Thanks for joining me!
Good company in a journey makes the way seem shorter. — Izaak Walton
Welcome to my blog. It was not my brainchild, to be clear. I am not really a writer, but I have a story or two to share, and I have always enjoyed sharing stories and cybersecurity conversations with people I have met over the years. This website and its name started as a joke with a handful of people who attended EC-Council’s Certified CISO training in Virginia some years back. During lunch one day. Someone said, “If only there was a nice CISO the company could go to that would just grab them by the hand and tell them everything would be alright.”
Cybersecurity is hard. As practitioners, we have fewer people, smaller budgets, and less technology. What is hoped for is that with those few resources, we will construct a walled garden of invincibility, like a castle’s walls, that will never fall. The truth is, just like the old castles, there is a lot of traffic moving in and out while the company does the business it needs to run daily.
The most frequent attacks against a company are not the slams firewalls are built to ward off. Assassins use social engineering, drinking places, and a myriad of other techniques to lure users to the bad site and steal the attacker’s code back into the company. Most payloads these days are not malicious, but once in the organization, do reconnaissance (spying) and send back what you see and how strong your defenses are, even if there is a valuable target. These benign droppers have access to hundreds of other external IP addresses with which they can try to reach out, be updated, or even get extra directions, such as downloading ransomware or remote terminals.
This attacker has time, and your organization has a massive pool of people to hack. An attacker might need to be right only once to break into your systems, and the defender is not going to get 100% correct if they want to block the attacker.
We are all islands in organizations, standing on our defensive posts and counter-attack measures. We use everything we can from the external world, including ISACs, threat intelligence, and even the eyes of our firewalls and honeypots, to provide advance notice. If they get into the organization, we want to be able to catch them before they do anything damaging and get them out of our systems.
Unfortunately, there is no magic pill. Cybersecurity is just security evolving. There are still vaults and safes filled with physical wealth belonging to banks, but we also have just as much wealth on the internet with less of the chance of the hacker being spotted, caught, and eventually jailed. It’s up to us, the stewards of that digital treasure, to preserve it.
I am looking forward to this dialogue and journey with you.
The Compassionate CISO 