The Cyber Insider Emsisoft

This month’s guest on the Cyber Insider is Daryna Antoniuk. Daryna is a reporter for Recorded Future News based in Ukraine. She writes about cyberattacks and cyber policy in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously worked as a tech reporter for Forbes Ukraine. Her work has also been published in The Kyiv Independent, The Kyiv Post, and Sifted.  
Daryna sheds light on the unique challenges faced by journalists reporting from a country at war. She emphasizes the mental toll it can have, particularly due to the prolonged nature of the conflict. Despite these difficulties, our guest highlights the resilience and determination of journalists in Ukraine. Ukraine has been a frequent target of cyber attacks, with varying intensity and complexity. The Ukrainian Emergency Response Team reported over 2,500 cyber incidents in 2023 alone, indicating the scale and frequency of attacks. Daryna emphasizes the need for caution when reporting on cyber events, as misinformation and disinformation are rampant in this domain. The importance of independent analysis and verification when reporting on cyber events, particularly in the context of the Ukraine-Russia conflict, cannot be overstated.  
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.   
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft 
Guest:  
Daryna Antoniuk – Twitter @daryna_antoniuk  
 
Intro/outro music: “Intro funk” by Lowtone. 

This month’s guest of the Cyber Insider is Ryan Chapman. Ryan is the author of SANS Forensics FOR528: Ransomware and Cyber Extortion along with a Certified Instructor for SANS. In his day job, he functions as a consultant for threat hunting and incident response. Ryan often presents at conferences, including running workshops the last 4 years running at DefCon. In his free time he spends time with his daughter watching anime, plays plenty of Street Fighter, and enjoys playing retro video games. 
 
Ryan highlights the significance of security fundamentals in preventing cyberattacks. He emphasizes that many organizations still struggle with basic security practices, such as implementing multi-factor authentication (MFA) and patching vulnerabilities.  In this podcast episode, we also touch on the topic of understanding cybercriminal mindset and how it can help in the fight against ransomware:  
"Engaging with cybercriminals through interviews can help humanize them and provide valuable insights into their motivations and tactics."   
By conducting interviews and engaging with threat actors, researchers and law enforcement agencies can gain valuable insights into their mindset and strategies. Our guest cites the example of ransomware actor Wazawaka, who has been known to provide interviews and share insights into the ransomware landscape. These interviews not only shed light on the tactics employed by cybercriminals but also provide valuable information for prevention and mitigation strategies.  

All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.   
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft  
 
Intro/outro music: “Intro funk” by Lowtone. 

This month’s guest of the Cyber Insider is Azim Khodjibayev.  With over a decade of experience in intelligence analysis, Azim has focused on Russian APT and cybercrime activity, particularly in the realm of ransomware. He shares his insights on the current state of cyber threats, the impact of recent breaches, and the future of cybersecurity. 
One notable trend observed in 2023 was the splintering of cybercriminal groups. Azim highlights how these groups can quickly switch affiliations and work with multiple organizations simultaneously. This flexibility allows them to evade detection and maximize their impact. Azim suggests that this splintering may be a response to increased law enforcement activities and the need to adapt to changing circumstances.  
Law enforcement efforts have seen some success in recent years, with notable takedowns of cybercriminal groups like ALPHV/BlackCat and Hive. However, the impact of these actions on cybercriminal operations is a subject of debate. Azim acknowledges that short-term disruptions can occur, as cybercriminals assess the risks and adjust their strategies. However, he emphasizes that the allure of quick financial gains and the addictive nature of cybercrime make it unlikely for these individuals to abandon their activities permanently. 
Azim states, "As long as they have access to computers, as long as they have access to their communication channels, they're going to come back, and they'll do it a little bit better, a little bit more sophisticated."  
As cyber threats continue to evolve, it is essential to equip individuals with the knowledge and skills to protect themselves and their organizations. Azim emphasizes the importance of cybersecurity education, particularly for the younger generation who are increasingly reliant on technology. Azim explains, "It would be really nice to see middle school classes, for example, about online safety... treating it as bad as we treat all the other safety stuff."  
As we enter 2024, the cybersecurity landscape remains challenging. While progress has been made in disrupting cybercriminal operations, the battle is far from over. Azim believes that the rate of learning and collaboration among cybersecurity professionals is a positive sign. However, he cautions that the worst is yet to come, as cybercriminals become more sophisticated and globalized. 
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.   
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft  
 
Intro/outro music: “Intro funk” by Lowtone. 

This month’s guest of the Cyber Insider is Allan Liska, Senior Security Architect and Ransomware Specialist, Recorded Future. With more than 20 years of experience in ransomware and information security, Allan Liska has improved countless organizations’ security posture using more effective intelligence. Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies, sitting on national ransomware task forces and speaking at global conferences. Liska has worked as both a security practitioner and an ethical hacker at Symantec, iSIGHT Partners, FireEye, and Recorded Future. Regularly cited in The Washington Post, Bloomberg, The New York Times, and NBC News, he is a leading voice in ransomware and intelligence security. Liska has authored numerous books including “The Practice of Network Security”, “Building an Intelligence-Led Security Program”, “Securing NTP: A Quickstart Guide”, “Ransomware: Defending Against Digital Extortion”. “DNS Security: Defending the Domain Name System” and “Ransomware: Understand.Prevent.Recover.” He is also the creator of the first ransomware-themed comic book, Yours Truly, Johnny Dollar. 
In this thought-provoking discussion, Allan shares his thoughts on the current state of cyber insecurity, the role of the cybersecurity industry, and the challenges posed by ransomware. He also explores potential solutions and strategies to combat this growing threat.  
 
"I think the International Ransomware Task Force has been doing a lot of great work with information sharing. We need to bring more countries into that and improve that information sharing so that we can arrest these people wherever they are." 
 
Allan shares his insights on the rise of ransomware variants and the increase in ransomware extortion sites. This conversation also touches on the effectiveness of law enforcement efforts, the role of cyber insurance companies, and the presence of ransomware actors on social media platforms.  
Our guest concludes by suggesting diplomatic and law enforcement actions to disrupt the support structure for ransomware operators and the need for stricter reporting requirements for ransom payments. 
 
"If you pay a ransom, you have to report it before you pay the ransom again. If nothing else, maybe we can get some law enforcement tracing".  
  
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.   
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft  
 
Intro/outro music: “Intro funk” by Lowtone.  
 
 
 
 

This month we welcome Ian L. Paterson on the Cyber Insider podcast. Ian is an entrepreneur with 10+ years of experience in leading and commercializing technology companies. Paterson has raised millions of dollars in private and public financing, completed international M&A transactions, and is co-inventor of 3 patents on digital identity and data analytics. As CEO of Plurilock, Paterson successfully built and grew Plurilock, leading to its successful public listing on the Toronto Stock Exchange Venture. 
Previously Paterson served as founder and CEO of data monetization platform Exapik (acquired), and as Director of Insights for Terapeak (acquired), a venture-backed analytics firm. Paterson is a regular speaker, media commentator, and active angel investor. 
 
Hosts Brett Callow and Luke Connolly discuss the role of artificial intelligence (AI) in cybersecurity with our expert guest. Ian explains that while AI has its strengths in processing large amounts of data and making determinations based on patterns, it also has its limitations in areas such as content sensitivity, context sensitivity, creativity, and innovation. However, he notes that AI is evolving rapidly and becoming more capable in areas like creativity, as seen with tools like ChatGPT and OpenAI's image creation tools. Ian emphasizes that AI is a valuable tool for processing large amounts of data in cybersecurity, particularly in areas like threat detection and response.  
Regarding the ethical implications of AI in cybersecurity, our guest discusses the importance of data ownership and rights. He highlights the need for organizations to be cautious about the data they feed into AI systems and ensure they are not accidentally leaking or granting permission to sensitive information. He also mentions the use of data loss prevention tools to mitigate these risks.  
"AI is an equal opportunity tool. It's not just going to be used by the good guys, it's going to be used by the bad guys as well." 
In terms of future trends, Ian predicts that there will be multiple AI systems in use, both public and private, within organizations. He believes that each team, individual, and domain will have their own AI system, and organizations will have more control over the models and data used. He also anticipates the emergence of new applications and use cases for AI in cybersecurity that we may not have thought of yet. 
  
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.   
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft 

This month we welcome David Shipley on the Cyber Insider podcast’s latest episode. David is a recognized global expert in cybersecurity, regularly speaking at public and private events around the world and frequently appears in national and regional media to address cybersecurity stories and topics. David co-founded Beauceron Security in 2016 with an innovative approach to cybersecurity awareness and risk management which empowers everyone within an organization to know more, and care more, about their key role in protecting against cyber-attacks. Beauceron Security now serves more than 700 clients across North America, Europe, and Africa with 650,000+ end-users. He continues to lead the company as CEO. Prior to co-founding Beauceron Security, David was the security lead for the University of New Brunswick and developed its incident response, threat intelligence and awareness practice. He is a Certified Information Security Manager (CISM) and holds a Bachelor of Arts in Information and Communications Studies, as well as a Master of Business Administration, from the University of New Brunswick. In 2023, David was awarded the Queen’s Jubilee Platinum Medal by the province of New Brunswick for his service in the Canadian Forces, work in cybersecurity, and for co-founding Beauceron Security. David is a former journalist and a Canadian Forces veteran. 
  
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity. 
 
Hosts:  
Luke Connolly – partner manager at Emsisoft  
Brett Callow – threat analyst at Emsisoft  
 
Intro/outro music: “Intro funk” by Lowtone.