Videos
-
PCS 2025 - Which new approaches to cyberdefence in the new international trend? -
Zombie attack spoiled by cyber diplomats | Christopher Painter | TEDxTysons
-
Painter on Russia’s use of cyberwarfare against Ukraine
-
PCS 2025 - Which new approaches to cyberdefence in the new international trend?
-
Biden–Putin cyber detente: With Chris Painter, former US coordinator for cyber issues -
03/30/2021 IU Ethics, Values & Tech Series - Chris Painter
-
Security Snapshot 003: Chris Painter - Impact of the SolarWinds Attack
-
Diplomacy, Norms and Deterrence in Cyberspace - Chris Painter - PSW #633
-
Christopher Painter on Cyber Politics -
RSAC Policy & Government Program Committee Shares Topical Developments on Government & Cybersecurity
-
Christopher Painter - The Evolution Of The Cyber Threat
-
Chris Painter on The Open Mind: Cyber Diplomacy or Mr. Robot Dystopia?
-
Christopher Painter on “From Cyber Attack to Nuclear War: Avoiding Escalation through Cooperation”
-
2014 ICCE Keynote Three: Christopher Painter Coordinator for Cyber, U.S. Department of State
Learn More About Chris Painter
Cyber threats, including destructive ransomware attacks, trade secret theft and online fraud, and disinformation campaigns are on the rise, blindsiding some of the world’s most powerful organizations whose leaders mistakenly minimize the threat or assume their systems and data are secure.
“That’s a big problem,” says multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy. “Companies may not know they are vulnerable, but malicious hackers do and they go hunting for unprepared and unprotected victims. Moreover, organizations often don’t understand what they have to lose from a malicious cyber incident and simply do not take the threat seriously. The good news is that organizations can do something about this looming threat by understanding the cyber threats and actors that are targeting them, prioritizing cybersecurity – including at the board level – making sure an incident response framework is in place before they are hit, and practicing good cyber-hygiene.”
A global advisor, educator and speaker, Painter helps organizations and individuals understand cyber risk, respond and prepare for cyberattacks, and establish cybersecurity policies. He is also an expert on the international aspects and geopolitical challenges of cyber threats – particularly nation state sponsored hackers from Russia, China, Iran and North Korea and why organizations should be concerned. For example, he can discuss the challenges posed by state-sponsored economic espionage and the likelihood, particularly in light of the Russia-Ukraine crisis, of more disruptive cyberattacks by Russian actors and why organizations should care, and prepare for these unique and growing threats.
Whether the adversary is a criminal group or a nation-state, Painter says there are several kinds of vulnerabilities hackers seek to exploit. Often employees and even senior managers are not attentive to cyber threats and the hackers go after this human factor by using “social engineering,” basically, when malicious actors use personal information to trick someone into believing the hacker is someone they’re not in order to gain access to the victim’s system. Often, hackers also use targeted fake emails containing a “malicious payload,” allowing the hacker to penetrate a system and work their will. Hackers also often exploit vulnerabilities in critical software that an organization has failed to patch, even though a fix has been widely available.
“Though the vast majority of intrusions are of unpatched systems, some adversaries use so-called Zero-Day Vulnerabilities (ZDV) – yet-to-be-discovered openings in a system that are highly valued by intelligence agencies and sophisticated actors in countries like Russia and China,” Painter explains. “Let’s say you’re using a Microsoft operating system. The code is very complex, so maybe Microsoft hasn’t discovered, much less issued a fix for, a critical issue, and no one except the hacker knows about it yet. In short, cyber threats are real and on the rise. They can seriously impact an organization through business disruption, the loss of valuable intellectual property or the loss of customer data leading to a loss of customer confidence. Some of these threats can be prevented through better awareness, training, cyber hygiene and planning. Some hackers will succeed, but even then, preparation and planning for response is the key. At a higher level, leaders need to view cyber threats as they would any other risk to the organization and engage in appropriate risk management and mitigation.”
This has become particularly important as governments and regulators and around the world are increasingly turning their attention to cybersecurity compliance. For example, Congress has recently passed requirements for mandatory reporting of cyber incidents for certain critical businesses. The Securities and Exchange Commission has recently proposed new rules for cybersecurity risk management, strategy, governance and incident disclosure by public companies. Notably, this includes periodic reporting of a company’s “policies and procedures to identify and manage cyber risks,” evidence of management’s ability to identify such risks, and “the board of directors’ oversight of cybersecurity risk.” The proposal even suggests proxy and annual reporting of the board of directors’ cybersecurity expertise, if any. The European Union has strong cyber provisions in the GDPR and is promulgating a host of other requirements and regulations. Ignoring these risks is no longer an option.
Previously a senior official at the Department of Justice, F.B.I., the National Security Council and the State Department, Painter has been on the vanguard of U.S. and international cyber issues for more than 30 years. He chaired the G8 (and then G7) High-Tech Crime Group for more than 10 years. As a federal prosecutor, he prosecuted, among others, the notorious hacker Kevin Mitnick. In his most recent government role as the nation’s top cyber diplomat, he worked with senior officials in countries around the globe, led the United States’ diplomatic efforts to advance an open, interoperable, secure and reliable internet and information infrastructure and, among other things, helped lead a landmark cyber negotiation with China. Recently, he was a co-chair of the Ransomware Task Force that issued an influential report and recommendations on this growing threat area.
Cyber-Preparing for the Future
While financial services companies are farther ahead in terms of securing their systems, Painter says companies in every industry must assume they are vulnerable and take every necessary step to protect customer data as well as their own. Doing so will not only prevent a public relations nightmare, but also give companies an opportunity to build trust with customers by letting them know the firm has gone above and beyond to protect their personal information.
“Cybersecurity has finally become more of a priority around the world for both governments and businesses, partly because of the recent ransomware attacks, Russian cyber threats including the so-called Solar Winds campaign, and China’s attack on the Microsoft Exchange and widespread intellectual property theft. We’ve been pushing for people, businesses and governments to take cyber seriously for many years and it’s finally happening,” says Painter. “But lately, the threats have increased. Ransomware attacks like the one on Colonial Pipeline are disrupting businesses and both criminal groups and nation states have found new and inventive ways to breach victim systems. There are also emerging threats that are not yet on the radar. For example, when I was working in government in 2016 and the election interference happened, we never saw it coming. We were focused on potential big infrastructure attacks and theft of information. Now we know better. But, the greater notoriety of cyber threats also creates an opportunity for organizations to prepare, minimize and mitigate harm. There is a lot to do before we can get ahead of it all.”
# # #
Chris Painter serves on the board of the Center for Internet Security and is a non-resident senior advisor at the Center for Strategic & International Studies, a member of the public sector advisory board for Palo Alto Networks, former president of the Global Forum on Cyber Expertise and an associate fellow at Chatham House. He previously served as the nation’s, and indeed the world’s, first high-level dedicated cyber diplomat. Prior to joining the State Department, he served in the White House as senior director for Cyber Policy in the National Security Council. He was a senior member of the team that conducted the President’s Cyberspace Policy Review in 2009, and subsequently helped create and then structure a new directorate in the National Security Council devoted to these issues. He is frequently quoted in the press or made broadcast news appearances on cyber issues, and has testified on multiple occasions before the U.S. House of Representatives and Senate.
Chris Painter is available to advise your organization via virtual and in-person consulting meetings, interactive workshops and customized keynotes through the exclusive representation of Stern Speakers & Advisors, a division of Stern Strategy Group®.
The Cyber Threat Landscape and Why You Should Care
Cyber threats from nation-states and criminal groups have exploded in recent years. Where once organizations ignored or failed to account for these threats, they do so now at their peril. Sophisticated nation-states like Russia, China, Iran and North Korea are not just targeting governments but are increasingly launching destructive cyber attacks against private companies and organizations, or are intruding into their systems to steal valuable trade secrets and intellectual property that is a company’s life blood. Sophisticated criminal groups are also targeting the private sector both to steal valuable information and, especially in the case of ransomware, disrupt business operations. Drawing on over 30 years of firsthand experience, multi-award-winning cybersecurity veteran Chris Painter details the current threat, its evolution over the last two decades and makes the case for why senior leadership in your organization should care. He does this, in part, by drawing from real life cases and other examples from his long and distinguished career as a federal cybercrime prosecutor and senior Justice, White House and State Department official. He can also tailor his talk to go into greater depth on stories behind the high-profile cases he prosecuted and high-level negotiations he has led.
The Geopolitics of Cybersecurity: Russia, China and Lessons From the Disinformation Wars
In the last few years, organizations have started to understand the scale of cybersecurity threats including online fraud, disinformation campaigns and cybercrimes emerging from all parts of the world. Russia’s Solar Winds campaign, China’s attack on the Microsoft Exchange and increasingly common ransomware attacks have also brought the issue home to the ordinary person, forcing businesses and governments to take the threats even more seriously, says multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy. Drawing on more than 30 years of experience overseeing all aspects of U.S. and international cybersecurity, Painter outlines the policies governments have in place and how they work to protect organizations and individuals. He also makes recommendations on how firms should approach these issues, emphasizing that governments and tech firms can only do so much to protect systems and data. Finally, he discusses what we can expect from the future and how we can leverage what we’ve learned to create stronger awareness and protection practices going forward.
Preventing and Responding to Ransomware Attacks: What Your Organization Needs to Know and Do
An epidemic of ransomware attacks has many organizations on edge while others suffer or repair damages. The prolific ransomware groups not only disrupt an organization’s business to hold it hostage to significant monetary demands, but also extorts the organization by threatening to release its proprietary information. And it’s going to get worse before it gets better, says multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy, and cyber diplomacy, and co-chair of the influential Ransomware Task Force. In this talk, he discusses risk factors and explains how participants can empower their organization to be proactive rather than reactive. He then outlines strategies for mitigating or preventing damage before, during and after an attack.
Bridging Conversations Between Tech and Non-Tech Leaders
When it comes to discussing cybersecurity issues and cyber technologies, CIOs and CISOs may sound like they are speaking their own language. This can be frustrating for executives and board members who need to understand the critical details of a cybersecurity plan and why it’s important and worth funding. In an era when cybercrime is rampant, and cybersecurity should be a major item on the agenda for companies of all sizes, especially international organizations, such a breakdown in communication can keep some leaders in the dark, which can lead to bigger problems. In this presentation, multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy, helps non-tech leaders understand the threat in layman’s terms and why the board or other leaders should treat cyber threats as a mainline risk management issue. He outlines key questions they can ask to clarify issues and explains the importance of keeping lines of communication open in order to protect their firm from cyberattacks. This talk can also be delivered in a workshop format during which Painter artfully and effectively bridges conversations between non-tech and tech leaders in real time.
The World of International Cyber Diplomacy and Conflict
In this talk, multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy, paints a picture of the emerging world of international cyber threats and the diplomatic and other actions that the U.S. and other countries have employed to respond to them. He will address whether we are really in a state of “cyber war” and, whether or not that term is hyperbole, and what that means for the private sector organizations and individuals who are not willing combatants. Among other topics, he will discuss activities in the United Nations and other international forums, detail the story behind the U.S. negotiation and agreement with China on intellectual property theft, discuss the use of tools like economic sanctions and their effects, and discuss issues around deterrence (in particular why we have not yet done a great job of stopping malicious cyber activity particular from nation-states). Finally, he explains how both the threat and the geopolitical efforts to control international cyber threats will evolve in the coming years. In all of this, Painter will use real life examples and behind the scenes stories taken from his many years of frontline experience.
The War in Ukraine and What it Means for Cybersecurity
Russia has used cyber attacks both before and during its invasion of the Ukraine including an attack on a satellite communications system and attacks on power systems and other critical infrastructure. Although some have debated how big a role cyber has played in the Ukraine conflict, it is clear that it has and continues to play a role. Moreover, many fear that Russia will use its significant cyber capabilities to go after both governments and companies in the west – including the U.S. – in retaliation for economic sanctions levied on Russia. In this talk, multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy, discusses what we have seen so far in the Ukraine, lessons of cyber resilience demonstrated by Ukrainian defenders, and the possibility and implications of Russian reprisals against U.S and western companies. He also dives into what lessons can be drawn about the future and the need to prioritize cybersecurity and resilience for companies around the world.
Navigating the New Cyber Regulatory Jungle
In Europe, the General Data Protection Directive, the Cybersecurity Act, the new Digital Markets Act, and Digital Services Act have significant implications for any company that has a global presence. In this talk, multi-award-winning cybersecurity veteran Chris Painter, one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy, discusses some of the existing and emerging cyber related regulations and rules being promulgated by the U.S. and other countries. In the U.S., new breach reporting laws and proposed Securities and Exchange Commission rules mandating stronger cybersecurity and greater board understanding of cybersecurity may have large effects on critical infrastructure and any publicly traded company. Painter describes some of these regulatory initiatives and what companies and boards need to know in the future.
The United Nations’ Cyberstability Processes: Surprising Progress but Much Left to Do
(Journal of Cyber Policy, December 2021)
Prioritizing Capacity Building as a Foundation for Cybersecurity and Stability
(Cyberstability Paper Series, December 2021)
Combating Ransomware: A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force
(Ransomware Task Force, September 2021)
Appreciating Cyber Risks and Preparing Your Organization to Deal With Ransomware Attacks, Data Breaches and Cybercrime
Multi-award-winning cybersecurity veteran Chris Painter is one of the world’s most knowledgeable experts on cybercrime, cyber policy and cyber diplomacy. A global advisor, educator and speaker, he teaches organizations and individuals how to understand cyber threats, establish cybersecurity policies, and to prepare for and respond to malicious cyber events. In light of the Russia-Ukraine crisis, he also illuminates how organizations should think about and prepare for possible Russian or other nation state threats. During virtual and in-person advisory meetings, which can be conducted one-on-one or with small groups, Painter talks to leaders about hacker’s motivations, where attacks come from, how they happen and which policies and practices they can employ to protect their organization. Emphasizing that threats have increased in the last few years, especially for international companies, he explains why leaders need to move cybersecurity high up on their agenda and treat it as they would any other risk factor. Painter’s meetings, which include ample time for Q&A, are conversational in tone, punctuated with real life stories and rich with practical, actionable advice. Session length can be customized to meet the needs of your organization.
