Inside Pacific Rim with Ross McKerchar | 11

In this episode, Ciaran and James are joined by Ross McKerchar, CISO at Sophos, to discuss one of the most significant – and to some, controversial – counter cyber operations ever carried out by a private company. Ross shares insights from the frontlines of the Pacific Rim campaign, as well as the shifting dynamics of the cybersecurity industry and what active defense really looks like in practice.

Highlights:

State of the Cybersecurity Industry

• • Third-party attacks spike as attackers target software connections | Cybersecurity Dive
  • Why Channel Partners are Critical for Cybersecurity - Infosecurity Magazine
  • Cybersecurity vendors are themselves under attack by hackers, SentinelOne says | CyberScoop
  • Transparency in Cybersecurity: The Importance of Accurate Vulnerability Disclosures - Cyber Defense Magazine 

The Evolving Role of the CISO

• • The Evolving Role Of The CISO
  • CISOs are burned out – now they face personal liability too - Raconteur
  • SEC’s Case Against SolarWinds’ CISO Establishes That Top Security Executives May Face Personal Liability for Cyberattacks - O'Melveny

Modernisation and the Shifting Threat Landscape

• • Why the cloud is the new rainmaker for cybersecurity | World Economic Forum How SaaS Is Redefining Cybersecurity
  • Using Software as a Service (SaaS) securely - NCSC.GOV.UK
  • Why Zero Trust architecture is superior to traditional security models | CIO
  • Zero Trust Architecture: The Unapologetic Approach To Cybersecurity In A Digital Jungle
  • Zero Trust Architecture – NIST | Zero Trust: Is it right for me? - NCSC Global Cybersecurity Outlook 2025 | World Economic Forum.
  • Digital trust: Why it matters for businesses | McKinsey

Pacific Rim: A Case Study in Active Defense

• • Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED
  • The ‘Pacific Rim’ Campaign: Corporate Norm Entrepreneurship and Active Cyber Defense | Lawfare
  • Sophos' Pacific Rim: Defense Against Nation-State Adversaries | Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns – Sophos News
  • From the frontlines: Our CISO’s view of Pacific Rim – Sophos News
  • Pacific Rim: What’s it to you? – Sophos News | Pacific Rim: Inside the Counter-Offensive – The TTPs Used to Neutralize China-Based Threats – Sophos News 

Bug Bounties and Offensive Innovation

• • Bug Bounty: Sophos - Bugcrowd
  • How China’s Cyber Ecosystem Feeds Off Its Superstar Hackers | Lawfare
  • From Vegas to Chengdu: Hacking Contests, Bug Bounties, and China’s Offensive Cyber Ecosystem – Center for Security Studies | ETH Zurich
  • How China Demands Tech Firms Reveal Hackable Flaws in Their Products | WIRED
  • Vulnerability laws create ‘bug bounties with Chinese characteristics’
  • Ransomware Gangs Seek Pen Testers to Boost Quality | Ransomware gangs shifting tactics to evade enterprise defenses | Cybersecurity Dive

Additional Resources and Context

• Adobe hack: At least 38 million accounts breached - BBC News
• The Cybersecurity Burnout Crisis Is Reaching The Breaking Point
• Conficker Worm Targets Microsoft Windows Systems | CISA | After 12 Years, Malware’s puzzling Nuisance Worm Conficker Refuses To Die
• Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish • The Register
• SQL Injection | OWASP Foundation
• Introduction Active Cyber Defence - NCSC.GOV.UK
• What is secure access service edge (SASE)?
• Security Think Tank: Know strengths and weaknesses of UTM systems | Computer Weekly

Subscribe & Follow:

• Subscribe to the podcast on Apple Podcasts, Spotify, or your favorite podcast platform.
• Follow us on Twitter, Facebook, and LinkedIn for updates.

Contact:

• Have questions or comments? Email us at cyberleaderspodcast@sans.org