InSecurity Podcast - Jeff Tang: Stop Trying to Make “Weaponized” Cyber Happen

The Missing Persons asked us in the 1980s, “What are words for when no one listens anymore?”

When it comes to cybersecurity, how do you know who you can trust to tell you what’s really going on? And we don’t mean who is telling you the truth. We mean, who is using the right words to accurately describe the events and circumstances that affect you and your ability to protect your data?

Everywhere Jeff Tang looks, he is besieged with news stories using terms like “weapons-grade exploits” to describe the latest malware outbreak. He believes wholeheartedly that the narrative constructed that results from the use of this colorful language is in fact detrimental to the progress of securing our computer networks. So often, news stories and associated reports seek to categorically apply the metaphor of military conflict to cybersecurity - and not every incident in cyber conflict qualifies as a military-style “attack.”

In today’s episode of InSecurity, Matt Stephenson chats with Cylance’s Executive Mischief Consultant Jeff Tang about the value of words in cybersecurity. Jeff explains why it is wrong to compare the inconvenience of not being able to access your social media account to a real-world kinetic cyber-attack that may cause mass human causalities.

Join us and understand that, while computers work in a world of binaries, that doesn’t mean our thinking about them has to be binary as well. It’s time we transition away from using these military terms when discussing cybersecurity – or face the real-world consequences.

About Jeff Tang

Jeff Tang (@mrjefftang) is a Senior Security Researcher at Cylance focused on operating systems and vulnerability research. He started his career as a Global Network Exploitation and Vulnerability Analyst at the National Security Agency, where he conducted computer network exploitation operations in support of national security requirements.

Prior to Cylance, Jeff served as the Chief Scientist at VAHNA to develop a security platform for identifying targeted network intrusions, and also worked as a CNO Developer at ManTech where he researched tools, techniques and countermeasures in computer network vulnerabilities. Jeff completed his Bachelor of Science (BSc) in Electrical Engineering and Computer Science at the University of California, Berkeley and a Master of Science (MSc) in Offensive Computer Security at Eastern Michigan University.

About Matt Stephenson

Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV.

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.