In the best-selling series of pop-economic books Freakonomics, a ‘rogue’ economist Stephen Levitt partners with veteran journalist Stephen Dubner to uncover the hidden side of everything. Posing such provocative questions as ‘why do drug dealers still live with their moms?’ and ‘how are the Ku Klux Klan like a group of real estate agents?’ the…
We’ve all heard about the cyber skills gap by now. As cyber adversaries grow more advanced and organizations struggle to manage these evolving threats, cybersecurity jobs are getting harder to fill. There are an estimated 2.9 million unfilled openings worldwide, with half a million in North America alone. Meanwhile, 60% of organizations say it takes…
As many of today’s enterprises are struggling to get their arms around cybersecurity, our world has seen an explosion in the number of solutions, providers and recommended steps to take to secure a company’s environment and protect it against cyber incidents. With so many options and no standardized solution, it is difficult to know where…
Many technical practitioners may believe that, at the end of the day, penetration testing is penetration testing. Proper penetration testing, however, is an art that must adapt over time. As an artist’s tools, materials, and media evolve, art evolves. With this evolution in “technology, techniques and approaches must change as well. Our “IT medium” has…
Facebook, Google, IBM, and Microsoft have all reportedly “aggressively lobbied” the current administration to start developing a federal privacy mandate. Recently, Cisco joined that chorus of tech giants (“Big Tech”) calling for stronger American privacy laws. Intel has gone a few steps further, drafting its own version of a U.S. privacy bill and opening an…
Developing your own infrastructure protection solution The era of governments protecting business and citizens from serious attacks, including from foreign adversaries, may have already passed – at least in the context of cybersecurity. That is, while it remains reasonable to expect government protect against physical attacks such as from bombs and missiles, as a general…
Building a collective platform Any commercial platform to support collective security operations must have certain functional attributes and operational capabilities to work properly in practice. In this section, we lay out the salient aspects of such a platform, trying to maintain some degree of generic design. Enterprise security teams considering use of a platform supporting…
Cybersecurity analytics for large-scale protection Click here for part 2. Most modern security analytic methods and tools are best suited to larger infrastructure with large data sets. That is, it is unlikely that one would use real-time, telemetry-based monitoring with 24/7 coverage for a personal computer, unless that personal computer was connected to a larger…
Cyberthreats to infrastructure Click HERE for Part One Any cooperative effort that supports large-scale infrastructure protection must begin with an accurate perception of the real cyber risks that must be addressed. Experts understand that risk is measured by combining the probability of bad outcomes with the consequences of such outcomes. In the context of infrastructure…
This is part one in a five part series written by Dr. Edward Amoroso, of TAG Cyber and Gen. Keith Alexander, of IronNet Cybersecurity Cybersecurity risk is now a mainstream consideration for any organization with valued assets. This is particularly true for any team with responsibility to provide essential services, including ones that might have…
