Meet Max Vetter, Chief Cyber Officer of Immersive Labs. Before joining Immersive Labs, Vetter spent seven years working with the Metropolitan Police Service as a police officer, intelligence analyst, and covert internet investigator. After leaving his career in law enforcement, he trained the private sector and government agencies in ethical hacking and open source intelligence, specializing in darknets and cryptocurrencies. This included three years of teaching at the GCHQ Cyber Summer School. Here, we speak to Vetter about emerging threats in the cybersecurity space and general security trends he has been noticing throughout the industry.
Security: What is your background and current role?
Vetter: My current role is Chief Cyber Officer of Immersive Labs where I run the content development team and create engaging and innovative cybersecurity labs. I have a background in the private and public sectors, both in investigating cybercrime and working, running, and designing training programs in cybersecurity.
Specifically, I previously worked as a police officer, intelligence analyst, and covert internet investigator. My private sector and government agency work spanned ethical hacking and open-source intelligence, specializing in darknets and cryptocurrencies. Right before joining Immersive Labs in 2018, I spent three years teaching at the GCHQ Cyber Summer School.
Security: What are some of the emerging cyber threats?
Vetter: Due to the pandemic, the increase in remote work has rapidly changed the threat landscape. This has also accelerated the shift to the cloud that many organizations were already considering. As a result of these two things, organizations are facing very different threats than they were two years ago. Both remote work and the rapid shift to the cloud mean that an organization's data is much more distributed, which can be useful for collaboration and productivity. But for those organizations lacking the skills on the back end to ensure employee endpoints are secure, it can leave them vulnerable to breaches.
Phishing is an older but ever-present threat that more and more people are falling victim to. As well as traditional phishing attacks on employees, we are also seeing an uptick in whaling attacks, which are targeting executive organizational leadership. Alarmingly, data shows that crisis exercises confined to technical teams are missing a member of the C-suite 59% of the time. This leaves high-profile executives with sensitive information to be targets of these large-scale phishing attacks. Additionally, increasingly sophisticated social engineering attacks are becoming more prevalent. These are exacerbated by remote work and the emotional roller-coaster we’ve all experienced over the past year, both of which cybercriminals are very adept at exploiting.
Security: What other general security trends have you noticed throughout the industry?
Vetter: I’d be remiss if I didn’t mention the ongoing threat of ransomware attacks. Ransomware is present in every industry. The rapid shift to remote work due to the pandemic, paired with the vast number of organizations moving large amounts of data to the cloud, leaves a number of doors unlocked for cybercriminals to exploit vulnerabilities and attack corporate networks. Because many organizations that have fallen victim to ransomware have been paying the ransoms, cybercriminals are encouraged to continue their practice.
Also of concern is the increased use and exploration of AI and machine-learning as means for cyberattacks and as a more discrete mode of operation for cybercriminals to enter networks. With these stealthier and more aggressive attack strategies, organizations must prepare their employees at every level to ensure they will be able to notice when something is abnormal in their system.
Security: Are cyber leaders prepared to handle these emerging cyber threats?
Vetter: Just looking at the prevalence of large-scale “successful” hacks in recent weeks and months, the answer would have to be no. I think the more important question is whether business leaders prepared to handle these emerging cyber threats. Oftentimes in organizations the "cyber leader" may be out on their own, banging the drum, trying to do as much as they can to protect their organization, but without buy-in from the rest of the company, they’re doomed to fail. Any organization that has fallen victim to a large, public cyberattack knows that when the worst happens, it's everyone's problem, from the executive team down. Responses to cyber threats should similarly be viewed as a “whole company” problem, the same way a physical threat or disaster would be.
Security: What skills are necessary to adapt to the ever-changing cybersecurity landscape?
Vetter: Agility is key. The leaders, management, and staff should all be able to understand that the very nature of cybersecurity changes daily. If those involved want to stay put or stick with old technology and processes, they will soon be overtaken by cybercriminals. Perseverance is a key skill as well. Cybercriminals never give up, so we should learn from them and do the same.