About a year ago, the U.S. security firm Palo Alto Networks began to hear from a flurry of companies that had been hacked in ways that weren't the norm for cybercriminals.
And “tech debt” (which I’m sure said execs would lump refactoring infrastructural security under) isn’t a new feature that generates money, so it’ll get consistently deprioritized.
Cyber gets paid but help desk folks, ops managers, general help staff, and the little people with too much least privilege who actually get shit done usually aren’t.
The article explicitly talks about social engineering. If you’ve solved social engineering for the positions I listed, you have effectively ended the need for most security solutions. Yes, we can mitigate its effects, but no, watching doesn’t prevent it which was the context of this thread.
You have to define adversary objectives then separate those from normal behavior. Again, you haven’t solved the problem raised in the thread. How are you, a highly paid cyber security professional, going to prevent social engineering from allowing privilege escalation and negative outcomes ranging from fraudulent invoices to knowledgeable, intentional use of applications following expected behavior?
It’s the low tier employees that usually monitor for breaches and anomalies and they just won’t give a shit.
And “tech debt” (which I’m sure said execs would lump refactoring infrastructural security under) isn’t a new feature that generates money, so it’ll get consistently deprioritized.
Source: am software+devops engineer
deleted by creator
Cyber gets paid but help desk folks, ops managers, general help staff, and the little people with too much least privilege who actually get shit done usually aren’t.
Source: am executive with compliance history
deleted by creator
The article explicitly talks about social engineering. If you’ve solved social engineering for the positions I listed, you have effectively ended the need for most security solutions. Yes, we can mitigate its effects, but no, watching doesn’t prevent it which was the context of this thread.
deleted by creator
You have to define adversary objectives then separate those from normal behavior. Again, you haven’t solved the problem raised in the thread. How are you, a highly paid cyber security professional, going to prevent social engineering from allowing privilege escalation and negative outcomes ranging from fraudulent invoices to knowledgeable, intentional use of applications following expected behavior?
Read the article.
deleted by creator