Aphinia - Your Weekly CISO Wire
Here’s your weekly update on comings and goings, jobs, networking opportunities and actionable insights:
These are the most recent appointments and promotions of your cybersecurity peers. Say “CONGRATS!”🥂 to:
→ Akshay Sivananda was appointed as Chief Information Security Officer at Saviynt.
→ Dom Hardman was appointed as Chief Information Security Officer at Iridium.
→ Christie Terrill was appointed as Chief Information Security Officer at Bishop Fox.
→ John Balaguer was appointed as Chief Information Security Officer at Seminole Hard Rock Support Services.
→ Chuck Springer was appointed as Chief Information Security Officer at Deluxe.
→ Mark Archer was appointed as Chief Information Security Officer at UnitedHealth Group.
→ Carl Cahill was appointed as U.S. Chief Information Security Officer at Ahold Delhaize.
→ Joel Simangan was appointed as Chief Information Security Officer at Los Angeles Unified School District.
→ Michael Irwin was appointed as Chief Information Security Officer at Odyssey Logistics.
→ Tim Williams was appointed as Chief Information Security Officer at Insulet Corp.
→ CJ Moses was promoted to Chief Information Security Officer at Amazon.
→ Gavin Guttersen was appointed as Interim Chief Information Security Officer at NetApp.
→ Jason Kikta was appointed as Chief Information Security Officer at Automox.
→ Stephanie Domas was appointed as Chief Information Security Officer at Canonical.
Appointed? Promoted? Let us know!
Kevin McLaughlin, CISO of Stryker - published a book Cybersecurity Operations and Fusion Centers A Comprehensive Guide to SOC and TIC Strategy. It comes out on October 19, 2023 and you can preorder it here>
Alon Nachmany - another Aphinia Member - recommended this book “Battlefield Cyber” written by NSA analysts to provide insights about the nature and the scope of state-sponsored cyber attacks.
Published a book? Giving a TED talk? Let us know!
Aphinia is growing! Say hello, reach and connect with our new members:
Anthony Lichiello, Executive Director - Cybersecurity & Technology Controls, JPMorgan Chase & Co
Ashwin Altekar, Chief Information Security Officer, Fullsteam
Jack Roehrig, CISO, Advisor, Investor, JCR Security
Michael Dunn, Chief Technology and Innovation Officer, Tavve
Nathan Case, CISO, Corsha
Steven Rich, Global Functions / EO&T CISO, Citi
Tony Bautts, CISO, Zephyr-7
Welcome on board!
Do you have a colleague, a friend or someone in your network who can benefit from Aphinia? Send them here»
Do you want to share your story with fellow CISOs? Book your time now: https://calendly.com/aphinia/30min
Do you want to impart your wisdom and share actionable insights? And, importantly, to further enhance your personal brand so that you would get:
a new Advisory role
a consulting gig
a promotion or appointment
a book deal
a speaking engagement at industry conference
Our dance card is filling up fast, please respond today!
Here’s the link to grab your time slot now: https://calendly.com/aphinia/30min
Meanwhile, check out our wide ranging conversation with our guest Sabino Marquez (CISO, Cognota) about the changing role of a CISO and framing cybersecurity as a business function centered around trust and not as a branch of IT, and much more:
Several important events happened that merit your attention:
When stuff gets real. The phenomenon of civilian hackers conducting cyber operations in the context of an armed conflicts is worrying. Here is an interesting read from the Red Cross (…I know!) on 8 rules for “civilian hackers” during war, and 4 obligations for states to restrain them.
How not to be a low hanging fruit for attackers. NSA and CISA red and blue teams share top ten cybersecurity misconfigurations, to highlight the most common cybersecurity issues in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
Dead but not out. The hackers behind Qakbot, a notorious malware operation that was recently “dismantled” by the FBI, are still active and continue to target new victims, researchers say.
The dragon awakened. U.S. Department of State just published a report titled “How the People’s Republic of China seeks to reshape the global information environment.” describing tools and tactics to turn information into narrative.
Dream job. Lazarus luring employees with trojanized coding challenges: the case of a Spanish aerospace company. While a prospect is working on a coding challenge as part of his application for a job at Facebook, a backdoor gets installed in the background.
You can run but you cannot hide. The ‘Predator Files’ focus on the “Intellexa alliance” — a complex, morphing group of interconnected companies — and Predator, its highly invasive spyware. “The ‘Predator Files’ investigation shows what we have long feared: that highly invasive surveillance products are being traded on a near industrial scale and are free to operate in the shadows without oversight or genuine accountability.
Don’t ask for information you can’t secure or prevent abuse. A group of more than 50 tech experts and organizations have signed an open letter asking EU officials to rethink Article 11 of the upcoming EU Cyber Resilience Act. The article introduces a mandatory requirement for all software vendors to disclose vulnerabilities to the ENISA, the EU's cybersecurity agency, within 24 hours of becoming aware of in-the-wild exploitation. ENISA will then relay this information to national CSIRT teams and stock market watchdogs across its member states.
API keys leak: Truffle Security has identified more than 700 live API keys and passwords that were included in GitHub comments. The comments were filed with pull requests and issue trackers. Researchers say human users authored 97% of all the comments and that most commenters had no relation with the projects.
PEACHPIT botnet takedown: Human Security has disrupted the operations of PEACHPIT, a vast ad fraud botnet operated by the BADBOX threat actor. BADBOX assembled the PEACHPIT botnet by selling backdoored Android TV streaming boxes on popular online stores and by spreading malicious Android and iOS apps. The purpose of the botnet was to secretly install apps on the infected devices that would show and play unwanted ads. At its peak, researchers say PEACHPIT was communicating with more than 121,000 Android devices and more than 159,000 iOS devices a day.
These senior cybersecurity sales roles you may want to forward to your friends and colleagues:
→ State of Minnesota is looking for a Chief Information Security Officer in St Cloud, MN.
→ Lantheus Medical Imaging is looking for a Chief Information Security Officer in Bedford, MA.
→ City and County of San Francisco is looking for a Chief Information Security Officer in San Francisco, CA.
→ County of Riverside is looking for a Chief Information Security Officer in Riverside, CA.
→ Arcfield is looking for a Chief Information Security Officer in Chantilly, VA.
→ Sky River Casino is looking for a Chief Information Security Officer in Elk Grove, CA.
→ Equity Bank is looking for a Chief Information Security Officer in Wichita, KS.
Looking for a job? Hiring? Let us know.
Last week’s session with Steve Martino, former CISO at Cisco, who talked about his experience as an Aphinia member and as a Gerson Lehrman Group consultant was awesome.
If you missed it, here is the recording:
Next steps: if you would like to explore fairly material consulting opportunities with Gerson Lehrman Group, send an email at getstarted@glgroup.com and your GLG contact there - Nicole Mikhov - will help you.
These are virtual and live events for the cyber community you may find interesting:
=> SAVE THE DATE: Aphinia event - October 11, 2023 at 3:00 - 4:00 pm EST
Sivan Tehila - will discuss challenges facing CISOs and best practices in managing an ever expanding tech stack of cybersecurity tools.
Sivan Tehila is a former head information security officer in the Israel Defense Force and currently the CEO and Founder of Onyxia, a cybersecurity performance management solution.
Eran Zilberman - will discuss how cybersecurity executives can deal with complexity and overwhelm to achieve higher productivity from their team.
Eran Zilberman is a Co-Founder and CEO of Cyclops Security and a veteran cybersecurity executive.
Add to your calendar today: https://us06web.zoom.us/j/84964257149
Add to Google Calendar
Add to Outlook Calendar
=Industry Events=
CISO Summit is taking place on November 16, 2023 in New York, NY.
CyberTech is taking place on January 29-31, 2024 in Tel Aviv, Israel.
RSA 2024 is taking place on May 6-9, 2024 in San Francisco, CA.
Attending or hosting an event? Let us know!
There’s been discussion on implications of using AI products by OpenAI (ChatGPT) and Github (Copilot) in the work environment - from cybersecurity and potentially, legal standpoints.
To offer your opinion on the subject and to participate in the discussion, join Aphinia Slack channel here >
Bad guys have been busy recently 📈 :
NATO says it is addressing an apparent cyberattack after strategy documents posted online.
Lyca Mobile says customer data was stolen during cyberattack
23andMe user data stolen in targeted attack on Ashkenazi jews and Chinese nationals.
Builders Mutual disclosed the hack affected 64,761 individuals, per a filing with the state of Maine.
Payment card details accessed in Motel One hack.
McLaren Health Care confirms ransomware hack, patient data possibly at-risk.
Hackers stole user database from European telecommunications standards body.
ECHN cyberattack compromised Social Security numbers, financial info and patients' medical records.
But a handful of guys were nabbed 👮♀️:
Brian Krebs doxxed the founder of the Snatch ransomware group.
8-year prison sentence for New Hampshire man convicted of running unlicensed bitcoin business.
Hong Kong and Macao police arrest 4 more people linked to JPEX cryptocurrency platform.
BEC scammer pleads guilty to part in $6m scheme.
Global crackdown on dark web drug market: 300 arrests and $53 million seized.
Stay safe.
Misha Sobolev
Aphinia