Unit 42® Threat Vector Podcast: Insights into IR Sniping and AI’s Changing Face of Cyberthreats
In today's rapidly evolving cybersecurity landscape, having a proficient security team in place is not enough. Organizations must understand the nuances of modern risks. The third and fourth episodes of the Unit 42 Threat Vector podcast shed light on two critical aspects: IR sniping and the disruptive role of AI in cyberattacks.
These factors revolutionize incident response strategies and prompt organizations to recalibrate their defense mechanisms against increasingly sophisticated threats. These episodes provide invaluable insights for business leaders and emphasize the need for proactive and agile cybersecurity approaches that adapt to the ever-evolving threat landscape.
Let’s look at some of the highlights of episodes three and four of the Threat Vector podcast. You can also read highlights from episodes one and two here and subscribe to hear future segments on CyberWire Daily.
Episode 3: Mastering IR Sniping: A Deliberate Approach to Cybersecurity Investigations with Chris Brewer
In the third episode of Threat Vector, Chris Brewer, director at Unit 42 and expert in digital forensics with decades of experience, and David Moulton, director of thought leadership for Unit 42, delve into the world of incident response (IR) sniping — a deliberate and targeted methodology that accelerates investigation results, and a gamechanger for cybersecurity.
IR sniping follows three main guiding principles:
- Low card exchange: Every contact leaves a trace.
- Occam’s razor: The simplest explanation is often the right one.
- The Alexiou Principle:
- What questions are you trying to answer?
- What data do you need to answer those questions?
- How do you analyze that data?
- What does that data tell you?
IR sniping makes cybersecurity more efficient by answering the questions people care about:
- What did the attackers take?
- Are they still in the environment?
- Where did they go?
- How did they get in?
IR sniping provides better results, faster, and a constant quality control check on your data. By utilizing IR sniping, most investigations can be solved within 72 hours.
For further expert insights and strategies to enhance your incident response tactics, tune in to the five-minute interview here.
Join Chris Brewer for a webinar on the latest advancements in cybersecurity: Unit 42 - IR/Forensics: Product & Process on November 23, 2023, at 2 p.m. CT.
Episode 4: From Nation-States to Cybercriminals, AI's Influence on Attacks with Wendi Whitmore
“AI is game-changing in terms of the impact it’s going to have on attacks and then, in particular, the attacker’s ability to move faster.”
Wendi Whitmore, SVP of Unit 42, begins Episode 4 of Threat Vector with this sobering statement.
Whitmore was an inaugural member of the first cyber safety review board for the U.S. Department of Homeland Security, serves on the industry advisory board for the Duke University Master of Engineering in Cybersecurity and is a member of the World Economic Forum’s Global Future Council on the Future of Cybersecurity. Whitmore and David Moulton, director of thought leadership for Unit 42, discuss the increasing scale, sophistication and speed of cyberattacks — and how organizations can stay vigilant in this rapidly changing threat landscape.
Examples like Muddled Libra and Scattered Spider and other nation-state actors and cybercriminals emphasize that attackers understand how IT business processes and IT departments work — and so they leverage commonly used apps to glean information from business environments. This information enables them to operate faster and more effectively, especially by employing social engineering tactics.
To protect against quicker, more creative and increasingly larger-scale threats and respond at every stage of the event, businesses must focus on:
- The speed of their response
- Automated integration of security tools
- Operationalized capabilities and processes
Organizations must stay vigilant and up to date on current technology to defend against threat actors amidst the rapidly changing threat landscape. To learn more and to listen to the interview, click here:
Threat Vector provides insights that are both enlightening and cautionary. Still, these summaries only scratch the surface of the expert perspectives in the full podcast episodes.
CISOs, C-level executives or anyone with a vested interest in safeguarding the digital world can benefit from subscribing to the Unit 42 Threat Vector podcast. Discover firsthand the invaluable knowledge, strategies and real-world stories cybersecurity experts share.
Threat Vector is your compass in the world of cybersecurity. Listen to all current segments on Unit 42 YouTube channel and Spotify, and subscribe to the CyberWire Daily to hear more.