Blogs
January 22, 2024 / January 22, 2024 by Neal Bridges
Goodbye 2023, Hello 2024! It’s time for your annual checkup. TL;DR Targeted attacks against AI companies, emerging AI technology, and abuse of LLM’s for data disclosure I would not be surprised if 2024 presents us with a large data disclosure/breach of an AI company. As we continue to make advancements in AI, we will see […]
Read more »
January 19, 2024 / January 22, 2024 by Neal Bridges
Thoughts from a well-seasoned CISO Cybersecurity is fun. And challenging. And evolving. It bleeds into multiple aspects of our lives whether we like it or not – just like Taylor Swift. Its effects hit you when you least expect it. Like when you’re logging into your favorite streaming service, going to school, or heading to […]
October 24, 2023 / October 24, 2023 by Neal Bridges
Brian Krebs is a good guy (and a “good-guy”), but seeing a post from him on Friday afternoon usually isn’t a good thing. Last Friday it was the Okta breach. As a CISO, I had to look and see if we were impacted. It was very unlikely — we weren’t notified by Okta, and as […]
June 22, 2023 / June 22, 2023 by Neal Bridges
What is Threat Hunting? Threat hunting is proactively searching for unknown threats on the network before being compromised or alerted of a known vulnerability. This is vastly different from responding to alerts, which is typically the responsibility of a SOC analyst or an incident responder. When discussing threat hunters, security professionals tend to think of […]
May 30, 2023 / May 30, 2023 by Neal Bridges
Historical Endpoint Detection and Response (EDR) data provides invaluable insight for security teams. Access to otherwise unnoticed patterns and trends allows you to proactively identify potential threats and strengthen your defenses against future attacks.
May 23, 2023 / June 6, 2023 by Neal Bridges
Current and historical security data is loitering in your environment — we even pay for storage. But what’s the point if we can’t use it when we need it? Searchability is essential for successful security operations. Ideally, you can quickly search all security data at once — instead of many individual searches — to spend less time […]
April 13, 2023 / May 25, 2023 by Neal Bridges
The security search revolution has begun – and I’m 100% on-board. ‘Invisibility’ might be a strong word, but ‘limited visibility’ is an understatement. Cloud is taking over business operations at an aggressive pace, but our access to the mounting data is restricted by the amount of money we are willing to spend on our SIEM […]
March 23, 2023 / May 25, 2023 by Neal Bridges
Disclaimer: The recent SVB debacle has largely influenced this list. Publishing after March 9, 2023 has reshaped my perspective of the cybersecurity landscape. So, without further ado – considering we are already approaching Q2 – here’s what I think should be top of mind for cybersecurity professionals for the remainder of 2023. #3 Cloud Strategy […]
August 23, 2022 / May 26, 2023 by Neal Bridges
Black Hat is back. Yes, I know the event was held the past two years, but 2020 was all virtual and 2021 was a unique hybrid experience. This year’s show rivaled conferences held pre-pandemic—the vendor hall was packed with companies, there were thousands of show attendees, and people were networking both on and off the […]
July 26, 2022 / May 26, 2023 by Neal Bridges
Incident response (IR) plans always seem to make “top security best practices” lists. However, there continues to be widespread confusion about what actually goes into them and how to ensure they are successful. Worse yet, some companies still don’t have one at all. In fact, a recent report by Shred-it found that 63% of C-level executives and […]
