Another year is in the books! Here at InfoSec Insider we think it’s important to always look ahead and progress, but take the time to look back and see how much we’ve accomplished in such a short timespan. After doing that, it’s fair to say that the best is yet to come.
Known as MISTI’s information security content vehicle that aims to answer our readers’ most pressing questions and provide them with actionable advice they can use, more change is around the corner as we aim to publish more engaging content.
It’s been another action-packed year filled with many lessons learned for organizations. As the threat landscape continues to evolve, so will solutions, techniques, and approaches to the problem. We’ll be there along the way to share that advice and experiences.
Without further ado, below you’ll find the most read articles of the year.
CASB was widely regarded as the quickest-growing market ever in cybersecurity. It seemly exploded out of nowhere in 2014 and 2015. Part of that accelerated growth means that it has already arrived at the consolidation and unavoidable 'cooling' phases any new market goes through. The security market is a lot like a relationship in that way — hot and heavy when a new market emerges; lots of excitement over somethin#`0g new. Then, as heads cool, we all start to think: but where does this fit in the larger picture?
#9 -A Day in the Life of a Security Executive: Georgia Weidman
Unlike many seasoned security practitioners, Georgia Weidman, Founder and CTO at Shevirah, Inc. and Bulb Security LLC, has spent her entire professional career working squarely in cybersecurity. Infosec Insider decided to reach out to subject matter experts like Georgia to get a better sense of how their professionals journeys have evolved to earn them their professional role today.
#8 - IoT Blindspots: The Four Devices That Should Be on Your Radar
InfoSec Insider caught up with two mobile security experts who highlighted four different connected devices that should be on a security manager’s radar, the challenges they pose, but most importantly, what they can do about it. While each of the following devices isn’t very cutting edge as it relates to daily tasks performed in offices, the lack of visibility surrounding them creates a real issue for security managers when vulnerabilities in the devices come into play.
#7 - How I Became a Threat Intelligence Professional
Cybersecurity practitioners don’t generally fit into a mold. The security industry is relatively new as compared to other fields, which means that many seasoned practitioners got their start in an adjacent field or because they showed an interest in or proclivity towards technology. For this series, InfoSec Insider asked InfoSec World 2018 presenters to share how they came to practice their current role in security. Here, we focused on a role that’s beginning to pick up steam in the industry.
#6 - PetyaWrap is Wannacrys Honey Badger Upgrade
A honey badger, like the Petya ransomware, waits to see if you make the mistake of underestimating it. There is nothing remotely new in Petyawrap. Any decent developer and IT admin could have teamed up and put together something like Petyawrap in a week or two. It used existing vulnerabilities, exploits and tools to pull off what’s looking to be a slow, but very long campaign. Why are we calling it Petyawrap? Mainly because it is significantly different from the malware originally coined Petya, and shouldn’t be confused with it. In this contributed article, Savage Security’s Adrian Sanabria dissects this threat.
#5 - Psyber Intelligence Part 1: Understanding the Human at the End of the Keyboard
In traditional intelligence operations, HUMINT consists typically of interrogations and conversations with the target person in an effort to acquire useful information. But in today's day and age, computers have become an increasingly common interface between targets. Not only has technology changed the game, it has ushered in the need to reexamine some of the classic methodology behind HUMINT collection and analysis. In other words, if we want to apply HUMINT in Cyberspace successfully, we must adapt. To practice good cybersecurity, it’s important to understand the human at the end of the keyboard. This special feature dives into the collection and analysis behind human intelligence.
#4 - OPSEC Tradecraft: Protecting the Online Persona
In our last article, we discussed how disciplines like psychology and behavior-profiling can help us to better understand the adversary at the end of the keyboard. Now we are going to extend similar disciplines to ourselves as intel analysts. Operating in an "under cover" fashion online requires us to remain self-aware and secure in our tradecraft at all times. In other words, we must practice good Operations Security — also known as OPSEC. This article highlights how to do just that.
#3 - Rolling Out a Threat Modeling Program
As a leader, you need to be able to see the forest and chart a path through it. That means abstracting problems and being disciplined in the way you do so. It means organizing your thoughts in ways that help you solve problems, and help shape the thinking of those around you. Threat modeling is a means to the end goal of better thinking about security problems. Learn why you should make threat modeling central to your security programs overall, how to roll out threat modeling, and how to manage a threat modeling program. First came the what, why, and how (article #2 below), but the next article in the series highlighted the steps security professionals can take to roll out a threat modeling program.
Threat modeling is essential to becoming proactive and strategic in your operational and application security. Modern threat modeling is agile and integrative, building collaboration between security and other teams. That’s security and development, security and operations, security and all sorts of others. Threat modeling is also essential in moving away from “gut feel” to a disciplined approach to problems. This popular article dissects the what,why, and how of threat modeling, and its benefits to enterprises and security and risk departments today.
For the layperson not working in the fields of law enforcement, intelligence, or information security (known to many as “cybersecurity”) the news events of today may seem quite overwhelming. The irony is that for those who are employed in any of these fields, “overwhelming” is an understatement... especially if you hold a job working with operationalizing information security within a sizeable or rapidly growing organization. If that’s you, then you likely deal with another whole set of terms (a.k.a. buzzwords) along with managing the organization’s data. In this special feature, we dive into the different between information and intelligence, and what that means for information security professionals