Cybersecurity Blog: The Cyber Scene is evolving, are you?

One of the most compelling questions asked today by security operations is, “Can we enable our analysts to make security decisions that will have a positive impact on the overall security posture of our organization?” The short answer is, “Yes. But it’s not easy.”

Read more

Breaches disclosed in the media foster conversations within organizations on how to protect critical assets and enterprise infrastructure. Loss of intellectual property, financial data and customer confidence have produced tangible evidence of an evolving threat landscape that, in turn, has elevated the conversation to the board room.  

This cyber awakening has many organizations evaluating current security measures including tools and technology – and the options available in the market are endless!    

On May 11, 2016, I joined Greg Masters of SC Magazine for an evaluation of new cyber technologies in the marketplace. In my role as Chief Technologist for Lockheed Martin’s commercial cyber business, I’m focused on evaluating the latest trends in the market in order to advance our own defense strategies. 

In the following on-demand webcast, I analyze a variety of cyber technologies that can enhance your defenses including: Threat Intelligence Platforms, Security Operations (SecOps) Tools, Endpoint Detection and Response as well as User Behavior Analytics. 

Read more

Most security vendors these days, including Lockheed Martin, are touting new capabilities for automatically detecting advanced threats through the use of data analytics and automation. In business, “automation” is often synonymous with downsizing. In this case, however, we would argue the implementation of automation tools is not about downsizing staff but rather empowering cyber analysts to do more, good work. However, while automating some of the more mundane and menial tasks of an analyst may free up cycles, it is not a cure-all solution that eliminates the need for human intelligence.

Read more

Our team has been actively involved in defending some of the most attacked organizations in the world. Having a front row seat in the fight against advanced persistent threats (APTs) has informed how I think about defense and intelligence. Last month I teamed up with our partners at Cybereason to discuss:

    • The most pressing challenges your company faces when fighting APTs:
      • Excessive false positives
      • Lack of threat context
      • Poor endpoint visibility
    • Four steps you can take to combat APTs in your organization, including automating threat detection and implementing behavioral analysis
    • How to empower your security team in the fight against APTs by adopting automatic threat detection, eliminating alert fatigue and using endpoint data to reveal full attacks

Read more

I give myself good advice, but I seldom follow it.”


– Alice in Wonderland

In the threat intelligence space, vendors market threat feeds as a source of “good advice”. But are subscription based threat feeds truly providing actionable intelligence? A challenge for any SOC operations manager is to determine if their threat feed is really creating value or just a barage of alerts that send their analyst teams “down a rabbit hole”.

Read more