Interview with Ryan Mulhall (ICN’s Chief Information Officer) and Dan Winters (WHO 13)
Aired on March 4, 2022 on WHO 13
Our CIO Ryan Mulhall recently spoke with Dan Winters from WHO 13 on the topic of cybersecurity and highlighted the ICN and the statewide Network.
Winters began by saying, “This is top-of-mind with everything that is happening with Russia.”
Mulhall said, “It is a non-stop endeavor, it may be the topic du jour, but it is an everyday thing for us.”
Mulhall explained as an Internet service provider, ICN has visibility on millions of network events that would be considered malicious traffic on our customers’ Networks and our State Network. Those attempts could include probing and scanning the Network to see if there are ways to break in, or actual attempts to get somewhere they shouldn’t, every day.
Surprised about the number of attempts, Winters asked if security is the number one priority, [the Network] can’t work if it is penetrable?
Absolutely, said Mulhall. Security is a focus for us, and when talking about the CIA triad of confidentiality, integrity, and availability, obviously being an Internet provider, availability is number one for us. If our customers can’t utilize our Network, it is a bad day for us.
Winters referenced Mulhall’s Army experience and asked for his unique perspective regarding Internet security and world affairs.
Mulhall explained it is a new thing to watch. When you have these types of world events and you have threat actors that may be doing something in response, one operates with heightened awareness and remains more vigilant. We follow the threat intelligence and look at things like indicators of compromise, such as:
- Review IP addresses that are known for certain threat actors.
- Make sure no systems are communicating with those certain IP addresses.
- Check that systems are patched and up-to-date.
- Monitor everything.
Winters ended the conversation by talking about vulnerabilities. “No matter how sophisticated you are at what you do for any organization, all it takes is one person to click on an email.”
In any industry research out there, at minimum 80% of any kind of ransomware or any breach starts with a phishing email; someone clicking somewhere they should not. The vast majority of the rest of malicious activity is usually due to unpatched systems and bad cyber hygiene.