CFH #8 – Jason Lewkowicz
Full Audio
View Show IndexSegments
1. MSSP Mental Health: Minimizing Stress & Burnout – Jason Lewkowicz – CFH #8
The life of a Cybersecurity professional is not for the faint of heart. The job can be stressful, sometimes thankless. And when an attack transpires, you can work long hours knowing the fate of your employer is on the line. Or in the case of an MSSP, the fate of your client. You might even argue that being a managed security services provider magnifies the stress and burnout factor because you must answer to multiple companies at once – all with high expectations of you. With that in mind, this session will examine key policies and strategies that you can institute to relieve your employees of some of this burden. Plus how to manage security professionals through a security crisis or difficult time in order to minimize the emotional toll.
Guest
Jason Lewkowicz is a results-driven senior executive with more than more than two decades of experience in IT and security, including in risk governance, crisis management, IT/security transformation, outsourcing and operations.
As executive vice president and chief services officer for Optiv, Lewkowicz is responsible for leading our services organization and evolving our overall services capabilities.
Lewkowicz joined Optiv from Cognizant Technology Solutions, where he was the global chief information security officer (CISO). Prior to Cognizant, he was the deputy CISO of Accenture and was instrumental in building, developing and transforming their information security organization. He led a team of more than 100 security operations and response professionals across seven countries.
In addition to a bachelor’s degree in business management from DePaul University, Lewkowicz holds certifications from ISACA, ISC² and Open Text/Guidance Software. He frequently presents at industry conferences, and has served on advisory boards for Symantec, McAfee, Digital Shadows, VMWare, Immersive Labs and FireEye/Mandiant.
Hosts
2. Know Your Enemy: Gathering Intel on the Ransomware-as-a-Service Business Model – CFH #8
In late January, law enforcement officials disrupted the operations of the Hive cybercriminal group, which has profited off of a ransomware-as-a-service (RaaS) business model. And though the takedown was an inspiring victory, there’s plenty more ransomware where that came from. Indeed, Microsoft just reported that at the conclusion of 2022 it was tracking more than 100 threat actors using over 50 different ransomware families to extort victims. And many of these criminal networks operate like professional businesses in this underground economy. Bottom line: there’s still a lot of work to be done, and it begins by collecting and communicating the right cyber threat intelligence to profile these threat actors and understand how they operate, so we can anticipate and defend against their next move. In this segment, we will discuss the responsibility of the MSSP to understand their opponents while keeping their clients abreast of the latest intelligence reports and adversary TTPs.
Hosts
- 1. Microsoft: Over 100 threat actors deploy ransomware in attacks
- 2. NIST Releases Potential Updates to Its Cybersecurity Framework
- 3. Shady Hacking 1nstrument Makes Machine Enrollment Retreat
- 4. Google looking into fix for SH1MMER exploit that can unenroll Chromebooks
- 5. Apple Patches Exploited Zero-Day Vulnerability Targeting iPhones, iPads and Macs
- 6. https://www.scmagazine.com/analysis/identity-and-access/keepass-disputes-report-of-flaw-that-could-exfiltrate-a-database