Welcome to our Spotlight section. Here we showcase the most attention-worthy news and events, jaw-dropping products and top shelf services, rapidly rising players, and can’t-miss research and standards to keep you in the know when it comes to the cyber security industry, especially active cyber defense. We highlight how cutting edge active cyber defense strategies, products, and ideas apply to your field, whether you’re in computer security, cloud security, network security, IT security, adaptive security itself, or any other brand of cyber security. We’ve got you covered.
People make decisions every day that involve risk and uncertainty. Generally, we reconcile a variety of decision models using risk criteria often provided by organizational policies and/or guided by a variety of personal belief and trust systems. Many times we are forced to address ambiguous situations in uncertain ways, using uncertain terms and with uncertainty […]
Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the ongoing SolarWinds supply chain mitigation issues; election fraud; the problems around disinformation and deepfakes; false flags in cyberattacks and the difficulties in making accurate attribution; […]
A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards from various organizations and standards bodies. To some extent, this wide range of guidance is difficult to get your arms around to figure out what […]
Recently, I was talking with my daughter, the engineer, about testing. She is the lead engineer for payload integration and test for a large NASA space telescope. Our discussion got me to thinking about cyber testing and test metrics. From her space telescope perspective, it is very expensive to conduct tests, with some tests requiring […]
Many years ago I was hosting a series of workshops on a variety of security topics. One of those topics dealt with role-based, attribute-based, and policy-based access control approaches and I was lucky to get Mr. Dave Ferraiolo as one of my presenters for the workshop. Dave has been a long-time evangelist for NIST on […]
Adopting a new technology can be fun but also challenging, especially if the technology is new to the market and there isn’t a lot of veteran users around who can help teach. An emerging technology such as SOAR, which aims to converge security orchestration and automation, security incident response, and threat intelligence capabilities into single […]
Securing operational technology and IoT has just received a new compliance push as the DoD is targeting small businesses in its mandate for Cybersecurity Maturity Model Certification. Katie Arrington, special assistant to the Assistant Secretary of Defense for acquisition and cyber within the Office of the Undersecretary of Defense for Acquisition and Sustainment of the […]
Going, Gone: I attended the 10th annual Billington Cybersecurity Summit last week. This 2 day, sold out event with over 1100 attendees at the Washington Convention Center had more than 70 world class speakers and 60+ sponsors and exhibitors. There were also three “Innovation Zones” highlighting cyber products from the UK, Canada, and Israel. You […]
Tools that provide threat information sharing have been a hot technology over the last couple of years. However the tools are only as good as the information that is provided. And the information needs to be timely. And the more context about the threat, the better. And the need for industry outreach and information sharing […]
Protecting the Future Enterprise: Active Cyber Defense
