I do believe there are more attackers with skills to pull off a medium difficulty attack or script up malware and attack tools. Also, there are also many more who wish to make money in the cybercrime arena and don’t have any real ability. However, the fact that attack tools and Rent-a-Bot on the Dark Web are showing up sooner after their initial use (more sophisticated code) and the price is cheaper, means that the pervasiveness of attacks is on a rapid rise. The barrier of entry for new or novice attackers is lowered. Add to all this the new trend of leveraging IoT and distributed attacks, and you have a scary Internet. It will get worse before it gets better. http://www.cxotoday.com/story/distributed-cybercrime-is-making-attackers-multi-millionaires
Posted in Blog, Cybersecurity & Infosec
February 15th, 2017 by John
My full 2017 SC Awards introductory comments.
February 14, 2017 Read More
Posted in Blog
September 6th, 2015 by John
I have to say I am excited!
I have wanted to host a regional security conference for a long while, and now it is about to happen. Read More
Posted in Blog
From my RSA 2015 panel, “When Will InfoSec Grow Up?”
What do you think? Will the CISO evolve into CIRO? Does the CISO belong under the CIO, or maybe just operational security?
I personally think 2018 is an aggressive timeframe since many organizations still don’t have a formal CISO defined and 20% of CIOs claim they don’t think they need a CISO. It seems to me we need to inform the board (externally) with what a forward leaning organization should expect in a CISO and drive change from the top down, rather than bottom up.
Posted in Blog
If this is how you view security architecture, you are doomed to failure. Tools alone cannot keep up with threats, or solve all our problems.
Posted in Blog
