In its Global Threat Report, CrowdStrike identified many of the tactics, techniques, and procedures used by more than 50 different threat actor groups to craft and launch sophisticated attacks against major targets around the world.
FireEye's acquisition of Mandiant and last month's acquisition of Norman Shark by Blue Coat Systems reflect the growing awareness among enterprises that they need sophisticated security technologies which go beyond antivirus and traditional perimeter-based defenses.
Industry-wide cyber attack exercises (CyberRX) will examine broad and segment-specific threats targeting information systems, medical devices and other essential technology resources of the healthcare industry.
Organizations can draw lessons from the Target data breach by considering various attack scenarios such as card readers which have been tampered with, POS systems infected with malware, and insider threats.
Successful conduct of military operations requires a unit’s clear understanding of the battle space it controls and its “area of operations”. This includes not only the terrain of the battlefield but also the capabilities, motives, and determination of the enemy they face.
Security should be a fascinating, dynamic, and creative pursuit. I say have fun, be creative, be criminal in your thoughts, but not your actions. The black hats who have you in their targets are having a blast.
External attacks are not our only worry. Most security nuts have been saying for years that our biggest threat is not external, but rather the "Internal Threat." I will take that a step further and say that one of the biggest threats that we face is the "oops".
Oliver makes the case for why the way that security awareness training is often approached is flawed. But if done in the right way, Security Awareness Training can provide a lot of value and benefit the security posture greatly.
In addition to being a renowned theoretical physicist, Einstein was also a wizard at writing security procedures and processes. Here is a short selection of quotes from Albert Einstein, and why they are worthwhile when thinking about security.