Description

In this edition of the Halcyon video/podcast series Last Month in Security, host Anthony M.

Freed and panelists Ben Carr and Stacey Cameron sit down with Richard Stiennon, Founder

and Chief Research Analyst at IT-Harvest:

We jump right with a discussion around President Biden's Executive Order to Strengthen U.S.

Cybersecurity, which – among other things – follows on to previous Secure-by-Design initiatives

from CISA. These efforts are ostensibly good, but the panel considers whether the US

government is offering enough “carrots” in thew form of incentives for free market solution

acceleration, or whether these provisions include too many “sticks” in the form of punitive

regulatory actions.

The EO also included specific measures to combat ransomware attacks, including Enhanced

Sanctioning Authority that allows the Department of Justice to go after the assets of known

offenders. It also includes language around the Promotion of Advanced Technologies to

encourage adoption of AI-based defenses and accelerates the transition to post-quantum

cryptographic algorithms.

While the EO seems to address a lot of things that were issues more than a decade ago (save

for mentions of AI and quantum capabilities), the panel debates whether the order goes far

enough and discusses whether the government can do more for organizations being

overwhelmed by ransomware attacks than offer guidelines and frameworks.

The conversation then moves to the ongoing attacks by China's Salt Typhoon Hackers.

Between December and January, the Chinese operation infiltrated five major telecoms and

internet service providers worldwide including entities in the US. The operation compromised

the communications of U.S. political figures – notably of President Trump and Vice President

Vance.

Other “Typhoon” operations being tracked include Volt Typhoon and Flax Typhoon, both

targeting organizations within U.S. critical infrastructure sectors. The panel discusses where we

should draw the line on cyberwarfare; at infiltration, or after they execute disruptive or

destructive payloads.

We close out the discussion with Stiennon with a look at his amazing work putting together the

Security Yearbook 2024, an annual publication that documents the history and current state of

the IT security industry, which serves as a valuable resource for understanding industry

developments and trends.

Stiennon tells us more about the genesis of the project, explains the process to put all this info

together and keep it updated, and what he learned along the way when putting the book series

together.

About Our Guest:

Richard Stiennon is a prominent cybersecurity expert and industry analyst with a career

spanning several decades. He is the founder and Chief Research Analyst at IT-Harvest, an

industry analyst firm he established in 2005 to cover the extensive landscape of IT security

vendors. Throughout his career, Stiennon has held significant positions, including Vice

President of Research at Gartner, Chief Marketing Officer at Fortinet, Vice President of Threat

Research at Webroot Software, Chief Strategy Officer at Blancco Technology Group, and more.

Stiennon’s educational background includes a Bachelor of Science in Aerospace Engineering

and a Master of Arts in War in the Modern World from King’s College, London. In addition to his

writing and research, Stiennon advises a range of security companies, from startups to large

enterprises, and contributes articles to publications such as Forbes, CSO Magazine, and The

Analyst Syndicate.

Your Hosts:

Your Hosts:

Anthony M. Freed, Halcyon Director of Research and Communications: An award-winning writer, publisher, and podcast producer with a history of investigative security journalism.

Ben Carr, Halcyon Chief Security and Trust Officer: A cybersecurity leader with 25+ years of experience, serving in executive roles at Visa, Nokia, and Tenable.

Stacey Cameron, Halcyon Chief Information Security Officer: A cybersecurity veteran with expertise in compliance, risk management, and securing federal and private sector environments.

Halcyon.ai eliminates the business impact of ransomware. Modern enterprises rely on Halcyon

to prevent ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal

data, and extort companies – talk to a Halcyon expert today to find out more,.

More like this...

No items found.
Last Month in Security 010: Former White House CIO Theresa Payton
Last Month in Security 010: Former White House CIO Theresa Payton
Last Month in Security 010: Former White House CIO Theresa Payton
Last Month in Security 010: Former White House CIO Theresa Payton

E1:

Last Month in Security 010: Former White House CIO Theresa Payton
How CISOs Can Tackle AI Security Challenges in 2025 w/ Jonathan Dambrot
How CISOs Can Tackle AI Security Challenges in 2025 w/ Jonathan Dambrot
How CISOs Can Tackle AI Security Challenges in 2025 w/ Jonathan Dambrot
How CISOs Can Tackle AI Security Challenges in 2025 w/ Jonathan Dambrot

E2:

How CISOs Can Tackle AI Security Challenges in 2025 w/ Jonathan Dambrot
Investing in Cybersecurity | Results Matter
Investing in Cybersecurity | Results Matter
Investing in Cybersecurity | Results Matter
Investing in Cybersecurity | Results Matter

E3:

Investing in Cybersecurity | Results Matter

CHECK OUT OUR WEBINAR HUB

Explore & Register for Live Upcoming Webinars

Register for Live Events or Watch On-Demand Video
View Webinar Hub
View Webinar Hub