Future of Cyber Crime

In this episode, Zaira Pirzada speaks to Harlan Carvey, Senior Incident Responder, R&D at Huntress. During the episode, they talk about how today's current incident response business model can be improved to promote better threat intelligence gathering and collaboration. 
Topics discussed:
Harlan explains that in twenty years of incident response work, every job has been unique.
He shines light on the state of cybercrime from the responder and attacker perspectives.
The importance of collaboration between incident responders and threat intelligence professionals. 
How teams can improve their effectiveness by sharing intelligence gathered during incident response. 
Why it's important for incident responders to recognize that even if the hardware and software are the same as a previous job, many other factors make each job unique.
How he has seen defensive techniques and practices from years ago find application in modern incident response. 
Harlan’s predictions on the future of the cybercrime underground, including how shortcomings we see in cybersecurity today are likely to continue until there is a financial incentive for end users to demand better.
Resources Mention: 
WindowsIR Kindle Edition
Harlan Carvey on Twitter
Harlan Carvey on LinkedIn

As technology continues to advance and evolve, so does our society and, with it, the changing nature of how we combat cybercrime. A significantly increasing portion of law enforcement is now dedicated to upholding safety and security on the internet. This involves protecting victims from online crimes and ensuring that the laws are being followed across geographical boundaries and digital domains. 
In this episode of the Future of Cybercrime podcast, Zaira Pirzada speaks with Dr. Philipp Amann, Head of Strategy at the European Cybercrime Centre (Europol). Philipp and Zaira talk about fighting cybercrime from a global perspective. 
Topics discussed:
Philipp describes the role of Europol concerning cybercrime within EU member states and many non-EU partners with whom it has operational agreements.
Philipp and Zaira talk about The Cyber Blue Line, Europol Spotlight Report co-authored by Dr. Amann and Dr. Mary Aiken.
Zaira asks Philipp to define the protection governance gap and discuss why cybersecurity is not enough to protect it. 
Philipp elaborates on his view of the role law enforcement plays in cyberspace.
Some of the challenges at the UN level regarding defining cybercrime within the relevant legal frameworks are discussed. 
Philipp describes how the concept or domain of "safety tech" goes beyond the bits and bytes of cybersecurity by putting human behavior at the center of the design. 
Philipp talks about why we need to address offender convergence in dark web settings and rampant cyber criminality facilitated by the premise of anonymity online.
Resources Mentioned:
Philipp Amann on LinkedIn: https://www.linkedin.com/in/philippamann/?locale=en_US
The Cyber Blue Line, Europol Spotlight Report: https://www.europol.europa.eu/publications-events/publications/europol-spotlight-cyber-blue-line
Europol: https://www.europol.europa.eu/ 
Philipp Amann on Twitter: @fipman
Stop Child Abuse – Trace an Object: https://www.europol.europa.eu/stopchildabuse

In this episode of the Future of Cybercrime podcast, Zaira Pirzada speaks with Etay Maor, Senior Director of Security Strategy at Cato Networks. Etay provides fascinating insights into his work as a threat intelligence researcher during the show. 
Topics discussed:
Etay shares his thoughts about how economic conditions and world events affect cybercrime.
Etay and Zaira examine how threat actors collaborate and share data to create what could be called cybercrime syndicates.
They explore ways cyber defenders can and should broaden their input from various disciplines to create innovative approaches to cybersecurity. 
Etay compares how his non-technical students at Boston College sometimes develop more creative approaches to potential attack scenarios than more classically minded technical students.
Zaira probes to uncover Etay's thoughts about how businesses react to cyber incidents. 
Etay describes how cyber breaches are no longer solely a technical issue. In equal measure, they are business issues requiring additional stakeholders to be involved in decision-making. 
Etay talks about his belief that cyber breaches are always the result of multiple steps taken by attackers. They are never the result of a single point of failure.
Resources Mentioned:
Etay Maor on LinkedIn: https://www.linkedin.com/in/etaymaor/
Cato Networks Free Educational Resources: https://www.catonetworks.com/resources/

There are different types of cybercrime, and the threat actors range from sophisticated criminal organizations to lone hackers. Understanding an attacker's motivation and technical skill level can enhance your ability to respond to cyber incidents and conduct data breach investigations and analysis.
In this episode of the Future of Cybercrime podcast, Zaira speaks with Senior Vice President for Digital Forensics and Incident Response Investigations at IR Inc., Matthew Swenson. During the show, Matt and Zaira provide a fascinating look at the different types of cybercrime and the evolution of threat actors. 
Topics discussed:
Matt shares how the Department of Homeland Security defines cybercrime and the difference between cyber-dependent and cyber-enabled investigations.
Matt and Zaira examine the intersections between cyber-dependent and cyber-enabled crimes.
They explore the role that social engineering plays in these two types of cybercrime. 
Matt compares his previous work within the DHS bureaucracy to his current role as a leader within a fast-paced, dynamic incident response startup.
Zaira probes to uncover the importance and shortcomings of private-public cooperation in fighting cybercrime. 
Matt offers his views on the state of cybercrime today and how it has evolved throughout his career. 
Matt talks about threat intelligence from both a law enforcement and private organization perspective.
Resources Mentioned:
Matthew Swenson on LinkedIn

In order to protect our data and systems, we need to develop new methods and tools for safeguarding them against attack. Academic researchers are at the forefront of developing new strategies for protecting our data and systems from cyberattacks. They are constantly exploring new ways to secure our networks, defend our systems, and prevent unauthorized access.
In this episode of the Future of Cybercrime podcast, Zaira speaks with Cyber Intelligence Researcher at the National Consortium for the Study of Terrorism and Responses to Terrorism (START) at the University of Maryland, Rhyner Washburn. During the show, Rhyner and Zaira discuss cybersecurity research in academia and private companies. 
Topics discussed:
Rhyner talks about the various roles of a cybersecurity researcher and the day in the life of a cybersecurity researcher in academia.
Rhyner and Zaira uncover some differences between academic research and investigations that you might find in a public or private sector organization. 
They explore the benefits organizations could realize from having dedicated researchers not purely driven by the organization's mission. 
Rhyner discusses his START work, including biosecurity, CBRN (Chemical, Biological, Radiological, and Nuclear) threats, and cybersecurity.
Zaira focuses on the commercial nature of much of today's relevant cybersecurity threat intelligence and probes to discover Rhyner's views on the future of academic research in this area. 
Rhyner discusses some ways that collaboration between academia and private companies can elevate the level of cybersecurity research.  
Rhyner offers three pieces of actionable advice for security practitioners and researchers.
Resources Mentioned:
Rhyner Washburn on LinkedIn: https://www.linkedin.com/in/rtburn/
National Consortium for the Study of Terrorism and Responses to Terrorism (START): https://www.start.umd.edu/

When it comes to the cybercrime underground, threat intelligence is critical. By understanding the threats on the cybercrime underground, organizations can take steps to protect themselves from these dangers.
In this episode, host Zaira Pirzada speaks with independent cyber intelligence researcher Saurabh Chaudhary. During the show, Saurabh and Zaira take a deep dive into the value of threat intelligence and how practitioners can use it to protect their organizations. 
Topics discussed:
Saurabh shares his experience and insights into cybercrime threat intelligence.
Saurabh and Zaira examine the collaborative nature of cybercrime.
They explore how monitoring the cybercrime underground can give organizations a heads-up about threat actors planning an attack or selling the spoils of a recent successful exploit. 
Saurabh suggests ways to engage with threat actors on the cybercrime underground to prevent the further escalation of a breach.
Saurabh explains why he believes that intelligence will always be about people regardless of spending billions of dollars on tools and technologies. 
Zaira and Saurabh explore the differences between threat hunting and threat intelligence.

Cybersecurity journalists play an essential role in educating the public about the risks of cyberattacks and the importance of protecting their data. They also help keep businesses and individuals informed about the latest security threats and how to protect themselves.
In this episode, host Zaira Pirzada speaks with Greg Otto, Editorial Director at Trail of Bits. During the show, Zaira and Greg explore the ins and outs of cybersecurity journalism and why it matters and shares some of the challenges.  
Topics discussed:
Greg shares what motivates him to cover and report on the field of cybersecurity.
Greg and Zaira talk about the relationship between journalists and security researchers. 
Greg gives some insights into the challenges of communicating a very specialized and technical topic, like cybersecurity, to non-technical users and readers.
Zaira prompts Greg to share some of the important changes he has noticed over his years covering cybersecurity, from script kiddies to nation-state threat actors. 
Greg shares why cybersecurity journalists need a somewhat technical understanding of systems and threats and a good grasp of the business side of the equation that drives protection funding.
The discussion turns to how journalism and threat research are very similar in many ways. 
Resources Mentioned: 
Greg Otto on Twitter: https://twitter.com/gregotto 
Trail of Bits on Twitter: https://twitter.com/trailofbits

The dark web is a murky place and is home to all sorts of nefarious activities. Threat intelligence is essential for keeping track of the latest threats and vulnerabilities on the dark web.
In this episode, host Zaira Pirzada speaks with Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. During the episode, Scott shares insights from his research and analysis, including how organized threat actor groups are lowering the barrier for entry to performing malicious activity. 
Topics discussed:
Success stories from dark web threat intelligence.
How threat actors leverage automation to stay ahead of the security community.
How initial access brokers (IABs) sell access to follow-on threat actors. 
How cybercrime is moving to a service-based economy.
What dark web "shop talk" reveals about threat actor tactics, techniques, and procedures (TTPs).
Why security professionals need to take dark web intel seriously to protect their organization.
What security practitioners get wrong about dark web threat intelligence.
Resources Mentioned: 
Control Validation Compass Threat modeling aide & purple team content repository: https://controlcompass.github.io/ 
META OSINT: https://metaosint.github.io/ 
TropChaud: https://github.com/tropChaud
KELA Cyber Threat Intelligence: https://www.kelacyber.com