What Listening to My Father Taught Me About Cybersecurity

November 12, 2024 at 11:09AM The commentary emphasizes the importance of discerning which advice to follow in cybersecurity. It offers guidelines for evaluating advice, including assessing its impact, required action, practicality, strategic fit, potential detractors, and the credibility of the source. Achieving balance in decision-making is crucial for productivity in the field. ### Meeting Takeaways … Read more

What Today’s SOC Teams Can Learn From Baseball

October 22, 2024 at 10:02AM Developing a professional athlete and a cybersecurity professional shares more similarities than one might think, highlighting the parallels in training, skill development, and the pursuit of excellence in both fields. ### Meeting Takeaways: 1. **Similar Development Strategies**: Developing skills in professional athletes shares parallels with training in cybersecurity professionals. 2. … Read more

How Law Enforcement’s Ransomware Strategies Are Evolving

September 11, 2024 at 10:04AM In the past year, successful takedowns of major ransomware groups like LockBit have signaled a shift in the balance of power, achieved through innovative law enforcement strategies. Operation Cronos, involving 10 countries, seized servers, froze cryptocurrency accounts, and made key arrests. Law enforcement has disrupted the reputation and operations of … Read more

Ease the Burden with AI-Driven Threat Intelligence Reporting

June 24, 2024 at 07:30AM Cybersixgill’s threat experts highlight critical threats and the challenges faced by cybersecurity professionals in managing increasing workloads amidst limited budgets, inadequate staffing, and growing attack surfaces. The shortage of skilled professionals and the time-consuming nature of producing reports are major obstacles. Cybersixgill’s IQ Report Generator offers a solution, providing rapid, … Read more

What’s the Future Path for CISOs?

May 7, 2024 at 04:39PM The CISO role is changing, with many aspiring to become CIOs or CTOs. Renee Guttmann-Stark mentors such transitions, though she herself prefers focusing on cybersecurity. Some CISOs, like Jamil Farschi of Equifax, are moving into CTO roles. Challenges persist, including job vacancies and handling relentless cyber attacks. The rise of … Read more

What’s the Future Path for CISOs?

May 7, 2024 at 04:24PM Renee Guttmann-Stark, a former CISO, acknowledges the trend of CISOs transitioning to CTO roles, citing examples like Jamil Farschi’s promotion. Challenges facing CISOs include job vacancies, insurance issues, and tool procurement. Guttmann-Stark advocates for AI deployment in automating tasks. She also emphasizes the importance of CISOs gaining proficiency in AI … Read more

4 Security Tips From PCI DSS 4.0 Anyone Can Use

March 11, 2024 at 04:36PM Compliance is crucial for security professionals, with many standards evolving to resemble security best practices. PCI DSS 4.0, applicable to all businesses accepting credit card payments, introduces new requirements such as preventing malicious scripts, enhancing network security controls, securing systems and software, and ensuring robust logging and monitoring. These updates … Read more

7 Lessons Learned From Designing a DEF CON CTF

January 11, 2024 at 09:19AM Capture the Flag (CTF) events offer an engaging and educational platform for cybersecurity professionals to enhance their hacking skills and gain practical knowledge. CTF design requires careful consideration of technical challenges, operational complexity, and the need for engaging storytelling. Lessons learned include the importance of software development approaches, operational rigor, … Read more

Black Hat Europe 2023 Closes on Record-Breaking Event in London

December 20, 2023 at 04:59PM Black Hat Europe 2023, held in London from December 4 to 7, saw over 3,600 attendees from 118 countries. The event showcased the latest in information security through 40 Briefings, four days of technical Trainings, 50 Sponsored Sessions, and 54 in-person tool demos. Top sponsors included Axonius, Bionic, KnowBe4, and … Read more

Humans Are Notoriously Bad at Assessing Risk

November 22, 2023 at 07:12AM Risk assessment can be subjective and biased due to human emotions, which can lead to an inaccurate representation of reality and a weaker security posture. To remove subjectivity, security professionals should follow seven steps: identify critical resources and data, understand potential financial impact, enumerate relevant threats, map risks to resources, … Read more