In a recent special bonus episode of Channel Insider: Partner POV, host Katie Bravo had the opportunity to sit down with Cody Kretzinger, Principal Security Advisor at Galactic Advisors and former LulzSec hacker. Kretzinger’s insights shed light on the current cybersecurity landscape and the increased risks that businesses face heading into 2024.
During the interview, Kretzinger emphasized the growing threat of ransomware attacks, particularly targeting healthcare facilities. He highlighted the need for organizations to strengthen their defenses as threat actors no longer adhere to previous agreements that protected critical infrastructure. This disregard has led to disruptions in patient care and organizational operations, showcasing the urgent need for enhanced cybersecurity measures.
The emergence of younger cybercriminals, such as groups like Scattered Spider, presents a new challenge for cybersecurity professionals. Kretzinger discussed the recruitment of teenagers through online gaming platforms and the use of digital and physical tactics by these youth-driven entities. He also pointed out that some of these groups are willing to take extreme measures, such as physical assaults, to obtain sensitive information for cybercrime attacks.
To protect themselves, organizations must prioritize proactive vulnerability management and continuous monitoring, ensuring systems are up-to-date and vulnerabilities are promptly patched. Kretzinger also stressed the importance of adopting zero trust principles to distribute security controls across all assets within an organization, enhancing resilience against cyber threats.
In the second part of the interview, Kretzinger highlighted the challenging timeline for detecting ransomware attacks and stressed the importance of robust cybersecurity hygiene. He explained how threat actors exploit vulnerabilities and move laterally within networks, often remaining undetected for extended periods before deploying ransomware.
Kretzinger warned against having ‘just OK’ cybersecurity hygiene, emphasizing the need for organizations to have comprehensive security measures in place. He recommended a proactive approach, combining tools like endpoint detection and response, extended detection and response, and managed detection and response to stay ahead of suspicious activity.
Addressing concerns around emerging AI technologies, Kretzinger underscored the importance of data classification and sensitivity labels to safeguard sensitive information. He advised solution providers to leverage cybersecurity incidents as learning opportunities, prepare clients for breaches, and emphasize the value of administrative controls to enforce employee compliance.
As the executive director of Galactic Advisors and the Illinois Cyber Foundation, Kretzinger invited viewers and listeners to connect with his organizations for tailored guidance on security hygiene and to get involved with educating vulnerable individuals on cyber threats. By following Channel Insider: Partner POV for more expert interviews and industry insights, businesses can stay informed and enhance their cybersecurity posture in the face of evolving risks.