Note: This originally appeared as part of ISACA GWDC’s IoT Security Conference in April, 2018. Original link to content here. Executive Summary Nominally IT-focused threats such as the recent series of wormable, disruptive malware variants from WannaCry through OlympicDestroyer will increasingly impact Internet-of-Things environments. The combination of rapid, automated propagation Read more…
When I led incident response operations at Los Alamos National Laboratory, we subscribed to several ‘threat intelligence’ feeds: big commercial providers, secret-squirrel (theoretically) government only information, and other miscellaneous items. Almost without exception, if the feed did not provide reports that detailed how an attack or intrusion took place and Read more…
Prior to embarking on a full-time information or network security career, I served as a US Navy Information Warfare Officer (IWO) for five years. While ‘cyber’ took up the majority of my time, I also spent a large amount of time and effort on one of the original IWO reasons Read more…
Originally Published at Dragos Computer and network defense has typically focused on ‘indicators of compromise’ (IOCs) to drive investigations and response. Anomaly detection and modeling (e.g., machine learning approaches) are also increasingly used for alerting purposes, but due to the lack of context of adversary activity, they are of limited utility Read more…