Cyber Talks

In this episode, we sit down with Spence Hutchinson, Sr. Staff Threat Intelligence Researcher with our Threat Response Unit (TRU), and chat about the ransomware landscape, the cybercriminal "gig" economy, and which industries and types of businesses are most at risk of ransomware attacks.

Key takeaways from the conversation include:

• The evolution of ransomware attacks from simple smash-and-grab strategies to more sophisticated network-wide dominations
• How ransomware-as-a-service groups operate and how they infiltrate networks to gain initial access
• How the "outside in" approach helps to understand threats posed by the Dark Web
• The role that Initial Access Brokers (IABs) play in the ransomware economy and how they use the Dark Web to sell access to other cybercriminals
• Why Lockbit is one of the most impactful threats for SMBs and why it's so challenging to defend against

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

In this episode, we sit down with Joe Panettieri, Founder of Channel Angels, Sustainable Tech Partner, and Mentore Ventures, to discuss how Joe got his start as a communications intern at IBM, his approach to making cybersecurity communications clear and digestible, and the dynamic nature of the cybersecurity industry.

He also shares the lessons learned from supporting a wide array of cybersecurity stakeholders and his experience with ChannelE2E, focusing on business valuation maximization and provides an insider's view on the inception of the MSP 501 list, along with insights into the evolving relationship between service providers and CIOs/CISOs.

Key takeaways from the conversation include:

• The importance of clarity and customer understanding in cybersecurity communications.
• Business valuation in the MSP and MSSP sector is heavily influenced by evolving market trends and re-emerging technologies.
• MDR's increasing significance in the cybersecurity landscape and the essential questions CISOs/CIOs must ask of their service providers.
• The impact of Generative AI on the cybersecurity industry and the strategic advice for navigating its implications.
• The convergence of green IT and cybersecurity, highlighting the urgency for service providers to adopt sustainable practices.

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

The AlphV/BlackCat ransomware-as-a-service gang has been in the news lately thanks to the recent ransomware attack on Change Healthcare that resulted in widespread disruptions to healthcare services and allegedly resulted in the organization paying a $22 million ransom.

Shortly thereafter, an affiliate claimed that BlackCat cheated them out of their share of the $22 million dollar ransom. So, what's going on?

In this episode, Spence Hutchinson speaks with Joe Stewart, Principal Threat Researcher at eSentire, and Keegan Keplinger, Sr. Threat Intelligence Researcher at eSentire, all about AlphV/BlackCat's ransomware operations. Key topics discussed include:

• Who AlphV/BlackCat ransomware operators are and how they use malvertising to gain initial access
• The ransomware attack on Change Healthcare
• The validity of BlackCat claiming that the FBI has seized their Dark Web site and released a decryption tool
• Signs that a ransomware-as-a-service group is rebranding or preparing an exit scam

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Private Equity (PE) firms are increasingly targeted due to their comprehensive disclosure requirements, possession of sensitive data, and wide network of portfolio companies, making them lucrative targets for cybercriminals. What's more, threat actors exploit these characteristics to gain access to an extensive network by breaching just one entity.

In this episode of Cyber Talks, Ryan Westman and Eldon Sprickerhoff dive into the intricate relationship between private equity firms and their portfolio companies concerning cybersecurity.

Key takeaways of the episode include:

• Reasons PE firms are attractive targets for cybercriminals, including their access to sensitive data and extensive networks
• Unique challenges PE firms face, such as limited visibility and control over cybersecurity measures across their portfolio companies and the diverse range of cyber risks associated with investing across multiple industries
• Common misconceptions about cybersecurity postures among PE firms, the evolving tactics of cyberattackers, and the critical role of user awareness in preventing attacks
• Recommendations to defend against remote exploitation and the misuse of valid credentials

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Since its emergence in 1911, every year on March 8, we celebrate International Women's Day to recognize the inspiring contributions that women have made in the professional and personal lives of those around them.

In this episode, Erin McLean talks to Tia Hopkins and Andrea Markstrom, the Chief Information Officer at Schulte Roth & Zabel LLP and Founder of i.WILL, about their career journeys in cybersecurity, how they empower and support women, and the foundations they've started.

They discuss:

• Why there's no single, linear path into cybersecurity or leadership roles in technology
• The importance of mentorship and networking for growth
• Their commitment to lifting as they climb through their involvement with the i.WILL and Black Women in Cyber Collective foundations
• How to find your voice and make a mark in your field

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Since their emergence in 2019 under the moniker 'ABCD', the LockBit ransomware-as-a-service gang has carved out a notorious reputation as a leading purveyor of ransomware. Their notoriety was cemented by pioneering triple extortion techniques and causing unprecedented disruption across the globe. However, they suffered a significant blow with the orchestrated international law enforcement operation named 'Operation Cronos'.

In this episode, Ciaran Luttrell, Keegan Keplinger, and Brandon Stencell, provide a gripping account of LockBit's operations, their innovative TTPs, and the collaborative law enforcement efforts that led to their partial dismantling. We also offer an insider's look into how the takedown was executed, the resurgence of LockBit and the new Dark Web leak sites, and the broader implications for cybersecurity professionals.

Key discussion points include:

• The evolution and operational methods of LockBit since its inception.
• Insights into 'Operation Cronos' and its impact on LockBit’s infrastructure.
• The tactical shutdown of LockBit's technical and financial frameworks by international law enforcement.
• The immediate response by LockBit, including setting up new operations and their public threats.
• Strategies and advice for cybersecurity professionals to safeguard against future iterations of LockBit and similar ransomware threats.

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

In this episode, we explore Michael Smith's journey from an Air Force IT Manager to VP of Infrastructure and Operations at Trinity Industries, Inc., highlighting his pivotal roles and the cybersecurity landscape within the architecture, engineering, and construction sectors.

Michael shares insights on outsourcing cybersecurity teams, the strategic decision-making behind these choices, the evolving role of the CISO, and the importance of strategic positioning within an organization.

Michael emphasizes the strategic value of leadership positions and how the role that mentorship played in his transition from CISO to CIO while at Jacobs. The discussion also covers Michael's philosophy on leadership, focusing on extreme ownership and servant leadership, and how this influences his approach to new operational challenges.

Key takeaways include:

• The importance of adaptability and strategic thinking in advancing from technical roles to executive leadership in cybersecurity.
• Why mentorship and leadership development are critical for building resilient cybersecurity teams and fostering innovation.
• Strategic outsourcing vs. in-house team development: considerations for effective cybersecurity management.
• The evolving role of the CISO in organizational structures and the importance of C-level accountability and board engagement in cybersecurity.

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Given the macroeconomic climate, security leaders are constantly tasked to do more with less – you’re being asked to take on more responsibility and protect your organizations against increasing cyber threats while balancing evolving regulatory frameworks and third-party vendor risk management.

In this episode, Tia Hopkins, Chief Cyber Resilience Officer at eSentire, and Greg Crowley, Chief Information Security Officer at eSentire, discuss the trends they are seeing from a budgetary perspective and how security leaders can build a more resilient security operation.

Key topics of discussion include:

• Most common types of cyber threats impacting businesses (e.g., the ‘as-a-service’ business model, nation-state cyberattacks, etc.)
• Why security leaders need to shift from a cyber risk reduction mindset to building cyber resilience mindset
• The two options that security leaders have to build a more resilient security operation (i.e., DIY approach vs. outsourcing 24/7 threat detection, investigation, and response capabilities)
• How to build alignment with finance leaders to get the cybersecurity investment you need

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Whether you're on the football field or on the cybersecurity battlefield, being resilient means being able to bounce back stronger after a setback. On the field, it's about how quickly your team is able to adapt to a bad start or a late-game deficit to take the win. In cybersecurity, it's about how your organization can anticipate, withstand, and recover from even the most sophisticated cyber threats by responding efficiently and restoring operations.

Both require a mindset focused on learning from challenges and strengthening defenses for the next encounter. Success isn't about never facing setbacks; it's about how effectively you recover and prepare for the next challenge.

In this episode, Tia Hopkins, our Chief Cyber Resilience Officer & Field CTO, talks with Terrell Davis, Football Hall of Famer and former running back for the Denver Broncos, about the parallels between sport’s biggest stage and the battle facing security leaders today, including:

• Seeing the big picture and getting full attack surface visibility
• The importance of deep investigation to drive effective security (and sport) performance
• Balancing an offensive game plan vs. defensive expertise
• Why building and measuring resilience is the key to your success – not only in business or on the football field but in the game of life

---

Have a question for us? Reach out: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

The role of any security leader – be it the CISO, CIO, VP Security, or even Director of Security, is that of a grandmaster in chess. Every move in the first phase sets the tone for the game, and the world of cybersecurity is no different.

As a new security leader, your first 90 days can either establish a robust defense against cyber threats or leave your company vulnerable to myriad of threats.

In this episode, Greg Crowley, Chief Information Security Officer (CISO) at eSentire, joins us to share what new security leaders should focus on within their first 90 days. Key topics of discussion include:

• What led Greg to join a security firm after a 17-year long tenure as the VP of Cybersecurity and Network Infrastructure at WWE
• How security leaders should identify and approach potential allies and resistors within their first 30 days
• Which security metrics are most valuable, and how leaders should assess their organization’s security maturity
• How to win over the board's trust and get the necessary resources

---

Have a question for Greg? Reach out to us: hello@esentire.com

---

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Modern threat response requires the ability to collect unstructured data from disparate sources associated with attacker tactics, techniques, and procedures (TTPs) and operationalize global protections – all in a timely manner.

Unfortunately, many in-house security teams don't have the bandwidth or expertise to perform proactive threat hunting, conduct original threat research, and develop or deploy new threat detection rules.

Enter the eSentire Threat Response Unit (TRU).

The cybersecurity industry is facing a massive talent shortage. In fact, Cybersecurity Ventures has predicted that there will be 3.5 million unfilled positions in cybersecurity by 2025. As cyber threats continue to rise in number and complexity, security leaders are stretching their employees and resources thin to defend their organizations against these advanced threats and build cyber resilience.

Despite the demand for talent, many of those who are trying to break into the cybersecurity industry are faced with numerous barriers. From financial restrictions to managing unrealistic expectations from their hiring managers, the entry-level security practitioners are struggling to get their foot in the door.

In this episode, Tia Hopkins, Chief Cyber Resilience Officer and Field CTO at eSentire, is joined by Ken Underhill, CEO at Cyber Life, to discuss:

• How to prepare the next generation of cybersecurity leaders,
• Which soft skills security practitioners should have to advance in their careers,
• How security leaders can cultivate more talent, and more.

---

Have a question you want us to answer in the next Office Hours episode?

Reach out to us: hello@esentire.com

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Private Equity (PE) firms and their portfolio companies are finding themselves, and their assets, in the crosshairs of motivated and well-equipped cybercriminals with increasing frequency.

However, many PE firms may struggle with having the right threat detection and response capabilities in place to stop a critical cyberattack from impacting their business operations. On the other hand, many portfolio companies may deprioritize their cybersecurity investments, especially during an economic downturn, which can greatly impact their deal valuations.

In this episode, Eldon Sprickerhoff, Founder & Advisor at eSentire, is joined by Alex Manea, CISO at Georgian, to discuss:

• Why cybercriminals target PE firms and portfolio companies and whether there’s a specific timeframe that these companies are targeted most
• How to measure success of your cybersecurity program given the unique challenges PE firms and their portfolio companies face
• Why PE firms should continuously encourage their portfolio companies to keep up their cybersecurity investments even in an economic downturn
• And more

John Moretti, Principal Solutions Architect, and Mike Sci, Senior Channel Solutions Architect, have become the go-tos when our channel partners have questions or need advice. 

In this Office Hours episode, John and Mike answer some of the most common questions e3 Ecosystem partners have when it comes to Managed Detection and Response (MDR) versus Extended Detection and Response (XDR).

Topics include:

• The difference between MDR vs. XDR
• How partners can identify eSentire MDR opportunities
• How eSentire addresses an organization’s overall risk

---

Take the Next Step with eSentire's e3 Partner Ecosystem.

Most organizations fall victim to cyberattacks because business leaders don’t understand the risk. They don’t see their business as a target, they deny the threat, or believe technology alone can prevent any cyberattack. This cyber-cognitive dissonance creates significant challenges for CISOs who must quantify risk and prioritize resources to protect what matters most.

In this fireside conversation between Tia Hopkins and Rich Raether, Chief Information Officer at Quarles & Brady LLP, they dive into the challenges of managing and quantifying cyber risk. Tia and Rich share their hard-won lessons, and provide practical guidance on how to evaluate cyber risk, align to business priorities, improve your cyber resiliency, and communicate expectations to non-technical business leaders.

Discussion topics include:

• Working with security experts to build an adaptable security program
• Evaluating and communicating risk & outcome management
• Prioritizing risk while aligning security resources to business objectives
• Improving the business’ ability to respond to cyber incidents in order to prevent business disruption
• Driving certification and using cyber frameworks to secure the business rather than meet compliance obligations

Have a question you want Tia to answer in the next Office Hours episode?

Reach out to us: hello@esentire.com

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges.

About eSentire

Tia Hopkins, eSentire's Field CTO and Chief Cyber Risk Strategist, is no stranger to security leaders asking her for advice. In this Office Hours episode, she answers some of the most common questions security leaders have. 

Topics include: how organizations should differentiate between MDR service providers, why compliance-driven security programs aren't always the best option, how security practitioners can make the case for the right technology stack with their senior leaders, the difference between MDR and XDR, and more. 

Have a question you want Tia to answer in the next Office Hours episode? 

Reach out to us: hello@esentire.com

About Cyber Talks

From ransomware attacks to supply chain compromises, eSentire’s Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they’re addressing these challenges. 

About eSentire