There’s a reason Cybersecurity Awareness Month always focuses on a few key behaviors, such as multifactor authentication, password security, recognizing phishing and updating software. More companies, especially in the operational technology (OT) space, need to stop being reactive and move more into cyber prevention, getting out ahead of the attackers.
In the fourth episode of our Cybersecurity Awareness Month podcast series, we welcomed back good friend and movie buff Moty Kanias, vice president of cyber strategy and alliances at Nanolock. He talked about why it’s essential to move toward cyber prevention, how AI is going to impact everything and why “Speed” should be considered a cybersecurity movie. Listen to the full podcast here.
The following has been edited for clarity.
Gary Cohen: October is Cybersecurity Awareness Month. We’re always highlighting some key behaviors like multifactor authentication, strong passwords, recognizing phishing and updating software. What do you think people should be focusing on this month?
Moty Kanias: I am a big fan of cyber prevention abilities, and when we think cyber prevention, it means just cutting off the alert fatigue of the CISOs. The way to do that in my perspective is going multifactor authentication. When you have multifactor authentication, even when you get your credentials stolen from a phishing attack or whatever, multifactor authentication, that’s the way to go. That’s my recommendation.
Cohen: As we’re about to head into 2024, what trends or developments are you excited for?
Kanias: Probably everyone you’ll talk to will say AI. I won’t be saying AI yet. From my point of view, the new U.S. regulation that will mandate people to report cyberattacks will open a huge window of cyberattacks on OT environments, manufacturing, just basically utilities all along. We’ll see more and more data coming from attacks that were never reported before because people kept it just behind the rug.
Other than that, guys: AI, AI and AI. It will be manipulating with AI. It will be cyberattacking with AI. It will be automating cyberattacks with AI. Writing codes, pictures, everything.
Cohen: It will be interesting to see how that plays out because it’s going to impact both sides. It’s going to be the attackers and the defenders using AI.
Kanias: Of course. People think of AI, but at the end of the day, it’s code. If it’s code, it’s software. If it’s software, it has vulnerabilities. If it has vulnerabilities and it’s code, it could be manipulated and could be cyberattacked.
Tyler Wall: Makes sense. Can you share a memorable experience or a case from your career that really highlighted for you the importance of cybersecurity?
Kanias: So here’s a surprise, and we’ll make it short, but you’ll probably want to talk to me about this a bit more. When I was in the IDF (Israel Defense Forces), I was in charge of what we didn’t even understand as a cyber event. We had officers from the IDF that came to us and reported that they had weird problems with their cellphones. We started asking some questions. We went over their data — mostly social engineering or social media — and found out that they were becoming friends of beautiful men and women that were flirting with them and manipulated them to download a malware on their cellphones, giving them full control of everything that went on their cellphones.
Why was that important? Of course, we solved the issue. We made it public, and we got rid of the bad guys, but there was no cyber protection from that attack. It was a true malware that was in Google Play or Apple Store that people downloaded to their cellphones. They agreed in giving their privacy away to whoever owns the app, which was the bad guys. And up until this day, there’s no real solution in preventing people from authorizing applications or games or whatever on their cellphones. How’s that?
Cohen: That’s really interesting because when you hear about cyberattacks, you almost never hear about attacks on people’s phones, which clearly can happen.
Kanias: People think of it as a phone, but a phone is a PC or is a computer. So if you get into a person’s cellphone and that cellphone is connected to a computer, that’s basically another sort of memory that now you get connected to. I think of a cellphone as the head of an octopus. You don’t even want to know where you can go from a cellphone — cloud services, OT (operational technology) environment, IT (information technology) infrastructure — it’s just an octopus.
Wall: In recent times, we’ve seen a lot of cyberattacks occur — Molson Coors, Honda, Snake, Dole a little more recently. What have we learned from these major attacks?
Kanias: Vegas. Vegas is the big thing, but I’ll tell you something cool that’s very interesting. A lot of companies such as Dole have cybersecurity. They take it seriously. They probably have products. One of the reports that I read, we got the understanding that Dole identified the cyberattack, but really could not do anything about it without closing their production lines and going through the whole process of fixing the problem or mediating or incident responding to whatever it is that happened. That downtime took them way too much time and cost them a lot of money.
Same thing about other attacks, as well. That’s why we started with the first question. Guys, it’s time to move for cyber prevention abilities. If, in Vegas — at least, it was once reported — it was an attacker that connected through LinkedIn and manipulated the IT people into giving the software of a technician, multifactor authentication there would’ve solved that problem.
Cohen: I have a feeling I know what your answer is going to be from one of your previous answers, but what emerging technologies do you see impacting the field of cybersecurity in the near future?
Kanias: It has to be AI. There’s really no going around this. So it will be AI because the world has been going into collecting data and using that into building cyber threats or cyber threat intelligence. What you’ll have now is integration between collecting and using the data into more complex systems, such as, I’d say, next generation XDR (extended detection and response) or EDR (endpoint detection and response) that will be much more complex in the things that they will stop.
On the other hand … attackers. We’re dealing with the OT environment, but in the past if you wanted to attack an OT environment, you usually had to know specific code like ladder programming in PLCs (programmable logic controllers). Now with AI abilities, you just use English and ask the output to be C# or Python. There’s no need for the knowledge of software or code, right? It’s just there. It’s not perfect, but ChatGPT 5 is on the way. Google is doing a great job, and who knows where xAI is taking us, but let us be sure we’ll see a lot of AI all around there.
Wall: So I’m about to ask you the most important question of your entire career: What is your favorite movie or TV show that has to do with cybersecurity?
Kanias: I’d say lack of cybersecurity, but I’ll try to be original here. “Speed.”
Kanias: I’m not that young, but if you think about it, the way that the hostages, the bus — I’m talking about “Speed” 1, right? The cool version.
Cohen: Sure. Keanu, Sandra Bullock, Dennis Hopper. I remember that one. Good movie.
Wall: Jeff Daniels.
Kanias: Yeah. If you get into the details, what they did there is they recorded the video of the bus, and they broadcasted it to the cameras, and that is how they managed to take the people away. When you think about it, it was RF (radio frequency). If you think about it, it was pushing data into a live feed. That’s cyberattacking.
But I have to say, my imagination is going crazy all around. Let’s talk about “Die Hard 2,” changing configurations of the height of the planes, right? That’s also a cool cyberattack. “The Matrix.” Neo, he did some monkey business there, cyberattacking before he got to doing whatever red pill. So I just gave you three movies. You just use anyone you want. That’s what I saw when I was young.