2024

The MITRE ATT&CK Framework is powerful if …

When managing a Security Operation Center, you will likely be asked how many MITRE ATT&CK tactics and techniques you have covered. At first glance, this might seem straightforward, but the answer is more complex. The MITRE ATT&CK framework is an extensive knowledge base of adversary tactics, techniques, and cyberattack procedures. It provides an incredibly valuable threat detection, response, and mitigation resource.

October 6, 2024

Running an effective and efficient Enterprise Vulnerability Management program

Running an effective and efficient Enterprise Vulnerability Management (EVM) program requires much more than simply conducting vulnerability and compliance scans. Relying solely on these scans and basing your reporting entirely on the findings can severely cripple the program’s effectiveness. In essence, this approach floods the organization with an endless list of vulnerabilities and tasks, creating more noise than actionable outcomes, which leads to inefficiencies, frustration, and even increased security risks.

September 29, 2024

Can you truly measure the strength of your cyber defenses?

In today’s digital landscape, cybersecurity is no longer just an IT concern; it’s a fundamental priority for organizations across all sectors. The increasing frequency and sophistication of cyber threats have made the need for robust cybersecurity measures more urgent than ever. But how can you truly measure the strength of your defenses?

August 17, 2024

Which type of CISO are you?

As technology proliferates, adversaries’ capabilities escalate exponentially. While adversaries can concentrate on mastering a specific technology, defenders are burdened with safeguarding against all potential attack vectors. This equilibrium has long been disrupted, leaving us to grapple with its consequences. In light of this reality, the pertinent question arises: where do we go from here?

March 24, 2024

Risk Management — It might be more complex than you think

In the dynamic landscape of cybersecurity, the continuous influx of vulnerability disclosures and the rapid dissemination of the latest TTPs through various channels pose a significant challenge for CTI specialists. In cybersecurity risk management, identifying and assessing relevant cyber threats are critical tasks, and effective strategy must be employed to navigate this constant flow of information.

March 17, 2024

Establishing a Cybersecurity Citadel: Forging a Digital Fort Knox

In an era dominated by digital landscapes, where technological advancements continue to reshape how we live and work, the paramount importance of cybersecurity cannot be overstated. As organizations and individuals become increasingly interconnected, the threat landscape evolves in tandem, necessitating a robust and adaptive defense strategy.

February 23, 2024

2023

Hey data scientist, are you really listening to the security data?

Protecting your company against the evolving landscape of both current and past threats is a formidable challenge, one that some consider insurmountable. However, it’s crucial to remember that while it may be a daunting task, it should not be perceived as impossible. In fact, it’s imperative to recognize that modern security strategies need to adapt to the ever-changing nature of cyber threats. This adaptation relies on the effective utilization of data generated by security controls, a process that transforms raw data into actionable events.

October 29, 2023

The ‘lazy’ SOC model

In the contemporary landscape, the paramount importance of security is becoming increasingly evident, casting a spotlight on the escalating workload of the SOC. This burgeoning workload is characterized not only by a surge in the sheer volume of requests and inquiries but also by the growing intricacy of security challenges. In this dynamic environment, when a security incident unfolds, there is an implicit expectation for the SOC to respond promptly and with pinpoint accuracy. Simultaneously, the SOC grapples with a persistent conundrum exacerbated by a global shortage of highly skilled security professionals — recruitment and retention.

October 22, 2023

Death by SLA

In every organization that has embraced the ITIL framework, the emergence of the term SLA is an inevitable milestone, and it often marks the beginning of a challenging journey. The process of crafting a well-defined SLA that is comprehensible and agreeable to all involved parties can be an arduous undertaking, particularly when attempting to articulate it in a language that is not your native tongue.

October 1, 2023