Leo Taddeo, chief information security officer at Cyxtera Technologies, discusses the development of cyber tactics with CNET's Dan Patterson.
CNET's Dan Patterson interviewed Leo Taddeo, chief information security officer at Cyxtera Technologies and a former FBI special agent in charge of cyber operations in New York City. The following is an edited transcript of the interview.
Campaign 2018: Election Hacking is a weekly series from TechRepublic sibling sites, CBS News & CNET, about the cyber-threats and vulnerabilities of the 2018 midterm election.
Dan Patterson: Leo Taddeo, you've spent a lifetime in information security and you were at the FBI here in New York City. Help us understand what you did for the FBI and information security in the mid 90s through the mid 2000s.
Leo Taddeo: Well, thanks Dan. Well, I started my career in 1995 in the New York office on the Russian organized crime squad. And spent six years on the Russian organized squad until I transferred to FBI headquarters where I ran a part of the Russian organized crime program from headquarters.
From there, I came back to New York and continued in organized crime, served overseas and eventually transitioned into technology and cyber. And I ended my career here in New York as the Special Agent in Charge of Cyber and Special Operations.
SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)
Dan Patterson: So you lived through a fascinating period of the gestation of the internet. How did tactics evolve? Cyber tactics evolve during your career with the FBI and beyond?
Leo Taddeo: Right, so at the beginning of my career in the 90s, the challenge was removing or collecting evidence off of desktop computers. We knew that cases hung on whether or not we could effectively extract the evidence from a hard drive, for example. And that was a challenge that was growing at the time. More and more business was conducted using personal computers and of course, more and more evidence was found on personal computers.
So the technical challenge for us was how to collect that evidence off of a hard drive. There weren't the kind of password protections that you have today. There weren't the kind of encryption that you have today. It was more of a new challenge then it was an encryption challenge. And we had to develop new tactics to extract that evidence and present it in court. And as we found, as the years went by, more and more of our cases were based on evidence collected from computers and personal assistants, personal devices.
- Why phishing remains a critical cyber-attack vector (TechRepublic)
- How to inoculate the tech herd from IoT cyber-infections (TechRepublic)
- Cybersecurity and the 2018 Midterms (TechRepublic Flipboard magazine)
- Watch out for Google's new-look sign-in page: It's not a phishing scam (ZDNet)
- Why more people don't use simple two-factor authentication (CNET)
- Google is releasing its own 'Titan' security key to prevent phishing (CNET)
- Security awareness and training policy (Tech Pro Research)
- Homeland Security creates anti-hacking center to protect industries (CNET)