Recent Posts
Welcome New Member – Sapann Talwar from Australia
Please welcome our newest member from Australia, Sapann Talwar Sapann is a seasoned Cybersecurity and Risk management practitioner with 26+ years of industry experience. He specializes in safeguarding ‘Data’ against evolving cyber threats and has a strong track record in developing and executing security strategies …
“What Happens to Heroes?” – Episode #5: The Unsung Heroes of the Digital World
The Psychological Impacts of Cyberattacks
This is the fifth episode in our ongoing series about the individuals who, in a matter of moments, transition from employees to rescuers in the aftermath of a destructive cyberattack.
These are what I call the “Heroes.”
Let’s Rewrite the Story of a Cyberattack
“With the support of the CIO, I can say that things got structured very quickly, so we were automatically well supported. After that, we quickly fell back into the ways of the crisis. Management would come
back with priorities, and push for things to come back right away, when we hadn’t even finished putting the basic systems back together…”
Excerpt From the Interview
My book is dedicated to encouraging companies to consider the human aspect in the context of cyber-attacks. But coaching has only been part of my professional practice for the past 4 years. For over 25 years now, my career has been centered on helping customers strengthen their data resilience. This scenario is freely inspired by one of my corporate clients …
In this episode, I will fictionize a cyberattack, but by suing what I call a non-winning scenario. A non-winning scenario is when a company do not consider security as a strategic priority. No goal, no failure until the incident happens.
Typical identification factor: “Zen attitude”
Once upon a time, there was a company without living in complete ignorance of the risks of cyberattacks. While this scenario may seem like the previous one at first glance, the mindset is completely different, it is closer to that of a child living in a fantasy world.
This situation is a lose-lose for the company, which overlooks the importance of IT resilience, mistakenly believing cyberattacks are unlikely. The company has little reason to invest in training. As there is little oversight, best practices are rare or only exist thanks to a few individuals. As a result, its IT systems become outdated due to inactivity and lack of engagement, with projects left unfinished. Although it may seem trivial, this scenario is dangerous – we’re facing a state of delusional complacency.
A non-winning scenario could be marked by frustration among teams and between management levels due to inconsistencies between stated policies and actual practices. This could create ongoing tension around cybersecurity. Although the IT infrastructure may be effective and efficient, the company’s economic success relies on easy business. Thus, the level of cyber resilience ultimately depends on the technical staff’s motivation. Some individuals may prioritize the protection of IT systems over their own well-being and relationships, creating an unhealthy work-life balance that would need rectification.
In the event of a cyberattack, detection is unlikely unless there are obvious indicators, such as system-wide crashes or explicit warnings. The absence of a well-defined plan often leads to chaos, with leadership responding in fear and frustration. This reaction can be understood, considering their lack of strong alliances with experienced experts. A victim mentality may prevail, with sentiments like “What did I do to deserve this?” or “Why won’t anyone help me when I’m at rock bottom?” The potential consequences of such a scenario are dire, on par with playing Russian roulette with the company’s survival. The ability to recover lost data and the speed at which business applications can be restored will be key factors in determining the outcome.
Managers may suddenly acknowledge their accountability and abruptly alter their position. They will claim to have consistently advocated for security measures, blaming the technical team for not heeding or implementing their suggestions. The technical team is expected to respond with improvement proposals, arguing that they were never funded.
This results in a contradictory period, bordering on schizophrenia, where leaders, who were once held accountable, now adopt the role of saviors. Meanwhile, technicians feel guilty and are burdened with suspicion, potentially being suspected of complicity in the cyberattack. Despite their significant shortcomings and accompanying guilt, these heroes remain committed to their roles, some even developing a deep affection for their computer systems. This devotion pushes them to extraordinary lengths to surmount the crisis. This phase will be characterized by intense emotions, including crying, yelling, and insomnia due to exhaustion. There will also be impulsive actions, mental stress, and conflict within the family.
In the post-incident analysis, it will be stated that the crisis stemmed from a highly unlikely series of events, occurring despite management’s consistent encouragement of IT staff to adopt best practices. Which is a completely unfounded statement that attempts to rewrite the narrative.
Our heroes will face a difficult time. The HR department, which serves as management’s enforcement arm, will strictly penalize those responsible. Those who keep their jobs should count themselves lucky. Any recognition of their efforts will be superficial and insincere. In the future, people will tend to forget about past incidents, but the consequences will persist for years, leading to many resignations and cases of burnout. Some people may suffer physical effects, which will create a sharp contrast between their lives before and after the trauma. They’ll have to cope with the consequences.
The fall of the Heroes!
THINGS TO REMEMBER
There are still many companies who are neglecting to prioritize cyber risk within their strategy. Living carefree is pleasant, but the fall will be all the harder for those affected. This is the worst script.
Stay tuned for the next episode.
About the Author
Didier Annet is an Operational & Data Resilience Specialist and a Certified Professional Coach dedicated to empowering individuals and teams to navigate the complexities of an ever-changing digital landscape.
Find him on LinkedIn: Didier Annet
Learn more in his book:
📖 Guide de survie aux cyberattaques en entreprise et à leurs conséquences psychologiques: Que fait-on des Héros ? (French Edition) – Available on Amazon
English version:
“Survival Guide – The Human Impact of Cyberattacks and the Untold Story of Those Who Respond”
“What Happens to Heroes?”
Available on Amazon
New Podcast – Some More Terrorism, With Bjørn Ihler
We are honoured to welcome Bjørn Ihler, Director of the Sweden-based Khalifa Ihler Institute, as well as founder and CEO of consulting firm Revontulet in Norway. A survivor of the 2011 Utoya Island massacre, Bjørn is an internationally recognised authority and speaker on the topic of terrorist and violent extremist content (TVEC), and has been a major driver of collective efforts to prevent, identify, track, and counteract terrorism both online and in the “real world”.
In the second installment of our conversations about terrorism, we continue our discussion of terrorism and extremism, talking about “fatigue” about the term “terrorism”, extremist groups and materials, and more. See here for part I of this series.
Notes and Links:
As always, we haven’t read all of these in their entirety, and the Wikipedia links are provided as-is, and only meant as a starting point for someone interested in more than just casual information.
05:40 “Global War on Terrorism” – https://www.brookings.edu/articles/nasty-brutish-and-long-americas-war-on-terrorism/
05:58 For example the Abu Ghraib and Guantanamo Bay prisons, numerous examples of “extraordinary rendition” and torture of terrorism suspects, we’ll leave this as an exercise for the viewer/listener.
07:39 Royal Commission report on the 2019 Christchurch mosque shootings: https://christchurchattack.royalcommission.nz/the-report/executive-summary-2/executive-summary
08:59 1996 Dunblane massacre – https://en.wikipedia.org/wiki/Dunblane_massacre
09:01 1996 Port Arthur massacre – https://en.wikipedia.org/wiki/Port_Arthur_massacre_(Australia)
09:05 1999 Columbine High School massacre – https://en.wikipedia.org/wiki/Columbine_High_School_massacre
09:35 2001 Zug parliament massacre – https://en.wikipedia.org/wiki/Zug_massacre
09:51 IS, Daesh – ISIS/ISIL is strictly speaking a region-specific part of IS
10:35 1995 GIA bombings in France – https://en.wikipedia.org/wiki/1995_France_bombings
10:52 July 7 attacks in the UK – https://www.btp.police.uk/police-forces/british-transport-police/areas/about-us/about-us/our-history/london-bombings-of-2005/
10:57 Referring to the 1998 Irish Good Friday agreements that ended a lot of the Irish violence – https://en.wikipedia.org/wiki/Good_Friday_Agreement
11:13 We are not going to link to any here, although in our opinion the Unabomber manifesto is at least worth a read
13:36 https://en.wikipedia.org/wiki/Robert_Evans_(journalist)
13:39 Behind the Bastards on iHeart Radio – https://www.iheart.com/podcast/105-behind-the-bastards-29236323/
13:50 https://www.iheart.com/podcast/105-behind-the-bastards-29236323/episode/the-man-trying-to-resurrect-8chan-52653860/
14:55 Mindf*ck: Cambridge Analytica and the Plot to Break America – https://www.penguinrandomhouse.com/books/604375/mindfck-by-christopher-wylie/
17:57 Gamergate – https://en.wikipedia.org/wiki/Gamergate_(harassment_campaign)
18:01 Pepe the frog branded a hate symbol by ADL in 2016 – https://www.bbc.com/news/world-us-canada-37493165
18:20 Anti-Defamation League hate symbols database – https://www.adl.org/resources/hate-symbols/search
18:35 ((( Triple parentheses ))) (aka “Echo”) around a name/concept and the term “globalist” are often considered to be anti-semitic dogwhistles – https://www.adl.org/resources/hate-symbol/echo
18:42 Michael V. Hayden was director of the US National Security Agency (NSA) – https://en.wikipedia.org/wiki/Michael_Hayden_(general)
18:50 https://www.penguinrandomhouse.com/books/566537/the-assault-on-intelligence-by-michael-v-hayden/
19:04 “Astroturfing” – the creation of a fake “grass roots” (or authentic, organically driven) propaganda and influence campaign. So called because astroturf is fake grass…
19:18 Before you yell at us, I strongly recommend this book for some well researched and balanced historical context: https://iupress.org/9780253220707/a-history-of-the-israeli-palestinian-conflict-second-edition/
20:15 https://www.populismstudies.org/Vocabulary/identitarians/
20:32 https://en.wikipedia.org/wiki/Pegida
21:04 Alternative für Deutschland – https://en.wikipedia.org/wiki/Alternative_for_Germany
21:05 Freiheitliche Partei Österreich – https://en.wikipedia.org/wiki/Freedom_Party_of_Austria
21:07 Sverigedemokraterna – https://en.wikipedia.org/wiki/Sweden_Democrats
21:34 Partij voor de Vrijheid – https://en.wikipedia.org/wiki/Party_for_Freedom. The latest polling I could find still has them with a lot of support, though – https://peilingwijzer.tomlouwerse.nl/
21:48 Magyar Polgári Szövetség – https://en.wikipedia.org/wiki/Fidesz. A 2022 article about prime minister Viktor Orbán’s moves against Hungarian judicial independence – https://www.theguardian.com/world/2022/aug/14/viktor-orban-grip-on-hungary-courts-threatens-rule-of-law-warns-judge
22:07 https://gnet-research.org/2024/10/28/in-sweden-a-domestic-troll-farm-tests-democracy/
23:48 Dallas Humber, a graphic artist, and Matthew Allison, a DJ https://www.propublica.org/article/matthew-allison-dj-terrogram-collective-boise-dallas-humber. Apparently Humber” created “fan art” for extremists and murderers. The network has since been taken down, but Tech against Terrorism has a paper that shows there are various other right wing extremist accelerationalist groups out there: https://www.techagainstterrorism.org/hubfs/CTEC__TAT-Accelerationism-Report-.pdf (PDF).
Also see Mike Ma and “Harassment Architecture” – https://en.wikipedia.org/wiki/Harassment_Architecture
Lastly, Bj contributed to the following analysis: https://gnet-research.org/2022/09/12/analysing-terrorgram-publications-a-new-digital-zine/
23:55 Nostalgia time: https://en.wikipedia.org/wiki/Zine
24:36 The Anarchist Cookbook and Poor Man’s James Bond – you can find them for yourself if you really want to, but as a caution, a lot of the recipes for explosives and other weapons are apparently as likely to blow off your own fingers (or do nothing at all) as actually work, you’ve been warned.
25:03 Ted Kaczynski (the “Unabomber”) – https://en.wikipedia.org/wiki/Ted_Kaczynski
25:07 1995 Oklahoma City bombing – https://en.wikipedia.org/wiki/Oklahoma_City_bombing
25:50 https://tec.fsi.stanford.edu/docs/aleksandr-dugins-foundations-geopolitics
26:01 Specifically, the town of Veles, (North) Macedonia: https://medium.com/dfrlab/electionwatch-macedonian-memes-american-midterms-b1f35f9df2ee and https://www.bbc.com/future/article/20190528-i-was-a-macedonian-fake-news-writer for examples. Mainly done to drive ad revenue.
29:15 The Behind the Bastards episode on the history of the Swastika is also great – https://www.iheart.com/podcast/105-behind-the-bastards-29236323/episode/part-one-behind-the-swastika-122033932/
35:40 Potter Stewart, 1964 – https://en.wikipedia.org/wiki/I_know_it_when_I_see_it
35:54 Prof. Emily M. Bender. She’s a linguist who’s done a lot of good work outlining and explaining the limitations of LLMs – https://faculty.washington.edu/ebender/
You can find CyAN’s Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors. All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn – links on our Media page.
Not a Good Look, AI: What Happens to Privacy When Glasses Get Smart?
They look just like a regular pair of Ray-Bans. But behind the dark lenses?Cameras. Microphones. AI-powered assistants. All quietly recording, analysing, and storing data, sometimes even in real-time. And unless you’ve signed up for a starring role in someone else’s life capture experiment, you probably …
Welcome New Member – Amna Almadhoob from Bahrain
Please welcome our newest member from Bahrain, Amna Almadhoob
As a leader in the cybersecurity field, specializing in the financial industry, Amna brings extensive experience in defining strategic direction to secure operations, assets, and products against evolving threats.
She has a proven track record in building and maturing cybersecurity functions, leading teams, and supporting business operations. Recently, Amna began teaching at the university level, where she inspires the next generation of tech and cyber professionals.
Beyond the workplace, Amna actively collaborates with community institutions to run awareness workshops for the wider public, with a special focus on children.
It’s good to have you, Amna! We look forward to the expertise you bring and enabling you here at CyAN. Don’t hesitate to reach out or explore her profile to grow your networks mutually.
The Human Factor in OT Security Incidents: Understanding Insider Threats and Social Engineering in Critical Infrastructure by Rupesh Shirke
Introduction The human factor is an essential but overlooked security component in Operational Technology (OT) systems within critical infrastructure. However, although many technological defenses have improved, insider threats and social engineering remain serious due to inherent human activity and organizational culture vulnerabilities. Operators of OT …