It’s been interesting to watch the cybersecurity industry evolve over the last two decades. I’ve seen radical shifts in actor behavior and sophistication, as well as industries’ ability to comprehend and address threats. With that in mind, it would be easy to build a picture of “doom and gloom”—given that everybody realizes that industry and government alike are not able to keep up.
Time and time again, I’ve said that the adversary adapts in a matter of minutes and hours, whereas industry adapts in a matter of weeks to months (I’m being generous), and government adapts in months to years. However, I’m not one to subscribe to a defeatist mentality. By now, everyone should recognize the magnitude of the issue, so we all (industry, vendors, government) should be working together to overcome the threats.
We need to focus on the problem and remove obstacles to provide for effective
While there has been a refreshing focus on information sharing over the last 5 years, it’s taking longer than expected to have a significant impact. This drive to collaborate has influenced my career decisions in recent years. As I think about those influences and the changes I’ve made, I’ve decided to share observations of the ever-so dynamic cyber-threatscape. In this series, I’ll share observations—and some of them are not pretty—of our industry and the threatscape.
My first blog will be focused on the dynamics that led me down the path to change companies; the second will focus on the deadly marketing habits of cybersecurity vendors; and the third, a cybersecurity reality check.
I hope you enjoy this series, and I invite your questions and commentary. Stay tuned for the first blog post.