Cybertraps Podcast

This episode is a part of a special series of interviews conducted at the INCH360 Cybersecurity Conference in Spokane, Washington. Visit their website to learn more about INCH360 and their mission. 

Host Jethro D. Jones interviews Sam Kabui, a cybersecurity analyst at STCU. Sam shares insights on protecting financial data, the importance of robust cybersecurity awareness, and why people—not just technology—are key to defending organizations. The conversation also explores the role of business risk in cybersecurity and the value of effective communication and recovery planning.

What is Cybertraps Podcast?

We explore the risks arising from the use and misuse of digital devices and electronic communication tools. We interview experts in the fields of cybersafety, cybersecurity, privacy, parenting, and technology and share the wisdom of these experts with you!

Welcome to the Cyber Traps podcast.

We are here on the beautiful Gonzaga campus at the inch 360 Conference, and we have Samuel Cabo with us.

Sam, welcome.

Tell us a little bit about who you are and what you do.

Thank you so much Jethro

My name is Samuel Kubui I'm a cybersecurity analyst here with STCU.

I've been with the company for about one year prior to that, worked with Freddie Mark back in Virginia as a cybersecurity engineer.

Okay, great.

And so what does that mean that you're a security cybersecurity analyst now at a credit union?

What does that entail?

That's a great question.

Thank you.

Being a cybersecurity STCU entails monitoring the systems to make sure.

That the threats and incidents that are coming into our systems are monitored and are responded to, let's say, for high and critical kind of incidents
and protecting our members' data to make sure that they information for our members, that is their PII or be their banking information is secure.

So it's about protecting the organization data, which is actually our members data.

Yeah.

So it seems like, from my perspective, being an outsider, that banks are one of the high level targets because there's so much money there and there's it seems like once you get in then you might be able to get in, get access to a lot of different things.

What are some of the things that you guys put in place to.

Protect your members and make sure they don't get hacked or have fraud committed against them?

I would speak generally and say that definitely in financial sector we see a lot of scams are coming to our way when you speak to different credit unions, banks a lot of scammers and a lot of threat actors trying to hack into different systems.

And so some of the ways that we can protect financial data, it's making sure that we have controls to protect the systems and the data.

Having things like and one number one kind of controls, having backups to make sure that when there is an incident or when there's an infiltration or.

You know, there's a side by incident that needs to be, to recover the data in the system, that the organizations can actually recover and have the integrity of the system, the data from a good backup that have been monitored for indicators of compromise.

And that brings in continuity that the service to the members will not stop because the ability to recover wasn't there having things.

Like daily monitoring, having systems, let's say for example, like tools like seas to be able to see incident and the lots that are coming in daily that you have people who are actually looking into the systems.

'cause again, cyber is not just about systems, but it's about people that you have people with knowledge and skills to be able to monitor those systems and to be able to understand.

The threats that are coming into the organization.

So that's very important.

And again, as I mentioned, cybersecurity is about people making sure that each and everyone has awareness and it's their responsibility.

The cybersecurity of an of the organization is not just about the analyst, the CIO, but it's about everybody who works in.

In that organization.

So making sure that there is very robust cybersecurity awareness that people know what is phishing is, what is email compromised the basics.

Because threat actors try with the low hanging fruits before they really go into the sophisticated ways of really infiltrating an organization, they will go to those low hanging fruits.

So.

Making sure that every employee, every member is aware about the things that they can do to defend the company or the organization data and their own personal data is very critical.

/
Yeah.

Absolutely.

So what have you gotten out of the conference today?

What has been interesting or something new you've learned?

That was great, especially during the morning session.

Where there was a speaker talking about cybersecurity risk management, and I agree with him that cybersecurity risk doesn't exist.

It's all about business risk because all we do is cybersecurity professionals a supporting business, because cybersecurity doesn't really exit or is not siloed on its own.

It's just not there.

Cybersecurity exists to support the business.

And so everything that we do is to support the mission and the vision of the business.

And so making sure the exact continuity, the exact monitoring,

Yeah.

That was something that I really appreciate about him also was saying there's.

there's no such thing as a cybersecurity risk, there's just a business risk.

And that putting that different frame on it really helped.

And he talked when I interviewed him for this a lot about the communication that needs to happen so that people understand what the real issue is.

That we're not, we don't really care if somebody gets into our system for the sake of somebody getting into our system.

We care because of what they can do once they're inside.

And understanding that and being able to articulate that makes a big difference in how you approach those issues.

And I think that's really key.

Anything, any other takeaways?

Yeah, and I would add to add and say that again, it's not about the system adding into tools and going to, let's say for example, we come to this conference or maybe other conferences, let's say to, I would say, and we go shop for systems and tools.

You can have multiple tools in your organization, but again, if you don't have the right people to be able to monitor those systems.

Then those solutions will not really help.

So security and it is not a cybersecurity or it's not an IT shop to just have the latest and greatest tools, but having the right people to be able to monitor those tools and be able to use them effectively is really important.

And another one thing I would like to add is about, the ability for the organization.

To recover in the event of data.

I know so many organizations do have data backups and they do check the integrity of those data backup, but I wouldn't add on like having systems to really monitor
and to check indicators of compromise within those data backups is very critical because I think that's to my opinion, is the number one control for cybersecurity.

Because it's it's a question of when not.

Yeah.

And so if you don't if something happens and you have an incursion, then if you go back in the backups and that door is still open, It doesn't matter.

you're not solving anything.

You're not solve anything and you're not able to use whatever you've been backing up.

Ye

that's a very good point.

Alright, well Sam, thank you so much for being part of this cyber Trapps podcast interview.

I appreciate you and glad you're here at the Inch 360 conference.

Glad to be here.

Thank you, Jethro.