The distortions created by cyber incidents and the challenge of handling cyber incidents are amplified with the introduction of liability. However, the imposition of death - an irreversible and undesirable impact - shows we need to sort it.
This is the 52nd Tuesday post, closing in on a year of writing. Reflection is standard practice for such a marker, and the term is uncovery. Why this term? So many bits of life are mislabelled; attributed to discovery as something new (or at least new to us). We often look to explore the edges of the map, thinking newness is found in the fog on the horizon. Clausewitz was half right. We are often wrong.
Threat Versus Risk in Cyber
Looking at the distinctions between Cyber Threat Intelligence (CTI) and cyber risk - both with similar elements with supportive properties, but often misunderstood. Offering definition to aid practitioners, auditors, regulators and boards.
Money Laundering and Cyber Crime
Challenges to the blending of Cyber/Fraud/AML spaces in financial services gives cybercrime more room to maneuver. Criminals find monetisation advantages in victim organisational separations, with innovative solutions based on careful observation and rapid growth in operational maturity. This post uncovers difficulties financial services encounter in cybercrime-monetisation.
On Responding to Complexity
Issues - regardless of scale - often acquire similar responses when the systems are complex. This post looks at components of complex system issue response and reasoning behind it.
Building with Fire
Some things are bent to suit. Some are broken in process. Some things just have to burn. The following are considerations for metaphorical implications.
Need-to-Know Versus Need-to-Share
At opposite ends of the intelligence spectrum, need-to-know (limited audiences) and need-to-share (expansive audiences) vie for dominance. Here we define these practices, associated concerns, and circumstances where one approach is likely preferable.
Taliban and Cyber Considerations
With the Taliban back in control in Afghanistan, and with the departing US forces having left behind a lot of equipment and hardware, the CTI community is keeping an eye on the inevitable shifts in cyber threats arising from or involving Afghanistan.
Cyber Crime’s Maturity
Cyber criminals' business models are evolving, often drawing on practices borrowed from the very businesses they attack. This should give hope to the victims of cyber crime because a more structured and formalised cyber crime marketplace is easier to scrutinise, realign, regulate, and possibly decimate, especially if state actors get involved in countering strategies.
Understanding Business Needs for CTI
Private-sector organisations have different response options available utilising CTI than governments or militaries. Learning what is important to the organisation affects what to look for when distilling and analysing. This post will help understand how to create CTI relevance for the business.