Blog

Stuck in Traffic – Backup Your Space

March 19, 2019

MySpace lost millions of photos and videos due to data corruption during a server migration. Upside, that probably includes those embarrassing photos from twelve years ago. Downside, data loss is data loss, and this reminds us of the importance of backing up our SaaS data.

Watch more videos on my YouTube channel.

Shall We Play a Game?

March 18, 2019

Presented at BSides SF 2019.

Muscle memory, incident responders will tell you, is crucial to acting quickly in a crisis. Cyber Threat Intelligence informs what we do, but practice ensures we do it well—executing effectively to eliminate the threat and protect the organization. This session provides an approach to developing security exercises and running practice drills. MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) forms the basis of this approach. We will cover the fundamentals of an exercise: selecting the story, identifying the tactics, threat modeling, table top discussions, adversarial emulation, and scoring. The session concludes with advice on creating an overall exercise program, focusing on repetition, momentum, and building muscle. Turn intelligence into practiced action with security game

Watch more videos on my YouTube channel.

Stuck in Traffic – Doug Engelbart

December 26, 2018

It is fifty years since Doug Engelbart inspired us all with The Mother of All Demos. It is eighteen years since Engelbart inspired many, myself included, with his Colloquium on the Unfinished Revolution. Bootstrapping. Collective intelligence. These grand ideas apply to so many domains. But in particular, they apply to cyber security. We must get better and getting better. And in the near term, that means security orchestration and automation response (SOAR).

Watch more videos on my YouTube channel.