Being a CISO these days isn’t easy. The threats are dynamic, the technology hype bewildering, and the expectations from the boss to magically “just make the problem go away” unrelenting. One way to help get a grip on this mess is to adopt industry accepted frameworks...
When you think threat hunting, what comes to mind? For most enterprise security staff, the answer is “Hmmm, not sure if that’s for me”. It’s true that threat hunting is a bit daunting: What goals am I going to achieve? What will I do if I actually find an adversary? Do I have the skills […]
What’s the biggest lesson from the SolarWinds fiasco? Just focusing security defenses on the most common means of penetrating an organization doesn’t cut it.