PBN Summit: Cybercriminals rapidly growing more sophisticated, organized

NORMAND DUQUETTE, far right, senior vice president if Starkweather & Shepley Insurance Brokerage Inc., moderates the opening panel during the PBN Cybersecurity and Tech Summit at the Crowne Plaza Providence-Warwick on Thursday. He is joined by, from left, Douglas Tondreau, associate professor of computer science at Johnson & Wales University; Rick Norberg, CEO of Vertika6; Robby Gulri, a solutions engineering leader at RapidScale, Cox Communications subsidiary; and Linn F. Freedman, attorney and chair of data privacy and cybersecurity at Robinson & Cole LLP. / PBN PHOTO/MIKE SKORSKI
NORMAND DUQUETTE, far right, senior vice president if Starkweather & Shepley Insurance Brokerage Inc., moderates the opening panel during the PBN Cybersecurity Summit at the Crowne Plaza Providence-Warwick on Thursday. He is joined by, from left, associate professor of computer science at Johnson & Wales University, Douglas Tondreau; CEO of Vertika6, Rick Norberg; Robby Gulri, an engineering leader with the Cox Communications subsidiary, RapidScale; and Linn Freedman, attorney and chair of data privacy and cybersecurity at Robinson & Cole LLP. / PBN PHOTO/MIKE SKORSKI

WARWICK – Traditional antivirus software and occasional reminders to employees to watch out for strange emails just won’t hack it for businesses looking to defend against the growing network of sophisticated cybercriminals. 

That was the message during the first of two panel discussions at Providence Business News’ 11th annual Cybersecurity and Tech Summit at the Crowne Plaza Providence-Warwick on Thursday. 

It’s not a question of if your company will be targeted, according to the panelists. It’s a matter of when.  

Robby Gulri, an engineering solutions expert with the Cox business company RapidScale, said he has seen many companies become complacent, confident the cyber defense mechanisms they had in place are adequate. 

- Advertisement -

“Human nature is not to prepare for the worst,” he said. “We just don’t think like that.” 

What was years ago more than likely a lone wolf hacker has been replaced by organized crime syndicates and rogue nation states funding large-scale operations, making up more than 80% of security incidents. 

But many of the old criminal tactics have remained, such as tricking an employee through a phishing email or other “social engineering” schemes to gain access to internal networks, which still accounts for 50% of incidents. 

And the results of a breach can be financially painful.

One example is the recent extortion of Caesars Entertainment and MGM Resorts casinos. Caesars paid out $15 million while MGM, which refused, now faces a $100 million fallout. 

“That started as a simple multi-factor authentication attack,” said Gulri, referring to the low-tech approach that exploits human missteps rather than network security holes. 

Rick Norberg, CEO of information technology firm Vertikal6, said educating employees, from the human resources manager to the C-suite, is paramount. 

“It’s about having a comprehensive plan,” he said. “And it has to be something you are constantly evolving towards.” 

Linn F. Freedman, attorney and chair of data privacy and cybersecurity at Robinson & Cole LLP, said 99% of victims end up paying out ransoms. She implored the attendees to create an incident response team if they don’t already have one.

And never try and reason with cybercriminals privately, Freedman said. 

“Do not negotiate yourself,” she said. “Get a professional in there because you will probably make it worse.” 

One recent client had to close their business for three weeks, which can be financially devastating, she said. 

“You don’t want to be learning when you are in the middle of a chaotic ransomware attack,” said Freedman.

While ransomware, which hackers use to lock people out of their own data, remains a problem, email phishing attacks more than doubled in 2023, said Freedman, who has seen the evolution of hacking groups. Many now have a corporate model with top-down management and delegated authority. 

And with the average ransom payment exceeding $1 million, businesses need to get the proper insurance. 

“Make sure you have a broker that knows what they are doing in this space,” said Freedman. “It’s already tricky and it’s getting trickier. I’ve seen victims that thought they were fully covered when they weren’t.” 

Moderated by Normand Duquette, senior vice president of Starkweather & Shepley Insurance Brokerage Inc., the opening panel included Douglas Tondreau, an associate professor of computer science at Johnson & Wales University.

The second panel focused on the future of artificial intelligence in Rhode Island and was moderated by Christopher Parisi, the host of the AI Wave podcast and founder of marketing firm Trailblaze Inc. Also on the panel was Jeffrey Wilhelm, founder and CEO of Infused Innovations Inc.; Arnell Milhouse, co-founder and CEO of technology company CareerDevs; and Timothy Henry, assistant professor and researcher at Rhode Island College. 

Society is now at an inflection point. With technology rapidly advancing and a global AI industry projected to reach $4.6 trillion annually, panelists said. McKinsey & Co. reports that 30% of national hours worked will be replaced by AI, affecting over 12 million jobs.

It will be vital that federal, state and local governments create policies to manage this employment sector disruption. 

“We have to have labor laws in place and balance that with economic growth,” Henry said. 

Milhouse said businesses should embrace the change. Productivity will increase exponentially, he said, freeing workers for more creative and fulfilling tasks. 

“Everything that you hate about your job is going away,” he said. “Our lives have an opportunity to drastically improve. And Rhode Island is at the forefront. We must go all in.” 

One only need look at the 100 companies, from Kodak to Blockbuster, that no longer exist because they failed to innovate, he said. 

“They are now anachronistic,” said Milhouse. “If you wait a year, you are going to be so far behind.” 

The event was held with presenting sponsorship from Johnson & Wales University and Starkweather & Shepley.  

Christopher Allen is a PBN staff writer. You may contact him at Allen@PBN.com 

No posts to display