Congrats - you’re the new CISO…now what
Before you buy that new shiny product, throw that old one in the trash, hire that whiz kid dressed in black, or change that process, you need foundational visibility into your security posture regarding what’s working and what’s not....
Before you buy another cybersecurity buzzword
Your security posture should not be based on assumptions. It should be based on empiric evidence. That empiric evidence can be derived by validating your controls with security instrumentation solutions. You may very well discover...
What some cybersecurity vendors don’t want you to know
When evaluating security products, you might be doing it wrong if you’re not incorporating assurance testing.
What football teaches us about cybersecurity
You wouldn’t expect your football team, that never practices, to win the Super Bowl but we expect our cybersecurity professionals win every day.
Inadequate intelligence integration
Threat intelligence can add value to your security posture but it usually doesn’t.
SIEMs sometimes suck
By leveraging these capabilities your SIEM rules won’t be based on “hope” but rather empiric evidence. You will be sure you are getting the right source data and preforming the relevant correlations necessary to trigger on real...
Defensive regression in cybersecurity
There has been a lot of talk lately about defensive regression in cybersecurity. But what exactly is defensive regression? It's not the regression that Sigmund Freud talks about, although there are plenty of folks that don't act like...
Man in the middle attacks on mobile apps
Man in the middle attacks (MiTM) are a popular method for hackers to get between a sender and a receiver. MiTM attacks, which are a form of session hijacking are not new. However, what might not be known is that mobile devices are...
Mobile app reversing and tampering
Mobile applications are, well, applications. And like any application they need to be protected. I’ve been blogging about attacks on mobile like mobile malware, mobile pharming and mobile phishing and I even wrote a blog on data...
Data at rest encryption for mobile devices
Data at rest encryption is about as far from a cutting-edge topic as one can get. But while encrypting inactive data that is stored digitally is regarded by most security professionals as a must have, as well as data in use and...
Mobile malware – same attacks – different pathogens
I’ve been blogging about mobile attacks and how they can be different than attacks on more traditional platforms. For example, I wrote about:
Mobile phishing – same attacks – different hooks
Mobile pharming – same attacks –...
Mobile pharming – same attacks – different seeds
I recently wrote a blog on mobile phishing titled: Mobile phishing – same attacks – different hooks. There was so much feedback that I’ve decided to a write a few more posts around mobile security differences. Since I’ve already...
Mobile phishing – same attacks – different hooks
I spent the last two weeks talking with CISOs, application developers, mobility experts and IoT thought leaders like SRI’s Dr. Ulf Lindqvist. One thing was for certain – mobile is receiving a lot of attention from the...
Mitigating insider threats - a technical perspective
Security practitioners must always think dynamically when it comes to trying to develop solutions to counter this threat. Implementing technology solutions at different levels and overlapping functions will best cast a tight-weave...
Federal agencies continue to be lost fighting cyber threats
It will be disappointing if the federal government doesn’t markedly improve its cyber security preparedness. While there has been a lot of attention drawn to hacking back the attackers, implementing cyber sanctions, and bolstering...
Identify the “who” in risk mitigation
Risk management strategies are designed for organizations seeking to improve their resilience in the face of a dynamic and ever-changing threat landscape. Knowing the “whos” will greatly assist organizations in developing unique...
Cyber threats and pharmaceuticals
We must evolve our security strategies with the threat environment and adapt to the dynamic nature of the threat actors themselves, how they operate, and devise our strategies accordingly.
Insider threat mitigation techniques worth considering
In today’s data rich threat landscape, it is no longer enough to just be able to detect anomalous behavior. It is, however, important to be able to detect those meaningful anomalies. Establishing an insider threat detection that...
Ransomware attacks force hospitals to stitch up networks
The lessons to be drawn from recent incidents is the need for hospitals to develop and implement a strong cyber resiliency plan that incorporates incident response as well recovery operations from such attacks. The threat of...
Mitigating insider threats from a people perspective
Mitigating insider threats is an ongoing effort that requires a holistic approach that encompasses technological as well as human solutions. Additionally, organizational and situational factors can help mitigate the threat posed by...
