November 20, 2024
Strange Species
We keep adding cybersecurity controls – so many, in fact, that we’ve classified them into acronym categories like SIEM, SOAR, AEV, and CTEM, amongst many more.
Yet, despite significant investments in cybersecurity technology, attacks continue to rise. The bad guys keep winning.
This calls for a different approach. Perhaps we’re doing something wrong?
It doesn’t take an alien in a flying saucer to realize that most cybersecurity controls are rarely tested. An annual, manual pentest covering just 5%-10% of the attack surface is merely a sampling exercise.
Instead of adding more technology, let’s focus on continuously validating that the controls we already have in place actually work!
<Previous
Goat
Some people think the CISO’s job is to be the scapegoat when things go wrong. While there’s a grain of truth to that, let’s not forget what happens to the CEO, CIO, and the entire company if a major security incident occurs. We all sink or swim together! So, treat your CISO with respect and […]
Next>
Cyber Olympics
What if we had a Cybersecurity Olympics every 4 years?! Who would be the winners and losers of that event? The truth is – for cybersecurity personnel – the Olympics take place every day of the year. Here’s to the unnamed cyber security athletes balancing resources, technology, regulation and facing an ever increasing budget pressure. […]