Detection Oriented Security Architecture, with Kevin Fiscus
Detection Oriented Security Architecture
Risk can be defined as the likelihood that a threat exploits and vulnerability causing harm. To reduce risk, at least one factor in that definition must be reduced. There is little that can be done, in most cases, to reduce the threat leaving us with vulnerabilities and harm.
Security programs and security professionals have spend decades attempting to substantially reduce risk associated with vulnerabilities without significant success. As a result, we are left with attempting to reduce harm.
According the recent Ponemon Institute Cost of a Data Breach studies, one of the biggest factors in determining breach cost is dwell time: the amount of time an attacker is present in the network before detection, therefore reducing dwell time can significantly reduce breach cost and thus reduce overall risk.
The obvious goals therefore becomes to detect and respond to attacks as quickly as possible. This goal has resulted in myriad technologies that focus on "detection and response" such as EDR, ITDR, NDR, XDR, and SOAR. Unfortunately, if we achieved the goal of rapid detection and immediate response, we would actually be making our security worse and giving the attacker a significant advantage.
In this webinar we will discuss why automated detection and response is a concept that will always fail and we will discuss what a truly detection oriented security architecture would look like.
#detectionEngineering #infosec #blueteam
More Articles
The 3 Most Influential Books (I’ve read in a long time)
Here are the three most influential books I’ve read in a long time, possibly ever. It might sound like hyperbole to say they’ve changed my life, but they absolutely have significantly influenced my life in a positive way.
Links to all three are below:
https://teddemop.com/linchpin Linchpin by #SethGodin
https://teddemop.com/launchbook Launch by #JeffWalker
https://teddemop.com/BestYearEverBook Your Best Year Ever by #MichaelHyatt
Linchpin got me excited to do important work, important to me and to many others.
Launch gave me a formula (or blueprint if you prefer) to use to do and help release this work to the world, based on time tested and scientifically valid research and principles.
That’s all good and well, but without some organization and planning nothing happens.
I’ve never put much effort, very little in fact, in planning for myself yet I’ve done pretty well.
Interestingly I’ve long done strategic planning for clients, extremely well based on feedback and results, but haven’t focused on it for myself, for my career and life.
Your Best Year Ever by Michael Hyatt changed all that!
It has a simple and very flexible framework that simply works! A framework that among other things to set and move towards goals important to you while letting you have flexibility and freedom going forwards.
100% is Easy, 99% is Hard
Success is far more likely when you are fully committed!
It doesn’t matter if it is about passing a certification, running, writing a book, or anything else.
Here is quick video of me after a have just completed running 20+ miles a week for 140 weeks in a row. Why? Because my health matters.
When something matters, whether it is professional, personal, or something else, 100%, being committed, makes a difference!
If you are doing 99% percent it is easy to slip to 98%, 97%, 80%, and much much lower!
Constant effect, even though progress may not always seem 100% upwards, is easy with some commitment.
Not trivial, but much easier than 99%!
The Hardest Part of Starting Consulting
What is the hardest part of starting consulting?
Getting Clients? Nope although that is obviously important.
(more here on getting clients: https://successfulinfosecconsulting.com/).
What is the second hardest thing? And what can do you do about these things?
The hardest part – is YOU.
I know I flip flopped back and forth when I decided, between “I’m going to start consulting” and “Who am I to do this?” Feelings of “I’m too young” or “I’m too old” and more are common. Some of this is imposter syndrome which is normal. What do you do about this?
Are Entrepreneurs Risk Takers?
Are Entrepreneurs risk takers? The answer may surprise you!The answer, no surprise, is “It Depends.”
A great many entrepreneurs are rick adverse, and know exactly how much risk their ventures entail – and everything has risk, including having corporate job and going to the supermarket.
Some entrepreneurs are willing to accept a large amount of risk, and although there are exceptions, generally know that they are.