In cyber warfare, like in chess, the game outcome is not determined by a single exploit (or move), but rather by a patient silent-predator strategy.
The same can be said of hackers sniffing a corporation’s many interfaces until they have an “in”.
When a hacker further exploits the corporation without detection – till it’s “checkmate” and Doomsday arrives. Suddenly the company makes headlines with its data leaks and everyone gets busy with damage control and corporate reputation PR, millions in equity and funds are lost, and sadly, a few executives lose their jobs as well.
I learned how to think like a hacker from my uncle, Vladimir Liberzon.
Vladimir was a Russian and Israeli chess grandmaster. At his prime, he was a chess force to be reckoned with, practicing disciplined moves and strategies that made their way into chess textbooks. His skill made him one of the most consistent performers of his time in Russia, Europe and Israel.
What I absorbed in my youth from “Uncle Vladimir”, as we called him, I took not only to the chessboard hobby but also to life and my greatest passion — Cyber Warfare. It is amazing to see the parallel lines we can draw between these two mind-battlefields. I saw that by anticipating the opponent’s moves, multiple steps ahead, I could be on both the defense and offense to protect my pieces and wipe out all of his, to win the game.
With this insight I founded Pcysys. My objective was to give every CSO his own “grandmaster” of cyber in the form of intelligent penetration testing software. The ability to perform machine-based pen testing, that continuously thinks and acts as hackers do, is the best way to make sure that corporations have their cyber defense line as tight and strong as it can be. Defense lines must adapt to threats at the same pace as hacking techniques advance.
The fact is that today more than 95% of cyber technology expense is invested in defense technology, which does not have the ability to evolve and align that defense with a hacker’s perspective in mind, one that takes into account multi-step attack “vectors” or “kill chains” rather than just desperate vulnerabilities.
Whether we like it or not, it’s a two sided game that we’re managing day in and day out thinking a few steps ahead. Software and AI are the key to giving corporations the upper hand.
For those who want the full story of this grandmaster, read more about him here: Wiki
And if you can see how your corporation could use a grandmaster to protect against cyber warfare, please drop me a note to email@example.com.
Arik Liberzon, led an elite cyber warfare group at the Israeli Defense Force’s computer service directorate. His group was responsible for penetration testing strategic asset networks and national mission-critical systems. Following a decade of mastering the penetration testing profession, Liberzon applied his mastership of ethical hacking in software and together with serial IT entrepreneur Arik Feingold, founded Pcysys in 2015.
Liberzon holds a B.Sc in Aerospace Engineering from the Technion Institute of Technology, a Masters Degree in Finance from Ben-Gurion University and an MBA from Tel Aviv University.
Co-founder & CTO
WebLogic is a popular enterprise middleware tool that orchestrates the interaction between backend systems and frontend clients. This makes it a valuable tool for attackers, who can exploit it to access and influence a wide range of organizational applications. In this blog post, we explore how to install a persistent backdoor on WebLogic Server. We...
Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On...
We all know the culprits. Cloud adoption, remote and hybrid work arrangements and a long list of must-have technologies have led to an ever-expanding attack surface, compelling organizations to become more agile and responsive in their cyber defense. Taming this unwieldy beast seems to be on everyone’s mind as global spending on security and risk...