Coffee & Conversation with Rich Baich

May 16, 2023 9:00 AM to 9:45 AM

On Tuesday, May 16, 2023, INSA hosted Rich Baich, CISO at CIA for a virtual Coffee and Conversation with INSA President Suzanne Wilson Heckenberg. Mr. Baich kicked off the conversation with his professional career as an Information Warfare Officer in the US Navy for NSA and has a plethora of experience serving in CISO roles in the private industry, most recently at AIG. The discussion emphasized the importance of having both private and public sector expertise, setting the stage for an insightful exploration of cybersecurity challenges and strategies.


In the discussion, Mr. Baich highlighted the significance of strategic planning, collaboration, and continuous learning in addressing cybersecurity challenges. He emphasized the integral role of partnerships in the cybersecurity landscape, stressing the need for enhanced cooperation between the private sector and government to effectively fight cyber threats. Mr. Baich expressed his aspiration for private companies to embrace the methods employed by the CIA, reinforcing the agency's commitment to shaping industry standards and positively influencing the private sector.

The discussion further explored the impact of the executive order limiting the use of commercial spyware. Mr. Baich noted that the CIA remains adaptable without losing sight of the mission. Employing a metaphorical perspective, he drew parallels between cyber defense and sports, emphasizing the proactive nature of cybersecurity as an effective strategy. Additionally, the government's role in supporting individuals targeted by ransomware attacks was discussed, with Mr. Baich stressing the importance of individual responsibility and adherence to cybersecurity guidelines provided by the NSA.

In closing, the emphasis on partnerships, adoption of best practices, and proactive defense measures highlighted the collective approach required to mitigate cyber threats successfully. It was noted that continuous collaboration, knowledge sharing, and individual responsibility are key factors in safeguarding against evolving cyber risks.