Charles Blauner is CISO in Residence for Team8, a venture group focused on cyber, data and AI technologies with roots in Israel’s elite military intelligence unit 8200. With an information security career primarily in financial services spanning over 30 years, Blauner held senior security executive roles for Citigroup since 2005. Prior to that, Blauner held several roles, including CISO at JP Morgan and Deutsche Bank.
Security magazine: What does the data breach landscape look like in the next six months?
Blauner: I don’t anticipate the breach landscape looking materially different in the near-term. Right now, I believe that a lot of the better adversaries are taking advantage of the current environment to gain access, leave backdoors and go on to the next target. They are building a collection of compromised assets that they can monetize in the future. If we are not diligent this indicates that in the longer term, we should expect an increase in the really news-worthy breaches across a diverse array of targets.
Security magazine: What other opportunistic attacks — such as phishing scams — have you seen around COVID-19 so far?
Blauner: There is nothing new in the opportunistic attacks that we are seeing, but while the basics of the techniques being used against people’s personal personas haven’t changed, the potential impact to the company has increase with the drive to remote access and the use of technologies like split tunneling.
Security magazine: How can CSOs and CISOs show the board/leadership cybersecurity is worth the investment?
Blauner: Stop talking about security…start talking about the core business and the risks to that business that arise as a result of the underlying security thing…it is easier to talk about making sure the factory floor keeps working than talking about OT Security.
Security magazine: How can CSOs and CISOs ensure that third-party partners are aligned with the organization’s security standards?
Blauner: You can’t ensure it. The best you can do is to make sure that your expectations are clear and measurable; that those expectations are contractually binding; that you set a risk-based framework to measure and test compliance. Additionally, most companies can do a lot more to minimize the risk that vendors pose, by among other things, truly minimize the access given.
Security magazine: Why is thinking like the adversary beneficial?
Blauner: The principle goes back to Sun Tzu’s Art of War (~5th Century BC) when he said, “If you know the enemy and know yourself, you need not fear the result of a hundred battles”. As a defender, you can’t protect everything, knowledge of your adversaries allows you to allocate your scare resources in the most effective manner.
Security magazine: What is the benefit of having a purple team versus a red or blue?
Blauner: It creates a force multiplier when you bring together the best and most creative people from diverse perspectives.
Security magazine: What do you like to do in your free time?
Blauner: Trying to learn to play golf, scuba diving, and underwater photography. I also like to collect and drink wine.