Cybersecurity Blog: The Cyber Scene is evolving, are you?

2016 was another challenging year in cybersecurity. With greater awareness among organizations and the general public of the risks, and sizable investments by companies in best-of-breed security technologies, will we see improvements in 2017?

Read more

“You can’t buy the Cyber Kill Chain®, but you can buy into it.” 

In a recent webcast, Senior Security Strategist at Solutionary, Jon Heimerl, joined me for a discussion about the tactical and strategic approaches of using the Cyber Kill Chain® to effectively respond to cyber-threats.

After reviewing key findings from the NTT Group’s 2016 Global Threat Intelligence Report, Heimerl introduced an incident response case study (minute 10:18 of the recording below) in which the team effectively leveraged the Cyber Kill Chain analytic framework to better understand each phase of the attack and gain a comprehensive picture of the adversary’s tactics, techniques and procedures. The mid-size financial client, code named Peaceful Panda Financial Corporation (PPFC), did not know they were breached until day 65 of the attack.

I jump in at minute 13:10 of the recording to walk us through the seven successful steps the adversary took before posting sensitive PPFC data to a PasteBin site. 

Read more

Stepping out to Black Hat for the first time was inspiring, educational, informative, and a bit scary. Many wondered, “What is Lockheed Martin doing here?”

Some members of our team worked to answer that question for curious attendees. Others of us participated in sessions presenting novel research that will enable network defenders to succeed as the industry plows its way through the challenges of the cyber culture.

Read more