Category: Cyber Security

Cyber Security

Threat Hunting – the Beginner’s Guide

If you ask a security professional ‘what is threat hunting?’ you are guaranteed to get a wide range of answers, including: “Responding to AI-generated security alerts” “A new term for incident response” “Looking at the dark web to see if anyone is going to attack us” In fact, threat hunting is none of these things – although …

Cyber Security

What’s in a Name? The Unspoken Arms Race of the Cyber Security Industry

The 2016 US Government report detailing Russian malicious cyber activity named 40 separate Russian state-aligned cyber threats, drawn from security vendor marketing and research. Indeed, the advisory came with its own monicker ‘Grizzly Steppe’, bringing the names involved to 41 (plus suspected civilian groups). Despite this apparent proliferation, Russian state-aligned cyber activity is suspected to …

Cyber Security

From Breach to Bankruptcy – How the Terminal Impact of Cyber Attacks is Accelerating

The time it takes for firms to go out of business due to cyber attack is decreasing. In 2000 it took  ten years, in 2017 it took just eight months. In fact, since 2010 the cyber attack ‘time to Terminal Impact’ (bankruptcy) has pretty much halved every two years in a twisted inversion of Moore’s …

Cyber Security

5 reasons why innovative security teams are creating genuine return for the business

Is it ever possible for security to be more than just an insurance policy? Every so often a security firm will have a go at trying to change perceptions – to convince its C-level target market that security can actually be more than just a cost-centre. For security to actually be an enabler – and …

Cyber Security

Why is the Cyber Security Industry Addicted to Marketing?

cyber marketing spend

The world’s largest cyber security firms spent startling amounts on sales and marketing last year, allocating 41% of revenue to their commercial activities. Indeed, some companies exceeded 50% and even 60%. When compared against other B2B tech firms such as Cisco, (19%) or Microsoft (17%), it’s clear that the cyber security industry is somewhat different …

Cyber Security

White House ‘Cost of Cyber Report’ is misleading

Peter Cohen blog about the white house cyber security

Has the White House has got it wrong with its ‘Cost of Malicious Cyber Activity to the US Economy’ report? It estimates damages of up to $109 billion per year – which is a nice media-friendly figure, but anyone actually reading the report is likely to dismiss it because the way in which these damages …

Cyber Security

Cyber-Security Predictions for 2018

My 2017 in cyber; 12 months in detection and response, and predictions for 2018. Supply Chain Attacks The big trend of 2017 was supply chain attacks. Your attack surface extends out beyond your firewall, and compromising your key suppliers, partners, even customers represents a trusted route straight into your organisation and we saw exponential growth …

Cyber Security

APT1 – What Happened Next?

This is a story of global geopolitics, economics, and of nation-state sponsored cyber-attacks where the targets – then world leading firms – went out of business faster than the average tenure of a CEO. This is the story of APT1, three years on. Who were APT1? For those unfamiliar, APT1 (Advanced Persistent Threat) were a …

Cyber Security

Why the Security Industry Needs to Let Go of GDPR

The cyber security industry has always been a hotbed of misinformation and falsehoods and it’s time to lift the lid on another of these – the incoming GDPR data protection legislation, coming into force in May 2018. As an industry we have been selective to the point of deceit with referencing GDPR, clamouring ‘if you …

Cyber Security

Cyber Security in Plain English

It’s no secret that the infosecurity industry has a love affair with acronyms. EDR, MSSP, IDS, SIEM, AV – these are our ‘solution’ acronyms, with CNA and CNE our advanced attack ‘problem to be solved.’ But what exactly do they all mean? Is it time to decipher the acronyms and eliminate Geek Speak so everyone …