Speed Data: The Commoditization of Cybercrime With Matt Radolec

Matt Radolec at Varonis discusses the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.
Megan Garza
2 min read
Last updated March 25, 2024
Megan Garza and Matt Radolec in conversation bubbles

 

Welcome to our new video interview series, Speed Data: Quick Conversations with Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security leaders pressed for time.

This week, we caught up with our very own Matt Radolec, Senior Director, Incident Response and Cloud Operations for Varonis. Matt sat down with Content Editor Megan Garza to discuss the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.

 

In a year already saddled with high-profile breaches and ransomware strains, Matt Radolec, Senior Director, Incident Response and Cloud Operations for Varonis, predicts this will be the year organizations double-down on their cloud security efforts or reexamine the steps they’ve taken to protect their org thus far.

“There’s a lot to come in the future of 2023 around cloud security posture management and what it means to be secure in the cloud.”

In the past, companies typically focused on defending against APTs and nation-state attacks, which Matt said are still legitimate threats to organizations. However, in recent years, he has noticed a change in cybersecurity risk around the commoditization of cybercrime.

“You can rent hackers and get malware and ransomware toolkits for rent that have help desks and supports,” Matt said. “It has become a business — the biggest things that’ve changed is just how easy it is to be a cybercriminal.”

With the popularity of RaaS growing, combined with the increase in complexity of the environments organizations operate in (cloud, on-prem, IaaS, etc.), today’s security leaders have a lot on their plate.

The amount of things a CISO has to look after is going up at an exponentially increasing slope,” Matt said. “The job is going to continue to get more and more complicated as they start to operate in more places.

Having been interested in cybersecurity and computer science since a young age, Matt enjoys the fast-paced nature and complexity of IT and the security industry. Still, he admits there is a dark side to cybersecurity — such as threat actors having a fire sale (a major cyberterrorist attack) — which can cause him to lose sleep.

“The things that keep me up at night are the things that would truly impact all of our lives, which would be attacks on our nation’s critical infrastructure, utility providers, and all the connected resources in our supply chain,” he said. “Things that would damage our day-to-day life are the things that I think and worry about the most.”

But as Matt likes to mention during his fan-favorite State of Cybercrime series, it’s not all bad news.

“If you can… understand the technical challenges: the vulnerabilities, the exploits, the attackers, their techniques, their tactics, their protocols, you’re going to be an unstoppable security leader.”

Knowledge of cybercrime, risk management, and how to protect your company’s data is what we do at Varonis. Our mission is to provide our customers with effortless outcomes using cutting-edge automation.

Watch the full episode with Matt above or on our YouTube channel.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

last-week-in-ransomware:-week-of-august-9th
Last Week in Ransomware: Week of August 9th
This week saw the rise of a new ransomware group called BlackMatter and demonstrated even ransomware groups should worry about disgruntled employees.
the-vulnerability-of-things---ioss-21
The Vulnerability of Things - IOSS 21
We were thrilled when Pen Testing veteran, Ken Munro joined our show to discuss the vulnerabilities of things. In this episode, Ken reveals the potential security risks in a multitude of IoT devices...
last-week-in-ransomware:-week-of-august-16th
Last Week in Ransomware: Week of August 16th
This week was a win with REvil and SynACK decryption keys being released, but also saw a rise in PrintNightmare use by ransomware gangs.
last-week-in-ransomware:-week-of-july-19th
Last Week in Ransomware: Week of July 19th
This past week hasn't seen quite as much activity as others, likely due to the new ransomware task force created in the US and the mysterious disappearance of REvil and other gangs.