Table of Contents

    About the Author

    Brian Ahern

    Brian Ahern

    Brian Ahern, CEO of CyberMaxx, has over 20 years of cybersecurity experience and a track record of building disruptive tech companies. Brian joins CyberMaxx after serving as Chairman and CEO of cloud infrastructure security company Threat Stack. Joining in 2015, he successfully led the company through exponential growth and eventual acquisition by F5 Networks in 2021. Prior to Threat Stack, Brian founded Industrial Defender in 2002 and served as its CEO, successfully leading that company through a significant acquisition by Lockheed Martin in April 2014. With an electrical engineering degree from the University of Vermont, Brian brings a wealth of expertise and knowledge to his role as CEO. He's dedicated to driving CyberMaxx to new heights and revolutionizing the tech industry along the way. Connect with Brian on LinkedIn

    More Articles

    Additional Resources:

    Ransomware Research Report | Q3 2024 – Audio Blog Interview

    Ransomware Research Report | Q3 2024 – Audio Blog Interview

    Research

    3 min read

    CyberMaxx Q3 2024 Ransomware Research Report Shows 2% deviation in the volume of attacks, and an 8.5% increase in active groups compared to Q2

    CyberMaxx Q3 2024 Ransomware Research Report Shows 2% deviation in the volume of attacks, and an 8.5% increase in active groups compared to Q2

    Research

    2 min read

    Hello, cybersecurity enthusiasts! Brian Ahern, CEO of CyberMaxx, here with another roundup of LinkedIn content.

    With three posts last week, I covered exciting and highly engaging topics. These include the history of phishing, transparency in startup leadership, and the emerging triple extortion ransomware threat.

    To make it easy for our valued customers, partners, and other stakeholders, we’ve provided all these excellent insights in one educational blog post — accessible to our audience right from the CyberMaxx blog.

    So, without further ado, here’s a summary of each post, plus links to access the full LinkedIn article.

    Evolution of Phishing Attacks & Role of MDR for Prevention

    Phishing is the leading attack vector resulting in cybersecurity incidents. So, it only made sense that I wrote a LinkedIn post on the history and evolution of phishing attacks.

    In short, the early beginnings started with simple online scams in the 1980s, which later converted to email phishing in the 1990s. New technology led cyber scammers to deliver more realistic, enticing phishing emails and websites in the early 2000s. Then, by the mid-2000s, we saw the rise of spear phishing that targeted individuals rather than the masses.

    By the 2010s, threat actors started deploying phishing kits and running campaigns on autopilot. Fast-forward to today, phishing tactics are far more advanced. Actors now use a variety of channels, such as email, text, voice calls, and social media, plus nuanced techniques like domain spoofing, URL obfuscation, and advanced social engineering to deceive victims.

    And as a cybersecurity expert, I couldn’t leave my audience unprepared. So, I also included ways a Managed Detection & Response (MDR) partner could become part of your phishing prevention strategy. These include:

    • Continuous monitoring for phishing indicators on your network
    • Threat intelligence to recognize phishing indicators, tactics, and trends
    • Advanced detection techniques using AI, ML, and email analysis to identify potential phishing
    • Incident response to contain, mitigate, and investigate a phishing incident
    • User training and awareness for phishing attempts
    • Integration with existing security tools to expand visibility into potential phishing threats across the IT network
    • Proactive phishing threat hunting
    • Policy and procurement development to create and enforce requirements that reduce phishing attack risk

    Check out the complete history of phishing and prevention tactics in the LinkedIn article here.

    Transparent Leadership Pros & Cons in Startup/Growth Stage Company

    In a pivot from my typical cybersecurity content, I took my two decades of CEO experience in startup and growth companies to post about leadership. More specifically, transparency with employees.

    I believe you owe it to employees to provide a clear vision and vital information to gain their trust. I also understand, however, that there are situations where the sensitive nature of topics and NDAs demand withholding information until an appropriate time. All that said, my LinkedIn post provided the pros and cons of transparent leadership.

    Starting with the positives, transparent leadership…

    • Helps build employee trust and customer confidence
    • The team stay more informed and creates a more collaborative culture
    • Provides clearer expectations and performance tracking capabilities to your team for enhanced accountability
    • Allows you to swiftly respond to crises and maintain a solid reputation via honesty
    • Creates a more appealing workplace for top-level talent

    Now, the downside. Transparent leadership, unfortunately…

    • Puts your team at risk of information overload that can distract them from core tasks
    • Increases exposure of sensitive information and creates a bigger target for cyber attackers
    • Can cause fear and uncertainty at the workplace — leading to employee anxiety that impacts morale
    • Could deteriorate your competitive advantage if inside information or intellectual property goes public
    • Leads to management challenges like trying to balance transparency with confidentiality, plus misinterpretations of information delivered

    Get the detailed list of pros and cons in my LinkedIn article.

    Ransomware Triple Extortion

    In my third post of the week, I had to do a little fear-mongering. Ransomware is already scary enough. But now, we’re not just dealing with single-extortion or even double-extortion ransomware. Cybercriminals have resorted to triple extortion to maximize payouts and leverage.

    My article first dives into each layer of ransomware extortion:

    • First extortion: Attackers encrypt the target’s data and send a ransom note with payment instructions and the threat. (comes with operational downtime risk since data is inaccessible)
    • Second extortion: Attackers exfiltrate sensitive information and threaten to publicly release it if the victim refuses to pay the ransom. (comes with potential reputational damage, regulatory penalties, and loss of public trust)
    • Third extortion: Attackers begin demanding ransom from third parties of the victim, including partners, clients, or vendors, deliver DDoS attacks, and then harass individual employees or customers to pressure the target to pay. (comes with supply chain issues and puts more organizations at risk)

    After covering the differences, I briefly explained the implications of triple extortion ransomware. First, there’s increased financial impact since the ransom demand is higher and comes with the indirect costs of an attack. It can also damage a brand’s reputation and come with legal and regulatory consequences.

    While a scary scenario, I also provided strategies to combat triple extortion. These include:

    • Adopting robust measures like advanced threat detection and endpoint protection to monitor for
    • ransomware threats and promptly respond
    • Protecting data with encryption and having systems constantly backed up in an isolated environment
    • Rigorous incident response planning for ransomware scenarios
    • Providing employee training and awareness to prevent breaches that lead to ransomware
    • Working with security experts like MDR providers and forensic analysis teams to manage and prevent ransomware incidents
    • Partnering with legal and public relations teams to navigate regulatory and reputational exposure

    Prepare your business for this emerging threat by reading the complete LinkedIn article.