In our dynamic cyber threat landscape, info/ cybersec personnel engage everyday with enemies who seek to harm those we wish to protect. Few in number against staggering odds, outmanned and outgunned with limited resources, we must be right one-hundred percent of the time, whilst the enemy needs only to be right once. This is the Cypartan Dilemma.
Cyber Policy Challenges in Private Sector
Garnering policy adoption from private sector is lacking and continues to lack, to the frustration of public sector proponents. This post tackles the overlooked considerations and challenges.
Absent Cassandra (Abssandra) is the outcome of knowing there is a question or issue we are required to solve - with no effective internal or external means or understanding to base our plans and programs on. The dangers we don't often admit are framed within the post.
On Internal Mapping (3)
Dataset layers are the foundational pieces of building the organisation's map, as without them the map can't be complete. Preferably driven by automated ingests, there are layers likely manually curated - giving greater visibility to broader operations. In tracing the often-understood, rarely-captured components of an organisation - their processes and interdependencies - we need people able to follow paths from start to finish adding the layer to the mix.
On Smoking Guns, Indicators, and Warnings
Predictive intelligence is a small, resource-expensive analysis component - highly sought after by leadership and decision-makers who often lack understanding of the ask. This post presents initial assessment of predictive analysis requirements and considerations as a precursor to programme development.
Businesses that are not cyber vendors have an opportunity to sell cyber as part of their offering, taking advantage of money and effort already spent, and an opportunity to show greater understanding of their clients' businesses in the digital space.
On Internal Mapping (2)
Challenges abound when you look to create the sportscards for entities (the context is here). An entity's card is a listing of all the directly-associated, definable information we have data for. Trouble often is, we don't know what we don't know - perhaps you've ideas of what should include, but as more datasets are uncovered or created you may find other elements clearly defining an entity needing included. The point is remain flexible in creating the entity cards, but make certain you aren't mixing two entities in a single card.
On Internal Mapping (1)
If a picture is worth a thousand words, what does it look like when we consolidate a thousand logs? In many organisations, there are many disparate data sets acting as pieces of the organisation's puzzle. An excellent analogy to the approach - you may have an idea of the whole picture (it's on the box) but you don't really appreciate it until you start looking at the pieces. In this each dataset is an additional piece, by taking each piece, mining the relevant parts and how they relate to the whole picture, the organisation gains incremental understanding of not only the value held by the dataset, but where it fits in the greater picture.
Every major crisis faced today is like an oncoming avalanche - but started as a pebble-sized risk overlooked. How pebble risks grow exponentially over time and how to effectively assess/preempt/mitigate are keys for effective operational resilience.
Positive or negative, growth is constant provided effort, time and opportunity. Interpreting what/ how/ why for individuals/ groups/ functions requires a gardener's eye to flourish.