2023

The ‘lazy’ SOC model

In the contemporary landscape, the paramount importance of security is becoming increasingly evident, casting a spotlight on the escalating workload of the SOC. This burgeoning workload is characterized not only by a surge in the sheer volume of requests and inquiries but also by the growing intricacy of security challenges. In this dynamic environment, when a security incident unfolds, there is an implicit expectation for the SOC to respond promptly and with pinpoint accuracy. Simultaneously, the SOC grapples with a persistent conundrum exacerbated by a global shortage of highly skilled security professionals — recruitment and retention.

October 22, 2023

The importance of having a data scientist team in Cyber Security Center

Numerous parallels exist between the strategic board game ‘Stratego’ and the operation of a Cyber Operation Center. In ‘Stratego,’ you engage in one-on-one gameplay, but within the Cyber Security Center, you’re navigating multiple games simultaneously. Your objective remains steadfast: safeguard the flag for as long as possible, while adversaries relentlessly pursue its conquest. The distinguishing factor lies in the dynamics of these engagements. While you’re simultaneously managing multiple fronts, your adversaries can opt to focus on one game at a time. At first glance, this might appear unequal, almost like an unfair contest. However, it shouldn’t be.

October 16, 2023

The question is not if but when

In today’s interconnected and digitized landscape, the inevitability of cyberattacks has transformed the question from a matter of ‘if’ to a matter of ‘when’. This paradigm shift underscores the critical importance of cybersecurity preparedness in the modern world. The notion that organizations and individuals will eventually experience a breach has compelled a shift from a reactive approach to a proactive and strategic stance in safeguarding digital assets.

August 27, 2023

Can ChatGPT takeover the role as a use case developer?

Currently, many people are talking about ChatGPT and how it will affect everybody’s life. Some (including me) are also investigating it. Therefore, let’s put it to the test. Does ChatGPT know how to find the right and relevant information to design and implement a use case around a password spray attack? Put differently, can ChatGPT replace the use case developer?

May 21, 2023

Phishing emails – The one thing you don’t want to receive, but you can’t avoid it. So, now what?

A phishing email is a fraudulent attempt by scammers or cybercriminals to deceive recipients into revealing sensitive information, such as passwords, usernames, credit card details, or personal identification information. These emails are designed to appear as if they are sent by legitimate organizations, such as banks, social media platforms, or e-commerce websites, in order to trick individuals into providing their confidential data. And as phishing emails as a technique has proven to be effective, the adversaries will continue dispatching them. So, the question is what can you do to protect yourself? In this article, I give some tips on how to deal with phishing emails.

May 21, 2023

Do you have an effective cyber hunting team?

In cybersecurity, everything is evolving rapidly. It is an ongoing battle between adversaries and defenders. And the terrible thing is, the defenders indeed drew the short end of the stick. They need to defend against any type of threat while the adversary has the time and can sharpen and perfect his threat. Therefore, the logical question is ‘How do you keep up with the developments of the adversaries?’

March 12, 2023