From the Summer 2022 Issue

Enterprise IoT is Currently Extremely Inadequate – But it Doesn’t Have To Be

Author(s):

Brian Contos, Chief Security Officer, Phosphorus Cybersecurity

The state of Internet of Things (IoT) security across the enterprise and government agencies is shockingly bad. IoT devices are highly vulnerable; therefore, making organizations vulnerable. In many ways enterprise IoT security today is like IT security in the early 1990’s with poor asset inventories, limited patching, and weak credentials, which is to say, enterprise … Read more

From the Winter 2021 Issue

Threat Intelligence-Led Cybersecurity

Author(s):

Brian Contos, Chief Security Officer, Phosphorus Cybersecurity

Threat Intelligence

Successfully predicting, preventing, detecting, responding, and recovering from cyber-attacks requires you to have in-depth knowledge of the attacker, their tactics, and their techniques. While most organizations operate with some level of threat intel, some still haven’t embraced automation as a way to operationalize intel for the validation of TTPs and IOCs against their security tools, … Read more

From the Fall 2018 Issue

The Industrialization of Cybersecurity Red and Blue Teaming

Author(s):

Brian Contos, Chief Security Officer, Phosphorus Cybersecurity

brian-contos-article-header

The industrial revolution was brought on by purpose-built machinery and automation. A similar revolution has occurred in cybersecurity, leading to the industrialization of red and blue teaming. In large part, this industrialization has been realized through security instrumentation platforms (SIP). Security Instrumentation Platforms SIPs validate that a security system is working as needed: providing foundational … Read more