Advanced Cyber Defense

Industrial Control Systems (ICS) Ambiguity?

Authored by Gareth Pritchard, Azeem Aleem, Peter Tran From the days of Slammer, Stuxnet, Shamoon, etc., to the recent Ukrainian (black energy) Power Grid and “Panel Shock” Attacks, we are witnessing a sophisticated surge in the attack domains across industrial control systems. The shift from legacy systems towards process control networks with connectivity around enterprise…

The Dyn Attack – How IoT Can Take Down the “Global Information Grid” Back Bone (Part I)

Authored by Nick Murray and Peter Tran Imagine that you are driving through downtown New York City (NYC) and only relying on your GPS for directions. All of a sudden, the GPS stops working and you are stuck in mid-town Manhattan traffic during rush hour. If you have ever tried to drive in NYC, you…

Part 4: Fundamentals of the Game – There is no intelligence without data

After having identified the set of fundamental skills needed to set up a successful SOC, highlighted the importance of the alignment between SOC and business goals, and  understood how people, processes, and technology must work together for a SOC to be successful, we now investigate the next SOC fundamental skill: focus on data through visibility…

Part 3: Fundamentals of the Game – People, Process and Technology Alignment

The first post in the Fundamentals of the Game series listed a set of skills that characterize successful SOCs, just like the excellence in offensive and defensive fundamental skills characterizes the greatest players in basketball or any other sport. The second article provided details on one of these fundamental skills (established alignment between SOC and business…

Part 2: Fundamentals of the Game – Where Business and Security Goals Meet

In the previous article of this series, a sports analogy helped me in highlighting what I consider to be the fundamental skills needed to build an effective Security Operations program. I now want to go through each one of the fundamentals in more detail, providing real-world examples of how Security Operations Centers in global organizations…

Fundamentals of the Game

If you love the game of basketball, like I do, you have surely been involved more than once in a fired debate on who is the greatest player who ever set foot on a hardwood floor. This kind of debate is more than probably useless and surely impossible to solve (at least in a peaceful…

A Use Case for Success

RSA’s Advanced Cyber Defense Practice routinely works with customers on optimizing their detection and response capabilities. Often times we observe a wide-ranging array of alerts and reports generating hundreds, if not thousands, of tickets in the incident management system. When that occurs, it’s essential to reflect on the true value of injecting those alerts and reports.…

Balancing Security and Privacy: Embracing an Advanced Cyber Defense Strategy

In his recent keynote at RSA Conference Europe 2013,  Art Coviello, RSA Executive Chairman, painted a sobering picture of the challenges confronting cybersecurity professionals. We face a continued increase in the sophistication and rate of cyberattacks. Attack surfaces are expanding, due to the explosion of apps, digital content, mobile devices and virtualized infrastructure.  And legacy…