Category: Cyber Security

Cyber Security

Saudi Aramco: What happens when the Blue Team wins at Cyber Security?

This is a story about the Blue Team winning. These stories are few and far between – not least because the red-team, the attackers, have long been seen as the glamour side of cyber security. But also, generally when the Blue Team wins, nothing happens. The business just keeps on going, doing what it does. …

Cyber Security

What a Difference a Breach Makes

What if there was a publicly available document that told you the relative importance that any given firm assigns to cyber security. Not just a passing nod, but genuine, top-down indication of board-level buy in. That you could just access online, for free. Could you even use it to predict the likelihood of one firm …

Cyber Security

Is Cyber Security Finally Growing Up?

Cyber security and industry maturity are two phrases rarely heard together. The vendor hall gimmicks, perennial vaporware and billion dollar valuations always draw a wry smile from seasoned InfoSec professionals. Despite all this, if we look closely there’s signs emerging that the industry may actually be starting to mature. The best – and perhaps only …

Cyber Security

Threat Hunting – the Beginner’s Guide

If you ask a security professional ‘what is threat hunting?’ you are guaranteed to get a wide range of answers, including: “Responding to AI-generated security alerts” “A new term for incident response” “Looking at the dark web to see if anyone is going to attack us” In fact, threat hunting is none of these things – although …

Cyber Security

What’s in a Name? The Unspoken Arms Race of the Cyber Security Industry

The 2016 US Government report detailing Russian malicious cyber activity named 40 separate Russian state-aligned cyber threats, drawn from security vendor marketing and research. Indeed, the advisory came with its own monicker ‘Grizzly Steppe’, bringing the names involved to 41 (plus suspected civilian groups). Despite this apparent proliferation, Russian state-aligned cyber activity is suspected to …

Cyber Security

From Breach to Bankruptcy – How the Terminal Impact of Cyber Attacks is Accelerating

The time it takes for firms to go out of business due to cyber attack is decreasing. In 2000 it took  ten years, in 2017 it took just eight months. In fact, since 2010 the cyber attack ‘time to Terminal Impact’ (bankruptcy) has pretty much halved every two years in a twisted inversion of Moore’s …

Cyber Security

5 reasons why innovative security teams are creating genuine return for the business

Is it ever possible for security to be more than just an insurance policy? Every so often a security firm will have a go at trying to change perceptions – to convince its C-level target market that security can actually be more than just a cost-centre. For security to actually be an enabler – and …

Cyber Security

Why is the Cyber Security Industry Addicted to Marketing?

cyber marketing spend

The world’s largest cyber security firms spent startling amounts on sales and marketing last year, allocating 41% of revenue to their commercial activities. Indeed, some companies exceeded 50% and even 60%. When compared against other B2B tech firms such as Cisco, (19%) or Microsoft (17%), it’s clear that the cyber security industry is somewhat different …

Cyber Security

White House ‘Cost of Cyber Report’ is misleading

Peter Cohen blog about the white house cyber security

Has the White House has got it wrong with its ‘Cost of Malicious Cyber Activity to the US Economy’ report? It estimates damages of up to $109 billion per year – which is a nice media-friendly figure, but anyone actually reading the report is likely to dismiss it because the way in which these damages …

Cyber Security

Cyber-Security Predictions for 2018

My 2017 in cyber; 12 months in detection and response, and predictions for 2018. Supply Chain Attacks The big trend of 2017 was supply chain attacks. Your attack surface extends out beyond your firewall, and compromising your key suppliers, partners, even customers represents a trusted route straight into your organisation and we saw exponential growth …