Security Expert Interview Series: Ryan Cloutier
We recently checked in with Ryan Cloutier to learn about how small businesses can do a better job of protecting themselves against cyber-attacks and other interesting topics. Ryan is an experienced IT/Cyber Security professional with over 15 years of experience developing Cyber Security programs for Fortune 500 organizations. As a Certified Information Systems Security Professional CISSP®, Ryan is also proficient in cloud security, Dev-Ops, and Sec-Ops methodologies, security policy, process, audit, compliance, network security, and application security architecture. Now, explore his insights below.
1. How did you first get involved with cyber security, Ryan? Could you please share a project or inspiration with us that prompted your involvement?
For as long as I have been involved with computers, I have been fascinated by the idea of computerized (cyber) security, this concept that you can use 1’s and 0’s to secure other 1’s and 0’s and to secure the physical world by electronic means. My natural curiosity led me to want to know how cybersecurity worked.
When I first started working in the IT industry “cybersecurity” was relatively unheard of. I was working as a software developer at the time and quickly found I was the only person to speak up about the security implications and impacts of our design decisions.
This trend of worrying about the security aspects of my work continued at several other places of employment. Each project would present old and new security challenges, because I would speak up about my concerns, I was given opportunities to learn and work with cybersecurity more and more. I found working on the security aspects of the project were far more interesting and exciting to me than the other aspects of my job, and that is what ultimately lead me to peruse cybersecurity as a full-time career.
2. As a passionate cyber security thought leader, we would like to know what motivates you to keep pushing ahead every day in the security field?
What keeps me motivated to keep pressing forward each day is a combination of knowing the work we do in cybersecurity helps to protect people from harm and is important to a stable and safe future, contributing to something larger than myself and the fact that cybersecurity is a dynamic and evolving field with lots of new opportunities and challenges to overcome. I have lots to be excited about each day to keep me motivated to fight the good fight.
3. What has been the most important lesson you have learned in 2021 thus far through your work in cyber security?
Technology alone will not solve cybersecurity concerns; we need the active participation of the consumers of technology. Most cybersecurity systems and programs are overly complex making them difficult to secure and cumbersome on the end-user. Simplified systems and steps for the users have never been more important than it is now.
People play a huge role in cybersecurity, personal security habits, and level of personal connection to the topic are the most critical aspect of any business or personal cybersecurity plan/ posture.
4. What are some examples of how small businesses can do a better job of protecting themselves against cyber-attacks?
By taking a more proactive approach to protecting the digital side of their business, a small business can reduce the chances of being the victim of cybercrime with a few simple steps:
- Offline backups 3-2-1 method (e.g., 3 copies, 2 different locations 1 offsite).
- Separating customer use Wi-Fi from the business Wi-Fi.
- Having a basic Disaster Recovery and a business Continuity Plan in place, this doesn’t have to be complex, a simple one is better than none.
- Keeping systems and software up to date with the latest software updates and security patches.
- Finding and working with a cybersecurity partner to be sure they have the adequate level of protection in place for their business.
5. What types of cyber threats are the most complicated to detect? Maybe you can give an example from real life?
In my opinion, the most complicated threats to detect are decentralized, distributed IOT based threats, this is due to a couple of factors mainly IoT devices lack security controls and or are not monitored for threats like other devices. Using a decentralized and distributed model makes it harder to detect traffic patterns.
An example of this from real life would be when a K-12 school I was working with saw a substantial increase in the amount of power being consumed in the middle of the night over the last few months, this was clearly suspicious as that should be the time of the day the least amount of power is being consumed.
After several days of investigation, it was discovered that a student has installed some bitcoin miners in the data centre, and in addition, was using software to use the CPU cycles of the smart lightbulbs as well as other IoT to get the maximum amount of processing power for his bitcoin mining operation. This attack was complex to detect as it was distributed, running on poorly monitored systems with minimal traffic being sent across the network.
6. What do you predict to be key trends in cyber security over the next 5 years?
Increased focus on the at-home security habits of the remote worker.
With remote work here to stay, the at-home / remote security habits and practices of employees will be a main area of concern for cybersecurity.
An Increase in insider threats motivated by social, political, or personal ideologies.
The increase in mandates by employers may conflict with the personal beliefs of some of their employees. We expect to see more retaliation type attacks. This could be employees selling their credentials to cybercriminals or installing malware and ransomware directly on the network themselves.
Ransomware/data leaks targeting the individual person.
With the continuing changes to ransomware insurance and changes to the legal landscape regarding ransom payments, it will become harder for the ransomware gangs to get the big payouts, this will cause a shift to smaller businesses and the individual person being attacked. We have already seen some early examples of this when criminals threatened individuals with the release of their mental health records stolen from a clinic if payments were not made.
Focus on mobile device cybersecurity
With most of the world now using a mobile device for some aspect of their digital life and with the growing adoption of using a mobile device for MFA. We will see more attacks against mobile devices. From new spyware designed to intercept encrypted messaging to mobile-based DDOS attacks against employers, there will be a whole new slew of threats to address in the mobile device and application world.
AI, Automation, and advanced social engineering attacks.
With the rise and ease to acquire and utilize deep fake technology, automation, and artificial intelligence. will continue to raise new threats and vulnerabilities, we will see an increase in the sophistication and volume of social engineering attacks using these new techniques. With a fair amount of people still working remote and with the potential from more restrictions due to new variants of COVID.
Cybercriminals are taking full advantage it has never been easier to fake the bosses voice or writing style. Employers will need to adopt new verification methods and strategies to keep ahead of the cybercriminals use of this new technology for conducting social engineering attacks.
7. How do you stay up to date with industry news and updates regarding information security? Feel free to share your top 3 sources with us.
In an industry with a never-ending stream of new threats and changing trends, keeping up can be a bit of a challenge. Some of the Top resources I use to stay aware of what is happening are Dark reading (https://www.darkreading.com/), Threat Post (https://threatpost.com/) and The Daily Swig (https://portswigger.net/daily-swig). My main resource for breaking news on emerging threats is infosec Twitter and my social media networks.
Click here to learn more about the Swiss Cyber Institute’s approach towards improving the digital safety and security of society and economy through education and weekly blog posts. Do you think you are a good fit to participate in our Security Expert Interview Series? Reach out to us for more information.