Nicole Perlroth

How we rise to that challenge is the question we all have to reckon with. I wish I could tell you it's as easy as setting up a firewall and updating your antivirus software. But unfortunately, it's a lot harder than that. I've long said that if cybersecurity was purely a technical problem, we would have solved it decades ago. But we didn't solve it.

How we rise to that challenge is the question we all have to reckon with. I wish I could tell you it's as easy as setting up a firewall and updating your antivirus software. But unfortunately, it's a lot harder than that. I've long said that if cybersecurity was purely a technical problem, we would have solved it decades ago. But we didn't solve it.

And that's because technology is only part of the solution. This is a whole-of-society problem. It's an education problem. It's an incentives problem. It's a question of resource allocation. It's a leadership problem, a culture problem. To truly solve our cybersecurity predicament requires a complete rewiring of how we think about our borders.

And that's because technology is only part of the solution. This is a whole-of-society problem. It's an education problem. It's an incentives problem. It's a question of resource allocation. It's a leadership problem, a culture problem. To truly solve our cybersecurity predicament requires a complete rewiring of how we think about our borders.

Americans still like to pretend we live on an island, protected by two vast oceans. But on the internet, those oceans no longer exist. Our enemies, they're mere milliseconds away. And in too many cases, they're already here.

Americans still like to pretend we live on an island, protected by two vast oceans. But on the internet, those oceans no longer exist. Our enemies, they're mere milliseconds away. And in too many cases, they're already here.

That was Andrew Scott. And what he's talking about here is cyber resilience. Now, resilience can come across as just a buzzword or worse. If you turn your attention to what to do once intruders are inside, it might seem like you're throwing up your hands, throwing open the doors. But shifting our focus to resilience isn't giving up. It's facing the reality of the situation.

That was Andrew Scott. And what he's talking about here is cyber resilience. Now, resilience can come across as just a buzzword or worse. If you turn your attention to what to do once intruders are inside, it might seem like you're throwing up your hands, throwing open the doors. But shifting our focus to resilience isn't giving up. It's facing the reality of the situation.

If we can't deter them from getting in, and we can't keep them out, then how do we make sure that the worst day is not the last day? That a breach of you, of your supplier, of your local water department, power, that it's limited in scope, in duration, in impact.

If we can't deter them from getting in, and we can't keep them out, then how do we make sure that the worst day is not the last day? That a breach of you, of your supplier, of your local water department, power, that it's limited in scope, in duration, in impact.

A clarion call to action. Which brings me to you, dear listener. It's incumbent on each of us to think very hard about where we fit in this ecosystem, because it only takes one of us to be an entry point or a roadblock. It is true that security is only as good as its weakest link. And in too many cases, that weak link is us. Hackers aren't breaking in anymore. They're logging in.

A clarion call to action. Which brings me to you, dear listener. It's incumbent on each of us to think very hard about where we fit in this ecosystem, because it only takes one of us to be an entry point or a roadblock. It is true that security is only as good as its weakest link. And in too many cases, that weak link is us. Hackers aren't breaking in anymore. They're logging in.

They're using our recycled passwords. They're exploiting our lack of multi-factor authentication. That's how hackers breach colonial pipeline and more recently change healthcare and the entire health system with it. We need to start taking cyber hygiene dead seriously. But we also need to start gaming out fallback systems that hold even when the lights go out. I'm talking about backups.

They're using our recycled passwords. They're exploiting our lack of multi-factor authentication. That's how hackers breach colonial pipeline and more recently change healthcare and the entire health system with it. We need to start taking cyber hygiene dead seriously. But we also need to start gaming out fallback systems that hold even when the lights go out. I'm talking about backups.

Backup control rooms, backup data rooms at alternate locations, tighter controls, air gaps. So if a hacker does get into the business systems of, say, Colonial Pipeline... they can't de facto shut down our pipelines too and take the nation down with it. Or if they do get into the pipeline, we have ways to override their commands to limit the scope and hasten the recovery. Back to Dale Peterson.

Backup control rooms, backup data rooms at alternate locations, tighter controls, air gaps. So if a hacker does get into the business systems of, say, Colonial Pipeline... they can't de facto shut down our pipelines too and take the nation down with it. Or if they do get into the pipeline, we have ways to override their commands to limit the scope and hasten the recovery. Back to Dale Peterson.

There's a great untold story in the early days of the Ukraine war. The abbreviated version is that Russia launched an unprecedented cyber assault on Ukraine from all angles. It didn't get much attention at the time. It still doesn't, especially when the bomb started to drop.

There's a great untold story in the early days of the Ukraine war. The abbreviated version is that Russia launched an unprecedented cyber assault on Ukraine from all angles. It didn't get much attention at the time. It still doesn't, especially when the bomb started to drop.

But in those first days, Russia launched an attack on Viasat, the internet satellite broadband provider that cut off Ukraine's access to the internet. But in came Starlink, which kept Ukraine's connection to the outside world alive and really gave the country a fighting chance. Russia did launch an unprecedented denial of service attack on Ukraine's banks, on government agencies.

But in those first days, Russia launched an attack on Viasat, the internet satellite broadband provider that cut off Ukraine's access to the internet. But in came Starlink, which kept Ukraine's connection to the outside world alive and really gave the country a fighting chance. Russia did launch an unprecedented denial of service attack on Ukraine's banks, on government agencies.