Security Experts:

Wade Williamson's picture

Wade Williamson

Wade Williamson is Director of Product Marketing at Vectra Networks. Prior to joining Vectra, he was a Senior Threat Researcher at Shape Security. He has extensive industry experience in intrusion prevention, malware analysis, and secure mobility. He has extensive speaking experience having delivered the keynote for the EICAR malware conference and led the Malware Researcher Peer Discussion at RSA. Prior to joining Shape, he was Sr. Security Analyst at Palo Alto Networks where he led the monthly Threat Review Series and authored the Modern Malware Review. He has also led the product management team at AirMagnet where he helped to develop a variety of security and network analysis tools targeted to WiFi networks. He has been a steady and active researcher of new threats and techniques used to compromise enterprise networks and end-users.

Recent articles by Wade Williamson

  • Collecting security data is relatively easy – the value of security analytics solutions will rest in how well they reduce that data into answers.
  • Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
  • The evolution of ransomware from simple malware to more persistent attacks has a major impact on the way enterprise security teams have to think about mitigation.
  • The ability to quickly and reliably detect lateral movement in the network is one of the most important emerging skills in information security today.
  • Data science and machine learning models can assess large groups of cyber threats to find the subtle traits they have in common to better protect organizations.
  • It is important to understand the realities behind data science and machine learning technologies so we can separate the truth from the hype and make well-informed security decisions.
  • Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
  • Specific malicious payloads, URLs and IP addresses are so ephemeral that they may only be used once in the case of a true targeted attack. Intelligence should make you better prepared to evaluate and solve new problems that you haven’t encountered before.
  • Although ransomware is commonly targeted at consumers, recent versions have targeted the enterprise with a vengeance. This has shifted ransomware from a nuisance to a potentially debilitating attack that can freeze critical assets and intellectual property.
  • It has become very clear that intrusion detection and intrusion prevention are not simply deployment options of the same technology. They are in fact separate disciplines with unique requirements, goals and roles in the security stack.
  • For CISOs and security directors, recruiting and retaining talent for their security teams is more challenging than keeping pace with technology.
  • In security circles, 2014 was known colloquially as “the year of the breach.” However, 2015 almost doubled the 2014 tally of breached records, and has done so in the first eight months.
  • Personally Identifiable Information (PII) can provide invaluable human intelligence to nation-state attackers who are often behind the most sophisticated attacks.
  • While malware is obviously a critically important tool in the attacker’s arsenal, it is just one of many that make sophisticated attacks successful.
  • In light of the seemingly endless parade of high-profile breaches, it’s easy to focus on external threats, while losing sight of insider threats.
  • While higher education certainly has some unique challenges, they are by no means alone in terms of facing breaches. Attackers who want to get into a network can typically afford to be patient.
  • Network administrators have to remember that they are not just the protectors of the organization – they are also the most valuable targets.
  • By building security controls that identify and correlate the malicious behaviors of an attack, we can begin to the tip the scales back in our favor.
  • By establishing an enterprise-wide context focused on key assets and user behaviors, organizations can build a unified security framework that encompasses all locations and all of their assets.
  • Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.
  • As we build more accessible, scalable, and efficient computing models, we likewise open ourselves up to attacks that are likewise more accessible, scalable and efficient.
  • The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
  • In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
  • While free tools aren’t the answer for every problem, they probably should be a part of your security toolkit. Even better, they can provide an easy way to learn about new security technologies and provide your team with hands-on experience.
  • As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.