Latest news with #AnneNeuberger
The Independent
3 days ago
- Business
- The Independent
Experts warn that Iran could target power and water systems for cyberattacks if US gets involved in Middle East
Experts in critical infrastructure sectors are cautioning the U.S. against further involvement in the Middle East, warning that Iran could decide to target American power and water systems in a series of cyberattacks. As the conflict between Israel and Iran evolves, leaders in the critical infrastructure realm remain on high alert. While there has not yet been a major cyber threat reported, these groups are amping up their defenses in the event one unfolds, Politico reported. 'Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions,' said John Hultquist, chief analyst for Google Threat Intelligence Group. Hultquist warned that if the U.S. decides to strike Iran directly, 'targets in the United States could be prioritized for action by Iran's cyber threat capability.' Previous incidents of increased geopolitical tension, such as Russia's war on Ukraine, have also prompted U.S. agencies, including the Cybersecurity and Infrastructure Security Agency to get ahead of emerging threats. Anne Neuberger, the deputy national security adviser for cyber and emerging tech at the White House under President Joe Biden, told Politico the government is essential in helping these sectors amplify their defenses at times of conflict. 'The government can play a very important role in helping companies defend themselves, from sharing declassified intelligence regarding threats to bringing companies together to coordinate defenses,' Neuberger said. 'Threat intel firms should lean forward in publicly sharing any intelligence they have. ODNI and CISA should do the same.' Last week, two information sharing and analysis centers and organizations, which share threat intelligence, warned U.S. companies to increase security measures in the event of Iranian cyberattacks. The Food and Agriculture group, whose members include the Hershey Company, Tyson and Conagra, as well as the Information Technology group, with members Intel, IBM, and AT&T, warned attacks on other targets could still impact U.S. companies. Along that line, the groups warned that 'cyberattacks aimed at Israel could inadvertently affect U.S. entities.' Jeffrey Troy, who leads the Aviation group, said past cyberattacks targeting GPS systems have left them 'in a constant state of vigilance, sharing intelligence in real time and collaborating on prevention, detection and mitigation strategies.' Leaders of some of these groups also say that staffing reductions across agencies since President Donald Trump took office have left them feeling like they are without federal support in preparing for potential cyberattacks. The Cybersecurity and Infrastructure Security Agency, the country's main cyber defense agency, is expected to lose around 1,000 employees, with many of its programs being cut or put on pause, according to the report. While the agency 'is still accessible,' there has been no outreach to strengthen defenses against Iranian hackers since last week, according to Andy Jabbour, who leads the Faith-Based Information Sharing and Analysis Organization. Much of how the possible threats get handled is in the hands of Trump, Jabbour told Politico. 'The next 24-48 hours will be interesting in that sense, and his decisions and his actions could certainly influence what we see here in the United States,' Jabbour said.
Politico
4 days ago
- Business
- Politico
US critical networks are prime targets for cyberattacks. They're preparing for Iran to strike.
The organizations representing critical networks that keep the lights on, the water running and transportation systems humming across the U.S. are bracing for a possible surge of Iranian cyberattacks. Virtually every critical infrastructure sector is on high alert amid a deepening conflict between Iran and Israel, though no major new cyber threat activity has been publicly reported so far. As these groups proactively step up their defenses, it's unclear whether Washington is coordinating with them on security efforts — a change from prior moments of geopolitical unrest, when federal agencies have played a key role in sounding the alarm. 'Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions,' said John Hultquist, chief analyst for Google Threat Intelligence Group. As the conflict evolves — and particularly if the U.S. decides to strike Iran directly — 'targets in the United States could be reprioritized for action by Iran's cyber threat capability,' he said. During previous periods of heightened geopolitical tension, U.S. agencies, including the Cybersecurity and Infrastructure Security Agency, stepped up to warn the operators of vital U.S. networks about emerging threats. Ahead of Russia's full-scale invasion of Ukraine in 2022, CISA launched its 'Shields Up' program to raise awareness about potential risks to U.S. companies emanating from the impending war. Anne Neuberger, who served as deputy national security adviser for cyber and emerging tech at the White House under President Joe Biden, coordinated with CISA and other agencies, including the Office of the Director of National Intelligence, to support critical infrastructure sectors before Russia attacked Ukraine. She stressed that the government is crucial in helping these companies step up their defenses during a crisis. 'The government can play a very important role in helping companies defend themselves, from sharing declassified intelligence regarding threats to bringing companies together to coordinate defenses,' Neuberger said. 'Threat intel firms should lean forward in publicly sharing any intelligence they have. ODNI and CISA should do the same.' Spokespersons for CISA, the White House and the National Security Council did not respond to requests for comment on increasing concerns that cyber adversaries could target U.S. critical networks. Beyond federal resources, thousands of the nation's critical infrastructure operators turn to information sharing and analysis centers and organizations, or ISACs, for threat intelligence. The Food and Ag-ISAC — whose members include the Hershey Company, Tyson and Conagra — and the Information Technology ISAC — whose members include Intel, IBM and AT&T — put out a joint alert late last week strongly urging U.S. companies to step up their security efforts to prepare for likely Iranian cyberattacks. In a joint statement from the groups provided to POLITICO on Monday, the organizations cautioned that even if no U.S.-based companies were directly targeted, global interconnectivity meant that 'cyberattacks aimed at Israel could inadvertently affect U.S. entities.' ISACs for the electricity, aviation, financial services, and state and local government sectors are also on alert. Jeffrey Troy, president and CEO of the Aviation ISAC, said that in the past, companies in the aviation sector had been impacted by cyberattacks disrupting GPS systems, and that as a result, 'our members remain in a constant state of vigilance, sharing intelligence in real time and collaborating on prevention, detection, and mitigation strategies.' Andy Jabbour, founder and senior adviser for the Faith-Based Information Sharing and Analysis Organization, said his organization is monitoring potential efforts by Iranian-linked hackers to infiltrate the websites of U.S. religious groups or spread disinformation. Jabbour said his organization is working with the National Council of ISACs on scanning for these threats, and noted that the council had stood up a program following the first strikes by Israel on Iran late last week to monitor for specific threats to U.S. infrastructure. The National Council of ISACs did not respond to a request for comment on whether they are preparing for evolving Iranian threats. Concerns about attacks on U.S. critical infrastructure linked to conflicts abroad have grown in recent years. Following the Oct. 7, 2023, attack on Israel by militant group Hamas, Iranian government-linked hacking group Cyber Av3ngers hacked into multiple U.S. water facilities that were using Israeli-made control panels. The intrusions did not disrupt water supplies, but they served as a warning to utility operators about devices that could be easily hacked and potentially targeted first in a cyber conflict with Iran. 'If anti-Israeli threat actors make good on any claim of impacting critical infrastructure at this time … they're going to look for the low-hanging fruit, easily compromised devices,' said Jennifer Lyn Walker, director of infrastructure cyber defense at the Water ISAC. Walker said that while her team has not yet detected any enhanced threats to member groups since last week, the Water ISAC would be sending out an alert this week, encouraging organizations to stay vigilant. 'We don't want to cause any undo panic, but for those members that aren't already watching and aren't already vigilant, we definitely want to amplify the message that the potential exists,' Lyn Walker said. Some of these groups noted that the lack of federal support so far in preparing for Iranian cyberattacks may be due to widespread changes across agencies since President Donald Trump took office. CISA, the nation's main cyber defense agency, is expected to lose around 1,000 employees, and many of its programs have been cut or put on pause, including funding for the organization that supports the ISACs for state and local governments. CISA has also been without Senate-confirmed leadership since former Director Jen Easterly departed in January. 'CISA is in a state of transition,' Jabbour said, noting that while 'CISA is still accessible,' there had been no outreach to strengthen defenses against Iranian hackers since tensions erupted last week. It isn't a complete blackout. Lyn Walker said that the Water ISAC has 'received reporting from DHS partners who are striving to maintain continuity of operations and valuable information sharing during this challenging time.' There could also be another reason for the less visible federal response: 'Shields Up' advisories are still available from 2022, when CISA worked with organizations to prepare for an onslaught of Russian cyberattacks tied to the war in Ukraine. Kiersten Todt, who served as chief of staff at CISA when the program was stood up, said that its legacy has heightened awareness of potential cyber pitfalls across the nation's critical operations. 'Because the [cyber] threat is so serious, all of those things ended up sustaining,' Todt, current president of creative company Wondros, said. 'That 'Shields Up' mentality has now become part of the culture of critical infrastructure.' The enhanced level of vigilance reflects concerns that the threats from Iran could change quickly. Jabbour noted that a lot is in the hands of Trump as he weighs how heavily to assist Israel. 'The next 24-48 hours will be interesting in that sense, and his decisions and his actions could certainly influence what we see here in the United States,' Jabbour said.
Yahoo
4 days ago
- Business
- Yahoo
"The Davos of Cybersecurity": Team8's CISO Village Summit 2025 Gathers Cybersecurity Leaders from the NSA, Google, Checkpoint, Wiz, and more to Redefine Defense and Resilience in the Age of AI
Charm Security and Fig Security are the big winners of the CISO Village Choice 2025 NEW YORK, June 17, 2025--(BUSINESS WIRE)--Last week, Team8, a global venture fund that builds and invests in companies across cybersecurity, data, AI, fintech, and digital health, as well as at their intersections, hosted its flagship CISO Village Summit 2025. The immersive five-day gathering in Miami and the Florida Keys brought together more than 100 out of the 600-strong CISO village representing the most influential companies in the world Under the theme "Cyber Resilience at Machine Speed: AI as Your Force Multiplier" this year's summit explored the rapidly changing cybersecurity landscape amid the rise of generative AI and autonomous technologies, examining how artificial intelligence is transforming both the nature of threats, the defenses built to counter them and the tantamount important of the people and communities behind them. Known as the "Davos of Cybersecurity," the CISO Village Summit featured a curated lineup of thought leaders, public officials, and industry pioneers, including: Anne Neuberger, former Deputy National Security Advisor for Cyber and Emerging Technology ; Nadav Zafrir, CEO of Check Point and Team8 Co-Founder; Ami Luttwak, CTO and Co-Founder of Wiz; Admiral Mike Rogers, former NSA Director and Team8 Operating Partner; Phil Venables, Former CISO of Google Cloud; Rich Baich, CISO at AT&T Marene Allison, former CISO of Johnson & Johnson; Jason Clinton, CISO of Anthropic; Dylan Patel, CEO of SemiAnalysis A key highlight was the 3rd annual CISO Village Choice Awards, held in partnership with Discount Bank and IDB Bank. Fifteen emerging cybersecurity startups showcased to their solutions to a highly engaged audience of global security executives. Charm Security won the Best Innovation Award, followed by Orchid Security as runner-up. Fig Security took home the Best Performance Award, with Astelia named runner-up. Notably, previous winners such as Dig Security (acquired by Palo Alto Networks) and Nagomi Security have achieved significant industry milestones. Departing from the traditional conference model, the summit was designed to break down silos, both technical and organizational. Through war-room simulations, candid 'unconference' debates, and hands-on threat modeling, participants were encouraged to confront today's biggest challenges in real time. Just as important were the wellness and connection experiences: mornings began with run clubs, floating meditation, and breathwork, while days and evenings included keynotes from 4-Time Olympic gold medalist Anthony Ervin and Leadership Expert David Mead, alongside intimate dinners. In one case, a participant at the end of the Summit added that "I feel like I was lost and found my people." The significance of the theme in this moment in time was particularly poignant: "Speed is the defining challenge in security today. Historically, back to the '90s and 2000s, we had traditional infrastructure and the risks associated with it. Then came the cloud, and the time it took to address cloud-related issues started to shrink. Now we're in the age of AI, and that timeframe is shrinking even more. Our ability to embrace AI, to think ahead and find innovative ways to reduce that speed is going to be critical." - Rich Baich, CISO at AT&T Liran Grinberg, Team8 Co-founder & Managing Partner and Amir Zilberstien, Team8 Managing Partner spoke on the power of the summit and said, "While the summit was a resounding success, the recent tragic events in Israel are a reminder of how critical it is for global leaders to build resilience in the face of escalating threats, both digital and physical. The greatest cybersecurity risk today is isolation, when defenders are left disconnected from one another, the technology, and the communities they serve, falters. This summit is designed to give them the platform, perspective, and global community they need to lead at machine speed." View source version on Contacts Ilan Fisher,Global Media Manager+972-50-460-7429
Business Wire
4 days ago
- Business
- Business Wire
" The Davos of Cybersecurity": Team8's CISO Village Summit 2025 Gathers Cybersecurity Leaders from the NSA, Google, Checkpoint, Wiz, and more to Redefine Defense and Resilience in the Age of AI
NEW YORK--(BUSINESS WIRE)--Last week, Team8, a global venture fund that builds and invests in companies across cybersecurity, data, AI, fintech, and digital health, as well as at their intersections, hosted its flagship CISO Village Summit 2025. The immersive five-day gathering in Miami and the Florida Keys brought together more than 100 out of the 600-strong CISO village representing the most influential companies in the world Under the theme 'Cyber Resilience at Machine Speed: AI as Your Force Multiplier' this year's summit explored the rapidly changing cybersecurity landscape amid the rise of generative AI and autonomous technologies, examining how artificial intelligence is transforming both the nature of threats, the defenses built to counter them and the tantamount important of the people and communities behind them. Known as the 'Davos of Cybersecurity,' the CISO Village Summit featured a curated lineup of thought leaders, public officials, and industry pioneers, including: Anne Neuberger, former Deputy National Security Advisor for Cyber and Emerging Technology ; Nadav Zafrir, CEO of Check Point and Team8 Co-Founder; Ami Luttwak, CTO and Co-Founder of Wiz; Admiral Mike Rogers, former NSA Director and Team8 Operating Partner; Phil Venables, Former CISO of Google Cloud; Rich Baich, CISO at AT&T Marene Allison, former CISO of Johnson & Johnson; Jason Clinton, CISO of Anthropic; Dylan Patel, CEO of SemiAnalysis A key highlight was the 3rd annual CISO Village Choice Awards, held in partnership with Discount Bank and IDB Bank. Fifteen emerging cybersecurity startups showcased to their solutions to a highly engaged audience of global security executives. Charm Security won the Best Innovation Award, followed by Orchid Security as runner-up. Fig Security took home the Best Performance Award, with Astelia named runner-up. Notably, previous winners such as Dig Security (acquired by Palo Alto Networks) and Nagomi Security have achieved significant industry milestones. Departing from the traditional conference model, the summit was designed to break down silos, both technical and organizational. Through war-room simulations, candid 'unconference' debates, and hands-on threat modeling, participants were encouraged to confront today's biggest challenges in real time. Just as important were the wellness and connection experiences: mornings began with run clubs, floating meditation, and breathwork, while days and evenings included keynotes from 4-Time Olympic gold medalist Anthony Ervin and Leadership Expert David Mead, alongside intimate dinners. In one case, a participant at the end of the Summit added that 'I feel like I was lost and found my people.' The significance of the theme in this moment in time was particularly poignant: "Speed is the defining challenge in security today. Historically, back to the '90s and 2000s, we had traditional infrastructure and the risks associated with it. Then came the cloud, and the time it took to address cloud-related issues started to shrink. Now we're in the age of AI, and that timeframe is shrinking even more. Our ability to embrace AI, to think ahead and find innovative ways to reduce that speed is going to be critical." - Rich Baich, CISO at AT&T Liran Grinberg, Team8 Co-founder & Managing Partner and Amir Zilberstien, Team8 Managing Partner spoke on the power of the summit and said, 'While the summit was a resounding success, the recent tragic events in Israel are a reminder of how critical it is for global leaders to build resilience in the face of escalating threats, both digital and physical. The greatest cybersecurity risk today is isolation, when defenders are left disconnected from one another, the technology, and the communities they serve, falters. This summit is designed to give them the platform, perspective, and global community they need to lead at machine speed.'
