Profiles in Leadership: Mike ManrodGrand Canyon Education CISO Mike Manrod on Partnerships, Frameworks and Fun
CISO Mike Manrod of Grand Canyon Education is seeing very clever evasion tactics employed by initial access brokers who gain "an initial foothold into a network or into a set of infrastructure and then sell that foothold or get that foothold for an affiliated partner organization."
"Access brokers are getting really clever with things like delivering a password-protected zip that mounts an ISO that launches a script that downloads a malware payload," he says.
In order to tackle the adversaries' innovation, Manrod recommends updating playbooks that deal with launching attacks out of an optimal disc image and password-protected zip files to lock down "the specific delivery mechanisms to actually stop those exact attack vectors."
In this video interview with Information Security Media Group as part of the CyberEdBoard's ongoing Profiles in Leadership series, Manrod discusses:
- How threat actors targeting the education sector have shifted their tactics this year;
- How to keep up with the adversaries' constant innovation;
- Why "fun" is an essential element to strengthen security teams.
Manrod is responsible for leading the security team and formulating the vision and strategy for protecting students, staff and information assets across Grand Canyon Education. He previously served as a threat prevention engineer for Check Point and worked as a consultant and analyst for other organizations.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.