Saturday, April 16, 2016

We need to think smarter not harder about cyber - Cyberwatch.

I'm a bit late in posting this week. I know many of you read it on the treadmill on Saturday morning, but it's been a crazy (good) week, and I've just arrived back home from MD. I spent some time with my youngest this morning at a charity yard sale at her HS and then got a workout in... my body's sore.

We've been absolutely slammed this week. From publishing new North Korean cyber TTPs to the end of the week, to getting new features added into Cyberwatch.

That said, here's the happenings...

Cyberwatch? We pushed a new feature last night --monitor up to five companies in a portfolio view...
pretty cool stuff. While the site still lacks documentation (we do have a FAQ page), the idea that a CISO can monitor up to five companies (themself plus four others) to baseline relative levels of threat between them is, in my opinion, a tool that every CISO --and anyone who invests their own money or invests someone else's money, should want.

In fact, in the graphic above, I'm monitoring 10 Aerospace companies --from really big to very small, just to see the comparison of cyber threats looking at them. It gives me great baseline --and tells me there are maybe one or two that I should call and give them a heads-up! And in the near future, we'll be looking at portfolios of up to 1000 companies (at least that's what I'm requiring of my CTO!). So imagine, sitting in your comfy leather chair, worried about hackers because Krebs broke yet another "oh shit" blog post. You simply log into Cyberwatch, check the graphic for your portfolio of companies, and either relax into your single bourbon for the night or put away half the bottle. 

Why do we care? Until recently there's been no really good way to monitor situational awareness in the intelligence space writ large --and because of that, many companies have a hard time articulating the need for security --or worse, know they need it but ignore it.

So this week we showed a security guy how to monitor cyber threat in his supply chain. His reaction? He wanted to buy a single user license on the spot to help predict which stocks he should buy. We didn't really expect that reaction, but it's the second time it's happened.

Then we we told him we'd purchased a equity stake in an investment tool, and our (patent pending) process for monitoring the cyber threat landscape is to be built into the analytic tool designed to help institutional investors make decisions on their portfolio.

He loved it. He still wants a single user license, but he loved it.

So imagine this... you sign into your [you name the broker/dealer's website], and you start combing through the endless amount of financial data -- revenue, costs, liquidity, margins, turns, etc... pretty cool stuff right? Now add in the idea that you can look at a new, fresh variable in your decision making process --cyber threats looking at that company. 

Given the ability to choose between two investments --one with little cyber threat and one with much cyber threat, what would you do? If you're institutional buyer doing an M&A, you'll build it into the deal. If you're not institutional, you might consider choosing the company with the lower risk of being hacked.


We're heading into May, and preparing for our June 7th Cyber Symposium in Huntsville. And yes, I know Steve Lines is going to comment on my blog that he too is running a cyber program for the DIB ISAC in May, so let me just get it out of the way right now for him.  I'm sure it'll be a good show. Steve's a great guy.

And in June? We've got some amazing talent showing up --folks who monitor networks, have built amazing security teams, and my guys --intelligence.  If you have any interest at all in how to deal with APT, the impending DFAR 800-171 or the new insider threat requirements, there'll be people there who can help.

If you want to know how DCISE works, what happens when you report, and the requirement for reporting your cyber activity to the government, it's been a while since I left the government I had a hand in writing some of those documents and built the early operational capability that is now DCISE.  So go enjoy DIB ISAC, and then stop in over for the June 7th Cyber Symposium. The agenda is looking pretty good... Red Sky/Wapack Labs, Lockheed, Morphick and Huntsville's own small company focused rock star, H2L Solutions. If you'd like more information, please reach out to our partner in this, Jonathan Hard, CEO at H2L. Jonathan will give you the gouge on the Symposium and set up a time to talk about doing your 800-171 assessment/attestation and go-forward plan.

Also, we're hosting our second Red Sky Threat Day in Stamford, CT on June 21st, and have some great talks lined up. If you're interested in presenting, shoot me a note. We try and bring in one outsider per quarter to give a talk. Interested? Shoot me a note.

OK folks... sorry for the late post. It's been a long week.

Have a great weekend!

Post a Comment