Cyber Reserves Are Not a Silver Bullet

The most significant long-term challenge facing American and British cyber agencies is not China or Russia — it’s a shortage of cyber talent. This workforce deficit isn’t only affecting intelligence agencies. One recent study looked at 11 countries’ cyber skill shortages and extrapolated that the global deficit of qualified…

Ten Steps To Becoming A Vanilla Thought Leader

There are two types of thought leaders in the infosec industry. On the one hand are deep subject matter experts (SMEs). They traverse the conference circuit, bloggersphere, and podcast scene. If you want to learn about the latest research and developments in the threat landscape, then these are your people.…

What The Wire Can Teach Us About Cyber Security

In the current era of self-isolation, remote work, and constant tweets offering epidemiological hot takes, now is the perfect time to get off social media and tuck into a good box set. Don’t just take my word for it. Disney, Apple, and Netflix have all reduced their streaming quality…

Cyber Threat Intelligence Frameworks: 5 Rules For Integration

As the cyber threat intelligence (CTI) industry continues to grow, so does the discipline’s thinking tools. Whether your intelligence team is using the cyber Kill Chain, the Diamond Model, or MITRE ATT&CK, there is now no shortage of frameworks that can assist security teams in capturing and…

The Cybersecurity Skill Shortage Goes Beyond a Government Responsibility

Among concerns of an Iranian cyber apocalypse, countless ransomware variants on the loose and yet another exposed ElasticSearch server, the biggest challenge for the cybersecurity industry is arguably its own skill shortage. One recent study claims the current deficit sits at over four million unfilled positions and argues that the…

A Threat Intelligence Analyst's Guide to Today's Sources of Bias

In an industry prone to going overboard with fear-based marketing, the cyber threat intelligence (CTI) community has a refreshing emphasis on questioning assumptions. CTI teams will often deploy a variety of structured analytical techniques to ensure their assessments are as objective as possible. This involves a variety of processes, including…

Hello My Data, Are You Out There?

The Zao app: It was the best of times, it was the worst of times. While the launch of the trending deep fake app began with friends happily using the app to share amusing videos, it concluded in predictable infosec dystopian fashion with concerns regarding overly intrusive privacy policies, unease…

Mentoring Me, Mentoring You

Amongst the online hacking courses, conference talks uploaded to youtube, and hot takes offered by infosec’s Twitter thought leader army, it would seem aspiring infosec professionals have access to more personal development resources than they would ever need. Yet, by just looking at online resources, an infosec novice would…