“No, no, no, you’re watching too much ‘CSI’ and TV and stuff like that,” said Mike Lettman, explaining how real-life cybersecurity is not what is portrayed through popular shows.

Lettman, cyber security advisor to the Cybersecurity and Infrastructure Security Agency (CISA), spoke Sept. 8, at a keynote address at the 12th Annual Arizona Technology Summit at The Scottsdale Resort at McCormick Ranch.

The experienced cyber security expert spoke to a room of around 50 attendees from different companies about how to protect their companies’ data from ransomware and similar cyber threats that can lead to stolen data, like seen most recently with T-Mobile after a 21-year-old used an unprotected router to carry out the data breach.

“You can go out on the black market, and you can buy ransomware as a service to attack any one of your organizations,” said Lettman. “And you don’t have to be a cyber professional or a cyber geek in order to try and run this because it is getting that easy these days.”

Lettman, with over 30 years experience in government information, technology, and security gave an informed lecture on the kinds of cyber security threats him and the team at CISA have come across, how they manage the aftereffects of a breach, and most importantly, how they identify the outliers in audit logs to prevent such a threat from coming to fruition.

As Lettman told the audience about reality versus television, what CISA actually does is much different from how TV shows such as “CSI: Crime Scene Investigation” portray these situations.

“If you don’t have a phishing tool, we will phish your organization for six weeks and then give you results of that,” said Lettman. He went on to explain how CISA is using the same techniques a hacker may use, except they will report their vulnerability findings to the organization.

The agency “builds the national capacity to defend against cyber attacks and works with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the ‘.gov’ networks that support the essential operations of partner departments and agencies,” according to cisa.gov.

The agency made available to the public a page with resources for companies and home users to learn about ransomware and how to protect themselves with tips, no-cost services, and evaluation tools that determine how well equipped they are to defend against cyber attacks.

The main takeaways that Lettman left the audience with were the following:

• There must be security awareness and training;
• Vulnerability management, which means patching, patching, and more patching;
• Controlling who has access to certain administrative privileges;
• Maintaining, monitoring, and analyzing audit logs to be aware of what is happening in the environment; and
• Having a prepared incident response.

Editor’s Note: Anezia Marques is a student reporter at the Walter Cronkite School of Journalism and Mass Communication.