Pete Nicoletti is a Field CISO for the Americas region at Check Point. Pete has 32 years of security, network, and MSSP experience and has been a hands-on CISO for the last 17 years. Pete’s cloud security deployments and designs have been rated by Garter as #1 and #2 and he literally “wrote the book” on secure cloud reference designs, as published by Intel Press: “Building the Infrastructure for Cloud Security: A Solutions View.”
If you’ve noticed the recent, alarming surge in targeted phishing, successful ransomware attacks and exfiltrations plaguing government agencies, you’ll want to explore these crucial insights around proactive prevention and how to strengthen defenses.
In this interview with Check Point CISO Pete Nicoletti, discover why government agencies are prime hacker targets, delve into recent cyber security breaches, and find out about how to deftly avoid potentially ruinous cyber threats.
Tell us about the phishing and ransomware trends that you’re seeing among government agencies:
We now have millions more college-level English speakers and above-average Python programmers, as ChatGPT enables this for $20/month! ChatGPT can pass advanced English and has an IQ over 120! Highly targeted phishing/whaling emails using previously exfiltrated information, combined with over-posted social media information, are enabling criminals to create familiarity with their target. Once accomplished, they add a sense of urgency and the result is a significant click rate on phishing emails.
Government agencies are losing….Why? They are the #1 target, and email is the #1 vulnerability/malware delivery vector.
Why have CISOs struggled to prevent nation-state attacks in the past?
- Disparity in resources between offense vs. defense
- As per Christopher Ray: Chinese Communist Party hacking resources are ~50 – 1 vs U.S. federal staff resources
- Poor tool selection, not based on efficacy, but based on lowest price only
- Dependency on substandard cloud service provider/email provider tools
Microsoft tools protecting Outlook are just not good enough…
Can you share two or three best practices you’d like to see government agencies adopt?
- Evolve from traditional gateway solutions to API-based architecture.
- Don’t trust tools that are bolted onto your license. Again, they are not good enough.
- Analyze tools for efficacy during the purchase phase. Demand 3rd party test results, test in your environment with real traffic and loads.
Why is phishing prevention through an AI-driven inline, API architecture most effective?
Security by obscurity: Hackers cannot easily determine what security technology is in use. Gateways are trivial to identify and then they test their phishing and malware against them.
Scalability: API-driven technology can scale with message volume and can be easily deployed, managed, and upgraded….or added in-line with other tools.
You must have AI-driven analysis to keep up with AI-driven threats. Old signature-based tools and end-user reporting of spam are not good enough to protect critical assets.
If you work for or with government agencies and would like more information from CISO Pete Nicoletti regarding cyber security best practices and technologies, please click here or join this webinar.