI's strengths without repeating past mistakes. Ultimately, the episode revealed that the journey with AI entails navigating both opportunities and risks. By focusing on practical applications and maintaining a vigilant eye on ethical and societal concerns, businesses and individuals can find a balanced approach to integrating AI into their ecosystems. This nuanced conversation serves as a valuable guide for anyone looking to understand and leverage the power of AI in a meaningful and responsible way.

Top Questio...