June 27, 2024 at 01:20PM
At Black Hat USA 2024, Jason Healey will present “Is Defense Winning?” examining the perpetual struggle between cybersecurity defenders and attackers. He emphasizes the need for measurable indicators to gauge defensive progress, suggesting changes akin to climate change metrics. He advocates leveraging systemic changes and existing reports to establish defensibility metrics and inspire measurable improvements.
Based on the meeting notes, the key takeaways are:
1. Defenders are constantly playing catch-up with cybercriminals, and the session at Black Hat USA 2024 will focus on the question, “Is Defense Winning?”
2. Jason Healey, a senior research scholar at Columbia University, emphasizes that defense hasn’t notably improved relative to offense despite significant investments and milestones in cybersecurity strategy.
3. Healey suggests the need for measurable indicators to determine if defense is gaining relative advantages over attack and introduces key indicators to assess this shift.
4. He proposes the concept of defensibility and leverage in the National Cybersecurity Strategy and emphasizes the importance of systemic changes over individual actions in affecting change for defenders.
5. Healey addresses the challenge of measuring success in cyber defense and proposes several indicators to gauge progress, including the ability of threat actors to adapt their tactics.
6. He calls for the cybersecurity community to leverage existing reports to establish defensibility metrics and aims to inspire measurable improvements by setting tangible goals for defense.
7. He seeks to equip defenders with the tools they need to shift the balance in their favor and challenges attendees to reflect on their collective impact.
These takeaways reflect the key points discussed in the meeting notes and can serve as a basis for further action or follow-up.