Worldwide Threat Assessment
Discover why the U.S. needs a ‘New Manhattan Project’ for cybersecurity. Learn about rising threats from global adversaries and the urgent call for action.
Marauding Through the Shadows
As we have been trying to point out this and last week, the cloud as an opportunity gateway for cybercrime and broad vulnerability exploit places it squarely in the first place as human error targets – folks who use the cloud in private contexts (with data and credit cards) continually, while unwittingly raise the stakes […]
A Cybersecurity Marketing Leader with Emotional Authenticity
Amid economic uncertainty, now is the time to invest in cybersecurity marketing. Learn why emotional connections are key and how to spot an authentic CMO.
Are you Mentally Tough? Part 2
Mental Toughness is a Key Factor in Cyberattack Resilience. Introduction In cyberwarfare, as in any conventional combat, the primary target is the mind of your adversary. The competitor having the mental strength and agility to break the will of their opponent is victorious. For this reason, strengthening the mental toughness of an organization, both as […]
Are you Mentally Tough? Part 1
Mental Toughness is a Key Factor in Cyberattack Resilience. Introduction In cyberwarfare, as in any conventional combat, the primary target is the mind of your adversary. The competitor having the mental strength and agility to break the will of their opponent is victorious. For this reason, strengthening the mental toughness of an organization, both as […]
A Clear Present Danger
The Worldwide Threat Assessment from the U.S. Intelligence Community is a document published each year, which itemizes the significant threats to the U.S. and its allies. This year’s report claims that China and Russia pose the greatest espionage and cyberattack threats to the U.S. but also warned that other adversaries and strategic competitors like Iran […]
InfoSec’s Maturity Problem
Reflecting on my recent pilgrimage to RSA Conference, and conversations with CISO and vendor peers and friends, two overarching conclusions are that hot themes emerge that cluster all solutions – as well as VC investments in these – together in what appears to be ‘the CISO’s new priority area’ (1) while further adding complexity, and […]
Gartner Research: Cybersecurity Leaders Losing Control in a Distributed Ecosystem
The data points contained in this research report are strong co-indicators of trends in cybersecurity that argue for increased, enterprise wide education and training. But, they don’t argue for traditional approaches to education and training as these trends developed in spite of programs that tried to create a culture of security consciousness throughout the enterprise […]
Using the OODA Loop to Improve Decision Making in the Uncertain Cyberwar Environment: Part 2
This week, we are proud to present part 2 of a two-part thought leadership paper on the OODA Loop and how it may be successfully applied to cybersecurity. Cliff Kittle, a retired Marine Corps Captain who knows a thing or two about war-time decision making, does a great job of simplifying the ideas behind OODA […]
Using the OODA Loop to Improve Decision Making in the Uncertain Cyberwar Environment: Part 1
This week, we are proud to present part I of a two-part thought leadership paper on the OODA Loop and how it may be successfully applied to cybersecurity. Cliff Kittle, a retired Marine Corps Captain knows a thing or two about war-time decision making, does a great job of simplifying the ideas behind OODA and […]
Why We’re Losing the Cybersecurity Education Game
There is a broad gap between purposeful learning with personal development benefits and catalog-based eLearning programs. One approach can boost employee development and create a culture of learning and critical thinking while the other actually stifles employee development in the name of education. We face critical skills shortages across the board, but perhaps nowhere is […]
Rational Marketing in Cybersecurity
Intro An interesting piece by James Bone for which we are, as always grateful – James has an active mind and is constantly trying to satisfy his intellectual curiosity – the key takeaway for marketers from the dilemma of choice faced by their prospect personas from my point of view is an invitation to add […]
Surviving a Flooded Cybersecurity Market With Product Anchoring
When I started marketing cybersecurity products there were 2,000 different vendors in the space. I was seated across from the CEO and general manager of the world’s largest cybersecurity intelligence and education company: Information Security Media Group (ISMG), the sister company of CyberTheory. I didn’t know it at the time, but this meeting would change […]
The Importance of Marketing Cybersecurity on LinkedIn And Other Social Mediums
Several years back, LinkedIn asked me to pen a blog on the perspectives of using social media and an outreach medium as a security practitioner. The blog was titled, “Why LinkedIn is an Indispensable Medium for Security Professionals,” and it garnered much attention. The theme of my writing was that LinkedIn had become part of […]
Digital Blood On Their Hands
On Thursday 24 February 2022, coincidently, the same day of my sister’s birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of cyberwar attacks on critical digital […]
New Year, New Beginnings
The Beginnings of 2022 Are Off to a Predictable Start Our first quarter data suggests a continuation of the most profitable and workable cyberattack schemes from the prior four quarters with some newly active approaches and mini-markets (for now) to keep the pressure on our defenses. Crypto Markets We have seen crypto hacking surge this […]
Wargaming: The Cyber Mind Sport
In the world of cybersecurity, the term “cyberwarfare” is casually thrown around, often with a significant lack of understanding regarding how to prepare for and respond to an event in a manner that enables the organization to seize control from the cyber adversary. “The able commander is active rather than reactive, takes the offense and […]
Cybersecurity Management: Where to Start?
It’s Not Just Cybersecurity Management Two takeaways from an explosion of cybersecurity chaos are: If someone just dropped in from Mars, they might wonder why we spend so much on technology and spend virtually nothing on the base causes of attacks? My experience in Managed Security Services says that most companies today lack any sort […]
Human-Centered Cybersecurity Part 2: Zero Trust
There is a saying in cybersecurity that the human element is the greatest vulnerability, but that statement does not provide context for the scope of the opportunity to leverage the human element to mitigate cyber risk. Information security officers have begun to adopt the language of risk management in response to the growing threat. One […]
Human-Centered Cybersecurity Part 1: Cyber Paradox
To say that cybersecurity has gotten confusing and complicated is an understatement, yet many of the debates about information security have been ongoing for more than 30 years. Many of the debates have centered around semantics, education, compliance, security posture & practice, risk management and technology. Technology and compliance have advanced more rapidly than the […]
Your Business Partner, Cybersecurity
Fourth Revolution: Revenue Source? All of the big breaches over the last few years have had three things in common. Home Depot, Yahoo, Target, Adobe and even Equifax had good technologies in place, smart people and responsive processes yet all suffered extensive breaches worth tens and hundreds of millions of dollars. In the case of […]
The Zero Trust Dictionary
Because there has been so much word salad thrown about these days around Zero Trust, John Kindervag was kind enough to put a rough cut behind his Zero Trust creation, so as we move toward a strategy, we have a better chance of success if we know what we are talking about and agree to […]
Implementing The OODA Loop in Cyber Warfare
Synergy is defined as the interaction or cooperation of two or more organizations, substances or other agents to produce a combined effort greater than the sum of their separate effects. Combined arms is the integration of complementary weapons in a manner that creates a synergistic effect and places an opponent in an inescapable, hopeless situation, […]
Zeroing In On The Zero Trust Model Via Simulation Platforms
A concept receiving much attention lately in public policy circles is Zero Trust. John Kindervag, the Father of Zero Trust, has been getting a lot of speaking engagements suddenly. And for a good reason. Risk Management – or what John refers to call “Danger Management” as ZT and the objects of its attention are only […]
Myths Within The Chronicles of Cybersecurity
IT to OT And IIoT Chronicles Get ready for a major shift in the world of state-sponsored cyberattacks. As we witness the shifting underpinnings of power throughout the East and soon to be the Middle East, these future cyberattacks will be focused on cyber physical attacks. Going back to Colonial and JBS Foods as probative […]
Playing Cowboys in a Cybersecurity Warzone
The Information Theater In the context of cybersecurity, we are not talking about information warfare per-se, or even intelligence about threats, though it plays a factor. What is typically meant by information in our context, conjures up the recent Russian meddling and Asian psycho-warfare, and is certainly not new. Threat intelligence has been around a […]
Disadvantages With Technology in Cybersecurity
Technology is Great, But it Ain’t The Answer The first major technologies were tied to survival, hunting, and food preparation. In 2.5 million years, nothing has changed. The thesis for cybersecurity is simple: We have too much, it’s the wrong kind, and it does us little good. I know I just made about 4,500 enemies. […]
Cyberwar in Ukraine: Using Insecure Websites to Take Control
On the evening of Thursday, 13 January, cyberattacks were launched against Ukraine government via their website, En-masse. The cyberattacks were termed and considered as cyberwarfare. They were suspected of coming from Russia whilst discussions between the two countries and NATO took place. Russian forces continued increasing and building their forces on the border of the […]
Is There Really a Way to Reverse the Momentum in Cybersecurity?
We are all aware of the many threats plaguing our cybersecurity defense apparatus with new ones emerging almost daily. Why we got here is more interesting than how we got here, but focusing on reversing the course and slowing momentum in the how reveals the lowest hanging fruit and the way we can get out […]
What’s Missing in Cybersecurity Education
Unlock cybersecurity mastery with CyberEd.io. From certification prep to expert-led courses, we’re your one-stop solution to close the skills gap.