cyberops

Apr
27

Encryption is Overrated

Years ago I found myself in one of those awkward elevator pairings where you are unexpectedly face to face with
3 min read
Dec
07
Network Egress and Ingress Fundamentals

Network Egress and Ingress Fundamentals

There is a lot of confusion about network ingress and egress. This isn't limited to junior staff; I've witnessed this
5 min read
Jun
22
The value of the True Positive

The value of the True Positive

As originally published on Vectra's Unfiltered at https://www.unfilteredcxo.com/ Cybersecurity is afflicted with the duty of “proving a
3 min read
Mar
01
Cybersecurity Strategy

Cybersecurity Strategy

Even mature, highly-resourced cybersecurity programs can overlook articulating a strategy in the absence of specific regulatory requirements. All organizations are
1 min read
Feb
05
IOCs aren't for blocking - they are for control validation

IOCs aren't for blocking - they are for control validation

There is a misconception out there that security departments should be ingesting feeds of Indicators of Compromise (IOCs) and loading
3 min read
Jan
31
Patching is Overrated

Patching is Overrated

Patching became a household term during the Equifax security breach and Congressional hearings. While IT maintenance and hygiene have their
4 min read
Oct
01
It's not the 2FA.. it's the 1TP!!!

It's not the 2FA.. it's the 1TP!!!

Multifactor authentication (MFA / 2FA) is arguably the most powerful security control deployed over the past 20 years. But it dawned
2 min read
Oct
25
Quick trick to assess your vulnerability to SIM swapping

Quick trick to assess your vulnerability to SIM swapping

I listened to an NPR story on SMS SIM swapping on my drive in this morning. This is a pretty
2 min read