Taylor Grossman
@tgrossman.bsky.social
Director for Digital Security @istorg.bsky.social | Editor @bindinghook.bsky.social 🚀 | Stanford & Oxford alum | often hiding in ⛰️
Pinned
Taylor Grossman
@tgrossman.bsky.social
· Dec 13
🎄It’s the most wonderful time of the year… to catch up on your cyber fiction reading. 📚 @alexandrapaulus.bsky.social has collected recommendations from cybersecurity experts for books to broaden your understanding of technological potential. bindinghook.com/articles-boo...
It’s the most wonderful time of the year… to catch up on your cyber fiction
Want to take a break from reading about AI, cybersecurity, and digital surveillance for work and instead do it for fun over the holidays? We’ve got you covered
bindinghook.com
I had such a great time contributing to this roundup - many thanks to @alexandrapaulus.bsky.social for the idea and invite and to my fellow contributors for their incredible recs! Looking forward to some wonderful winter reading 🤓❄️
Reposted by Taylor Grossman
#ICYMI: @megans.bsky.social from @istorg.bsky.social delivered her keynote at #CyberNextDC, focused on what the future of cyber policy should look like through the lens of the Ransomware Task Force (RTF).
Hear her full remarks below:
www.youtube.com/watch?v=AXaH...
Hear her full remarks below:
www.youtube.com/watch?v=AXaH...
Megan Stifel: What Cyber Policy Needs Next Through the Looking Glass of the Ransomware Task Force
YouTube video by Center for Cybersecurity Policy and Law
www.youtube.com
October 28, 2025 at 2:44 PM
#ICYMI: @megans.bsky.social from @istorg.bsky.social delivered her keynote at #CyberNextDC, focused on what the future of cyber policy should look like through the lens of the Ransomware Task Force (RTF).
Hear her full remarks below:
www.youtube.com/watch?v=AXaH...
Hear her full remarks below:
www.youtube.com/watch?v=AXaH...
Reposted by Taylor Grossman
Researchers at NYU released a paper claiming to have created a prototype of ransomware orchestrated by AI. How can security experts protect against this next wave of digital attacks? With “‘boring’ cyber hygiene practices,” IST's @tgrossman.bsky.social told @csoonline.bsky.social.
🛡️ Read more:
🛡️ Read more:
AI powered autonomous ransomware campaigns are coming, say experts
CISOs told the best defense is ‘boring cyber hygiene practices.’
www.csoonline.com
September 22, 2025 at 7:53 PM
Researchers at NYU released a paper claiming to have created a prototype of ransomware orchestrated by AI. How can security experts protect against this next wave of digital attacks? With “‘boring’ cyber hygiene practices,” IST's @tgrossman.bsky.social told @csoonline.bsky.social.
🛡️ Read more:
🛡️ Read more:
Reposted by Taylor Grossman
🚨NEW from IST: With Europol, IST & the #RansomwareTaskForce’s International Engagement Working Group executed Exercise VEIL STORM I, a tabletop exploring how operational collaboration can mitigate cyber incidents. Today’s after-action report summarizes proceedings & key takeaways.
🛡️ Read the report:
🛡️ Read the report:
Exercise VEIL STORM I: After Action Report
In partnership with Europol, the Institute for Security and Technology and the Ransomware Task Force’s International Engagement Working Group designed and delivered Exercise VEIL STORM I, a tabletop e...
securityandtechnology.org
July 23, 2025 at 4:56 PM
🚨NEW from IST: With Europol, IST & the #RansomwareTaskForce’s International Engagement Working Group executed Exercise VEIL STORM I, a tabletop exploring how operational collaboration can mitigate cyber incidents. Today’s after-action report summarizes proceedings & key takeaways.
🛡️ Read the report:
🛡️ Read the report:
Reposted by Taylor Grossman
In June, IST's @michaelfklein.bsky.social spoke on a @cltcberkeley.bsky.social #CyberCivilDefense Summit panel addressing regional cyber resilience. @tgrossman.bsky.social reflects on the conversation, which highlighted pathways for improving state & local cybersecurity.
🖋️ From the #NatSpecs blog:
🖋️ From the #NatSpecs blog:
Without Washington? IST’s Michael Klein joins Panel at CLTC’s Cyber Civil Defense Summit to highlight mechanisms for bolstering state and local cyber resilience
In June, IST Senior Director Michael Klein spoke on a panel at UC Berkeley’s Center for Long Term Cybersecurity #CyberCivilDefense Summit addressing shared responsibility of regional cyber resilience....
securityandtechnology.org
July 2, 2025 at 7:44 PM
In June, IST's @michaelfklein.bsky.social spoke on a @cltcberkeley.bsky.social #CyberCivilDefense Summit panel addressing regional cyber resilience. @tgrossman.bsky.social reflects on the conversation, which highlighted pathways for improving state & local cybersecurity.
🖋️ From the #NatSpecs blog:
🖋️ From the #NatSpecs blog:
Reposted by Taylor Grossman
Read an excerpt from Aleksandar Milenkoski, Jiro Minier, @julianferdinand.bsky.social, @maxwsmeets.bsky.social, and @tgrossman.bsky.social’s new report on state use of #ransomware, looking at Iran, North Korea, Russia, and China, on Binding Hook: bindinghook.com/articles-hoo...
State-backed ransomware at the intersection of espionage, sabotage, and cybercrime
The governments of Russia, China, Iran, and North Korea use ransomware for diverse ends.
bindinghook.com
May 6, 2025 at 8:03 AM
Read an excerpt from Aleksandar Milenkoski, Jiro Minier, @julianferdinand.bsky.social, @maxwsmeets.bsky.social, and @tgrossman.bsky.social’s new report on state use of #ransomware, looking at Iran, North Korea, Russia, and China, on Binding Hook: bindinghook.com/articles-hoo...
Reposted by Taylor Grossman
The 3rd report in the #PharosSeries, co-authored by IST’s @tgrossman.bsky.social, conducts a comparative analysis of #ransomware used by groups linked to Russia, China, North Korea, and Iran: "states are not building ransomware operations entirely from scratch.”
🛡️ Read the report: bit.ly/4389ajD
🛡️ Read the report: bit.ly/4389ajD
Pharos Report No. 3: Ransomware’s New Masters: How States Are Hijacking Cybercrime - Virtual Routes
The third report in the Pharos Series, Ransomware’s New Masters: How States Are Hijacking Cybercrime is authored by Aleksandar Milenkoski, Jiro Minier, Julian-Ferdinand Vögele, Max Smeets, and Taylor ...
virtual-routes.org
May 9, 2025 at 5:15 PM
The 3rd report in the #PharosSeries, co-authored by IST’s @tgrossman.bsky.social, conducts a comparative analysis of #ransomware used by groups linked to Russia, China, North Korea, and Iran: "states are not building ransomware operations entirely from scratch.”
🛡️ Read the report: bit.ly/4389ajD
🛡️ Read the report: bit.ly/4389ajD
Reposted by Taylor Grossman
Incredible research on developments in nation state ransomware from @maxwsmeets.bsky.social, @milenkowski.bsky.social, @tgrossman.bsky.social, my good friend and colleague @julianferdinand.bsky.social and Jiro Minier.
virtual-routes.org
April 27, 2025 at 2:24 PM
Incredible research on developments in nation state ransomware from @maxwsmeets.bsky.social, @milenkowski.bsky.social, @tgrossman.bsky.social, my good friend and colleague @julianferdinand.bsky.social and Jiro Minier.
Reposted by Taylor Grossman
Banger of a report from @milenkowski.bsky.social, Jiro Minier, @julianferdinand.bsky.social, @maxwsmeets.bsky.social, and @tgrossman.bsky.social
virtual-routes.org/pharos-repor...
virtual-routes.org/pharos-repor...
Pharos Report No. 3: Ransomware’s New Masters: How States Are Hijacking Cybercrime - Virtual Routes
The third report in the Pharos Series, Ransomware’s New Masters: How States Are Hijacking Cybercrime is authored by Aleksandar Milenkoski, Jiro Minier, Julian-Ferdinand Vögele, Max Smeets, and Taylor ...
virtual-routes.org
April 23, 2025 at 5:00 PM
Banger of a report from @milenkowski.bsky.social, Jiro Minier, @julianferdinand.bsky.social, @maxwsmeets.bsky.social, and @tgrossman.bsky.social
virtual-routes.org/pharos-repor...
virtual-routes.org/pharos-repor...
Reposted by Taylor Grossman
Published a new Pharos report today - and learned a lot in the process from @milenkowski.bsky.social Jiro, @julianferdinand.bsky.social @tgrossman.bsky.social. The report takes a closer look at how states are using ransomware.
virtual-routes.org/wp-content/u...
virtual-routes.org/wp-content/u...
April 23, 2025 at 8:19 PM
Published a new Pharos report today - and learned a lot in the process from @milenkowski.bsky.social Jiro, @julianferdinand.bsky.social @tgrossman.bsky.social. The report takes a closer look at how states are using ransomware.
virtual-routes.org/wp-content/u...
virtual-routes.org/wp-content/u...
Reposted by Taylor Grossman
Senator Cory Booker spoke in an all-night session on the Senate floor early Tuesday, in an effort to seize the national spotlight and criticize the Trump administration's policies for Social Security, education and health care. He was still speaking in the predawn hours.
Cory Booker Slams Trump’s Policies in Marathon Senate Floor Speech
The New Jersey senator criticized the president’s plans for Social Security, education and health care, saying the “nation is in crisis.” He was still speaking in the predawn hours.
www.nytimes.com
April 1, 2025 at 10:11 AM
Senator Cory Booker spoke in an all-night session on the Senate floor early Tuesday, in an effort to seize the national spotlight and criticize the Trump administration's policies for Social Security, education and health care. He was still speaking in the predawn hours.
Reposted by Taylor Grossman
Please call your own Senators and request they join Cory Booker in this filibuster. He says he'll go into the morning and as far into the afternoon as he can, so anyone we can force into showing some moral courage can jump in when he's exhausted.
Find their direct number here…
Find their direct number here…
U.S. Senate: Contacting U.S. Senators
www.senate.gov
April 1, 2025 at 6:13 AM
Please call your own Senators and request they join Cory Booker in this filibuster. He says he'll go into the morning and as far into the afternoon as he can, so anyone we can force into showing some moral courage can jump in when he's exhausted.
Find their direct number here…
Find their direct number here…
Reposted by Taylor Grossman
We're hosting a panel event at RUSI at 0900 on 3 April to discuss the UK government's ongoing consultation on ransomware legislation. I'll be joined by:
@alexmartin.bsky.social
@kathrynwestmore.bsky.social
Verona Hulse-Johnstone (NCC Group)
Edward Lewis, CyXcel
my.rusi.org/events/asses...
@alexmartin.bsky.social
@kathrynwestmore.bsky.social
Verona Hulse-Johnstone (NCC Group)
Edward Lewis, CyXcel
my.rusi.org/events/asses...
Assessing UK Ransomware Policy
Join an expert panel to discuss the UK government’s approach to ransomware.
my.rusi.org
March 17, 2025 at 9:00 AM
We're hosting a panel event at RUSI at 0900 on 3 April to discuss the UK government's ongoing consultation on ransomware legislation. I'll be joined by:
@alexmartin.bsky.social
@kathrynwestmore.bsky.social
Verona Hulse-Johnstone (NCC Group)
Edward Lewis, CyXcel
my.rusi.org/events/asses...
@alexmartin.bsky.social
@kathrynwestmore.bsky.social
Verona Hulse-Johnstone (NCC Group)
Edward Lewis, CyXcel
my.rusi.org/events/asses...
Reposted by Taylor Grossman
In a new paper with @joedevanny.bsky.social for @lawfare.bsky.social, we use the "Pacific Rim" campaign by @sophossecurity.bsky.social as an opportunity to further the understanding of norms of responsible behavior in cyberspace and counter-cyber operations (CCO)/active cyber defense (ACD).
🧵/5
🧵/5
Sophos, a developer of endpoint protection software, recently disclosed its active cyber defense campaign, Pacific Rim. Michael Genkin and @joedevanny.bsky.social explore why the campaign was effective and what lessons it has for responding to threat actors in the future.
The ‘Pacific Rim’ Campaign: Corporate Norm Entrepreneurship and Active Cyber Defense
Sophos’s account of its recent active cyber defense campaign can help shape norms of “responsible behavior” in cyberspace.
www.lawfaremedia.org
March 18, 2025 at 3:57 PM
In a new paper with @joedevanny.bsky.social for @lawfare.bsky.social, we use the "Pacific Rim" campaign by @sophossecurity.bsky.social as an opportunity to further the understanding of norms of responsible behavior in cyberspace and counter-cyber operations (CCO)/active cyber defense (ACD).
🧵/5
🧵/5
Reposted by Taylor Grossman
Since April 2021, IST’s #RansomwareTaskForce has investigated how to disrupt the infrastructure that ransomware groups rely on to receive payments. Trevaughn Smith presents new strategies for targeting the resourcing phase of the #ransomware ecosystem.
🖋️ From the #NatSpecs blog: bit.ly/4ilbMRx
🖋️ From the #NatSpecs blog: bit.ly/4ilbMRx
March 18, 2025 at 5:20 PM
Since April 2021, IST’s #RansomwareTaskForce has investigated how to disrupt the infrastructure that ransomware groups rely on to receive payments. Trevaughn Smith presents new strategies for targeting the resourcing phase of the #ransomware ecosystem.
🖋️ From the #NatSpecs blog: bit.ly/4ilbMRx
🖋️ From the #NatSpecs blog: bit.ly/4ilbMRx
Reposted by Taylor Grossman
Congratulations to @therecordmedia.bsky.social for breaking a story so wild it broke the site. I mean that with all the love in the world. You folks rock.
February 28, 2025 at 8:59 PM
Congratulations to @therecordmedia.bsky.social for breaking a story so wild it broke the site. I mean that with all the love in the world. You folks rock.
Reposted by Taylor Grossman
🚨 NEW from IST: Following President Trump’s 2021 EO on deterring abuse of U.S. cloud services, the Commerce Dept. last January proposed a new rule requiring IaaS providers to ID foreign customers or begin info-sharing. While that rule remains pending, today, IST releases its report.
🔐 bit.ly/4hVsh6z
🔐 bit.ly/4hVsh6z
February 27, 2025 at 6:42 PM
🚨 NEW from IST: Following President Trump’s 2021 EO on deterring abuse of U.S. cloud services, the Commerce Dept. last January proposed a new rule requiring IaaS providers to ID foreign customers or begin info-sharing. While that rule remains pending, today, IST releases its report.
🔐 bit.ly/4hVsh6z
🔐 bit.ly/4hVsh6z
Reposted by Taylor Grossman
From policymakers to journalists to developers, the second annual Cyber Policy Awards™ nominees reflect the dedication, ingenuity, and acumen of the cyber policy community. At Thursday’s ceremony, cross-sector leaders announced recipients to a packed house.
🖋️ From the #NatSpecs blog: bit.ly/42KQ58q
🖋️ From the #NatSpecs blog: bit.ly/42KQ58q
February 7, 2025 at 10:26 PM
From policymakers to journalists to developers, the second annual Cyber Policy Awards™ nominees reflect the dedication, ingenuity, and acumen of the cyber policy community. At Thursday’s ceremony, cross-sector leaders announced recipients to a packed house.
🖋️ From the #NatSpecs blog: bit.ly/42KQ58q
🖋️ From the #NatSpecs blog: bit.ly/42KQ58q
I had such a great time contributing to this roundup - many thanks to @alexandrapaulus.bsky.social for the idea and invite and to my fellow contributors for their incredible recs! Looking forward to some wonderful winter reading 🤓❄️
🎄It’s the most wonderful time of the year… to catch up on your cyber fiction reading. 📚 @alexandrapaulus.bsky.social has collected recommendations from cybersecurity experts for books to broaden your understanding of technological potential. bindinghook.com/articles-boo...
It’s the most wonderful time of the year… to catch up on your cyber fiction
Want to take a break from reading about AI, cybersecurity, and digital surveillance for work and instead do it for fun over the holidays? We’ve got you covered
bindinghook.com
December 13, 2024 at 3:21 PM
I had such a great time contributing to this roundup - many thanks to @alexandrapaulus.bsky.social for the idea and invite and to my fellow contributors for their incredible recs! Looking forward to some wonderful winter reading 🤓❄️
Reposted by Taylor Grossman
Together with @munsecconf.bsky.social, we present the AI-Cybersecurity Essay Prize Competition. Submit your essay by January 2 to help shape Europe's future and be one of the winners. #Cybersecurity #AI Read more: bindinghook.com/ai-cybersecu...
The AI-Cybersecurity Essay Prize Competition - Binding hook
Terms & Conditions Review Board FAQ 1. Who is eligible to participate? The competition is open to experts in cybersecurity and AI from any part of the world. All submissions must be in English.We only...
bindinghook.com
November 19, 2024 at 12:04 PM
Together with @munsecconf.bsky.social, we present the AI-Cybersecurity Essay Prize Competition. Submit your essay by January 2 to help shape Europe's future and be one of the winners. #Cybersecurity #AI Read more: bindinghook.com/ai-cybersecu...
Reposted by Taylor Grossman
Quite a sobering read by @philipstephens.bsky.social
Trump “may not quit NATO, but his eagerness to do a deal with Putin promises to badly undermine it. The alliance has been the keystone of British security. Without NATO, one senior official confides, Britain does not have a defence policy.”
Trump “may not quit NATO, but his eagerness to do a deal with Putin promises to badly undermine it. The alliance has been the keystone of British security. Without NATO, one senior official confides, Britain does not have a defence policy.”
Britain’s national security demands more than a defence review
As the international order cracks, the nation’s capabilities must adjust to a new world
on.ft.com
November 22, 2024 at 10:34 PM
Quite a sobering read by @philipstephens.bsky.social
Trump “may not quit NATO, but his eagerness to do a deal with Putin promises to badly undermine it. The alliance has been the keystone of British security. Without NATO, one senior official confides, Britain does not have a defence policy.”
Trump “may not quit NATO, but his eagerness to do a deal with Putin promises to badly undermine it. The alliance has been the keystone of British security. Without NATO, one senior official confides, Britain does not have a defence policy.”
👋 finally back here - drop a line if you want to talk ransomware, incident response, cyber norms and IHL, deception in cyberspace, or your favorite fiction books of the year 📚
November 11, 2024 at 5:49 PM
👋 finally back here - drop a line if you want to talk ransomware, incident response, cyber norms and IHL, deception in cyberspace, or your favorite fiction books of the year 📚
Reposted by Taylor Grossman
Reading between the lies - a short pieces on limits of using leak site data to analyze ransomware trends
bindinghook.com/articles-bin...
bindinghook.com/articles-bin...
Reading between the lies: using leak sites to analyse ransomware trends
Leak site data is a tempting source for researchers, but it must be used cautiously. Selection biases, inaccuracy, and manipulation by ransomware groups all pose risks
bindinghook.com
November 1, 2024 at 8:43 AM
Reading between the lies - a short pieces on limits of using leak site data to analyze ransomware trends
bindinghook.com/articles-bin...
bindinghook.com/articles-bin...