In this episode of Razorwire, I sit down with Rob Black, a dynamic figure in the world of cybersecurity with a unique background in military strategy and defence. From the realms of computer game design to the high stakes world of defusing IEDs, Robert brings unparalleled insight into how we can revolutionise cybersecurity by understanding and manipulating the psychology of our adversaries. This episode is packed with outside-the-box strategies that will transform your approach to defending your network.
In our conversation, Robert and I explore the intersection of human psychology and cybersecurity, emphasising the impact of deception and misinformation on attackers. Robert shares parallels to military tactics and offers practical advice on psychological tools to gain an upper hand in infosec. We discuss real world studies and notable cyber incidents like Stuxnet to underscore the importance of strategic thinking beyond mere technological solutions. Tune in for an engaging discussion that could reshape your cybersecurity practices.
Key Talking Points:
1. Deception Tools and Strategy - Robert explains how to slow down attackers using deception technology, inspired by military tactics, causing them to mistrust their tools and make erratic decisions.
2. Psychological Influence on Threat Actors - Learn how to improve the effectiveness of your network defence by understanding and engaging with the decision making processes of threat actors.
3. Real World Case Studies - We discuss impactful examples, including the NSA's deception studies and the infamous Stuxnet attack, to illustrate how psychological and strategic insights can be applied to bolster cybersecurity efforts.
Join us on Razorwire and arm yourself with revolutionary tactics to stay ahead in the constantly evolving landscape of cybersecurity.
Deception 2.0: Envisioning the Future of Cybersecurity
"So attackers believe the systems they're using because they've got no reason to believe the computer won't lie. So how do we make it, inside our manmade network, that they have to tread carefully because they don't know what to trust and what not to trust?" Robert Black
Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen
- Psychological Defence in Cybersecurity: How we can use psychological tactics, such as inducing paranoia, in defending against cyber threats.
- Effectiveness of Deception: We discuss an NSA study which demonstrates how knowledge of deception impacts penetration testers' speed and decision making.
- Human Factors over Technology: We talk about the merits of using human behaviour analysis and psychology alongside technology for cybersecurity strategies.
- Corporate Espionage and Misinformation: How to use misinformation and disrupt attackers’ expectations as part of your defence strategy.
- A Multidisciplinary Approach to Cybersecurity: We discuss the merits of incorporating diverse perspectives, including arts and philosophy, into cybersecurity education and strategy.
- Vendor and CISO Relationships: Why vendors must understand and address the real problems faced by CISOs.
- Proactive Defence Strategies: Why we need to move beyond assurance to proactive measures in cybersecurity defence.
- Shift in Cybersecurity Mindset: How to progress the growing recognition of cybersecurity as a critical business threat and the importance of improved risk assessments.
- Influence of Deception Technology: How we can use fake networks and behavioural economics techniques to manipulate attackers' behaviour.