Ethical Hacking and Cybersecurity – Expert’s Perspective

Igor K
November 28, 2024

This article is based on a CTO Shadowing session with Bryan Seely, an ethical hacker and cybersecurity expert. Bryan is a former marine who, by his own admission, wiretapped the US Secret Service and FBI. Later, he worked with John McAfee and Mark Cuban and founded the Black Hat Conference in Riyadh in 2021. 

Importance of Personal Hygiene in Cybersecurity

According to Bryan, there is a measurable and quantifiable number of ransomware strains that check for the Russian language as a second or a first language on your keyboard. So if you have a Russian language set as a first or second language, they won’t infect your machine. 

Installing Wireshark should have the same effect because they’ll think you’re a honeypot because hackers don’t want you to figure out how they are doing things. 

This just goes to show how important it is for technology leaders to closely follow cybersecurity news and updates. 

Tips for Technology Leaders and SysAdmins

Password length must be over 14 characters.

Encourage security fundamentals, but don’t force it. Instead, do it incrementally because people tend to resist the sudden change. As a rule of thumb, never change more than 10% of the framework in a single attempt and people will think they are part of the solution and the team that is planning everything. This approach will also prevent overload on the team implementing migration. 

When evaluating a new technology, make sure it does not contain too many CVEs right off the bat. For example, a biometric fingerprint scanner without supervision. 

Stay informed about the latest threats and security news (during the session, Bryan suggested Krebs on Security blog).

Biometrics work, but 2FA must be mandatory. Almost every single big breach was enabled by negligence (eg, leaving credentials to a VPN open for anyone to see them).

Shut down access immediately upon exit or predefined (read: relatively short) idle time. You can easily find yourself in a situation where you don’t have the slightest idea about an entry point which will leave attack vectors open simply because someone forgot to shut something down or close the ticket. 

Never use built-in password managers.

Don’t trust an app’s permissions requests; in most instances, your consent is irrelevant and the app will pass the information anyway. 

To avoid single points of failure, introduce compartmentalisation. Earlier this month, the ransomware group, Black Basta, claimed that it obtained sensitive data upon a successful breach into the BT Group’s infrastructure. However, thanks to the compartmentalisation, affected systems were quickly isolated and wider damage was prevented.

Always know what is on your network.

When training employees, always use live training instead of videos. 

Cybersecurity Challenges in Quantum Computing

According to Bryan, there is a great chance of someone breaking encryption under anyone’s radar. In other words, no one will be aware of the exploit. 

Many who are counting on the advanced analytical and detection capabilities of an AI should realise that they don’t actually have the AI but merely a bunch of what-if statements nested in 19,000 lines of code. — Bryan Seely

Conclusion

Cybersecurity is not just about technology, but also about vigilance and informed practices. Proactive steps and continuous learning are your best defence in the ever-evolving cybersecurity landscape.

If you want to learn more about the CTO’s role in cybersecurity, read this guide.

Download Our Free eBook!

90 Things You Need To Know To Become an Effective CTO

CTO Academy Ebook - CTO Academy

Latest posts

2024-Year in Review - message from our CEO, Andrew Weaver

That Was The Year That Was

My 2024 started with a bold New Year resolutions list that whilst well-intentioned, has delivered mixed results … Table A: Review of Weaver’s New Year […]
Online MBA in Technology Management - article featured image

How to Choose the Best Online MBA in Technology Management for Your Career

An online MBA in Technology Management can equip you with the skills and knowledge to thrive in your leadership role. However, a multitude of available […]
Creating Robust and Flexible Decision-Making Framework

How to Create a Robust and Flexible Decision-Making Framework

It’s challenging to create a truly immutable decision-making framework, especially in dynamic environments with conflicting priorities. However, you can create a robust and adaptable framework […]

Transform Your Career & Income

Our mission is simple.
To arm you with the leadership skills required to achieve the career and lifestyle you want.
Save Your Cart
Share Your Cart