Interview with Byron V. Acohido: investigative journalist, privacy, and security expert
For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. Acohido to share his ideas about the current cyber threat landscape, the biggest threats for businesses today, the role of AI and machine learning in cyberattacks and cyberdefence, and the most effective methods for companies to protect themselves.
Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security. He previously chronicled the emergence of cybercrime while covering Microsoft for USA TODAY. His news analysis columns, podcasts, and videos are crafted to foster a useful understanding of complex privacy and cybersecurity developments for company decision-makers and individual citizens — for the greater good.
So, let’s get started. How did you first get interested in cybersecurity as a career? What drew you to this field?
I was initially drawn to cybersecurity as a USA TODAY technology reporter assigned to cover Microsoft. I held this position from 2000 through 2014, during which time Windows emerged as a prime target for both precocious script kiddies and emerging criminal hacking rings. I began to research and write about the drivers behind what was happening to businesses and to individual consumers using Windows, both the evolving threats and the emerging business/home network defenses.
How has the cyber threat landscape evolved since you first got into cybersecurity?
Since I started, the cyber threat landscape has grown exponentially, with more sophisticated attacks and diverse attackers ranging from individual hackers to professional criminal rings to state-sponsored entities. We’ve arrived at a critical juncture: to enable the full potential of the Internet of Everything, attack surface expansion must be slowed and ultimately reversed. A shift from legacy, perimeter-focused network defenses to dynamic, interoperable defenses at the cloud edge, directed at ephemeral software connections, must fully play out.
To enable the full potential of the Internet of Everything, attack surface expansion must be slowed and ultimately reversed.
What cybersecurity technologies are you most excited about right now?
On the software side of things, some exciting breakthroughs are about to gain meaningful traction in leveraging machine learning and automation to shape new security platforms and frameworks that are much better suited to helping companies implement cyber hygiene, as well as execute effective, ongoing threat detection and incident response. Adding to this will be very smart uses of generative AI – centered around wisely directing LLM capacities onto specific data lakes containing threat intelligence information. On the hardware side, major advances in semiconductors as well as rising deployment of optical-based networking hubs will make a huge difference in efficient management of vastly interconnected, highly interoperable systems; amazing new digital services will be the result — and also improved cybersecurity and robust digital resiliency. These emergent software and hardware advances will pave the way for factoring in quantum computers.
What are some of the biggest cyber threats that businesses face today?
The economic impact of phishing, ransomware, business logic hacking, Business Email Compromise (BEC) and Distributed Denial of Service (DDoS) attacks continues to be devastating. However, I’d argue that the fundamental cyber threat is within: in the lack of awareness and/or lack of due diligence on the part of company decision-makers who leave their organizations vulnerable; such leaders have been slow to embrace cyber hygiene practices and fail to grasp why they need to wisely select the security tools and services that can make their organization more resilient to cyber attacks.
The fundamental cyber threat is within: in the lack of awareness and/or lack of due diligence on the part of company decision-makers who leave their organizations vulnerable.
Could you share your thoughts on the role of artificial intelligence, machine learning and the growth of IoT devices in both cyber defense and cyberattacks?
Organizations are oriented toward leveraging these technologies to innovate and gain competitive advantage, without paying close enough attention to how they also expand their network attack surface. Their dual-edged nature demands careful implementation and management. The flip side (and the good news) is that we’re entering an era where advanced cloud configuration, threat detection and threat response capabilities that leverage machine learning and automation are more readily available than ever before. More good news: there’s a trend toward increasingly proficient MSSPs stepping forward to help SMBs, mid-market enterprises and large enterprises do this.
Deep fakes are becoming more sophisticated. How can individuals and organizations detect and protect themselves against the misuse of deep fake technology?
To detect deep fakes, organizations can use digital watermarking, AI-driven detection tools, and media provenance tracking.
In your opinion, what are the most common cybersecurity mistakes that companies make?
Companies often underestimate threats, neglect basic cyber hygiene, and fail to educate employees on cybersecurity.
What are some of the most common social engineering tactics that cybercriminals use?
Phishing, pretexting, SMS toll fraud, baiting and tailgating are among the common tactics used by cybercriminals.
What role does human error play in cybersecurity incidents? How can companies minimize risks?
It’s a significant factor in many breaches. Regular training and simulations can help reduce risks associated with human errors.
Regular training and simulations can help reduce risks associated with human errors.
How has the ransomware threat evolved in recent years?
It’s gone from simple file encryption to multifaceted, multi-staged attacks that leverage Dark Web services, such as initial access brokers (IABs,) as well as make use of Living off the Land (LotL) embedded tools. To subvert improved network defenses, ransomware purveyors continually innovate to penetrate deeply, avoid detection, cause disruption and ultimately put the targeted company in a posture where paying the ransom is the least evil.
What are the cybersecurity implications of remote workforces?
Post-COVID-19, the shift to a remote workforce is here to stay. Zero trust — and more specifically, zero-trust network access, or ZTNA — thus has become a must-have capability. A user gets continually vetted, with only the necessary level of access granted, per device and per software application; and behaviors get continually analyzed to sniff out suspicious patterns. Remote access is granted based on granular policies that take the least-privilege approach.
What are some of the most effective methods for companies to protect themselves from cyberattacks?
Gaining accurate visibility of all cloud and on-premise digital assets; configuring cloud IT infrastructure wisely; adopting ZTNA principles; implementing robust cyber hygiene, based on NIST standards; conducting regular audits, including advanced penetration testing; conducting ongoing, effective threat detection and response; and implementing leading-edge software applications security practices for all software development and deployment, including software updates — these are the best practices of the moment.
What advice would you give to leaders to improve cybersecurity culture in their organizations? What is the role of cybersecurity awareness training for a company’s employees?
Leadership should prioritize cybersecurity at all levels. Regular awareness training for employees is indispensable.
Leadership should prioritize cybersecurity at all levels. Regular awareness training for employees is indispensable.
Do you think cyber insurance should play a bigger role in companies’ cybersecurity strategies? What factors should organizations consider when selecting a cyber insurance policy?
It’s an important risk management tool. Organizations should consider coverage limits, policy exclusions, and incident response assistance when selecting a policy.
What role should governments play in combating cybercrime?
Governments and industry standards bodies are, in fact, moving methodically to drive adoption of stricter privacy and data security standards in areas such as IoT home device safety, data privacy, software bill of materials, supply chain security. Organizations can and should get ahead of these compliance trends to gain competitive advantage and to assure long-term viability.
How do you see cyberwarfare between nation-states shaping up in the future?
It has been steadily intensifying and can be expected to continue to do so, with Russia, China and North Korea continuing to improve their respective positions to carry out attacks on critical infrastructure, while also continuing to manipulate social media and mainstream news outlets — to spread disinformation campaigns in order to gain strategic advantages. Russia, China and North Korea are setting an example; lesser nations with despot leaders are likely to play copycat – and develop and utilize their versions of asymmetrical warfare for self-serving reasons. Where this all leads is unknowable.
What advice would you give to someone looking to get started in a cybersecurity career?
Stay curious, keep learning and seek mentors. Experience in the field is as valuable as formal education.
What skills or certifications do you think are most important for cybersecurity professionals to have?
While certifications like CISSP and CISM are valuable, hands-on skills, critical thinking, and problem-solving are equally important.
What are the top three sources of information about cybersecurity you can recommend to people who want to stay up on developments in this area?
Stay updated with reports from cybersecurity firms, follow cybersecurity news portals, and join professional networks and forums.
What is your vision for the future of cybersecurity over the next decade? What trends do you expect to see? What gets you most excited?
Massive interconnectivity at the cloud edge is just getting started and will only intensify, going forward. This portends amazing advancements for humankind – but first a tectonic shift in network-centric security must fully play out. The stakes are sky-high, and the cybersecurity industry is at a critical juncture. A new tier of overlapping, interoperable tools, platforms and frameworks is direly needed. This new architecture must result in security getting baked deep inside the highly interconnected systems that will give us autonomous transportation, climate-rejuvenating buildings and spectacular medical breakthroughs.
The stakes are sky-high, and the cybersecurity industry is at a critical juncture. A new tier of overlapping, interoperable tools, platforms, and frameworks is direly needed.
Like this interview? Visit lastwatchdog.com for more takes from Byron on how to make the internet as private and secure as it ought to be.
Connect with Byron: LinkedIn
Erin has worked with and inside tech companies for most of her career, including in cybersecurity.