Saturday, October 21, 2017

Sometimes you just need to talk to someone!

I've used the VA for my healthcare since leaving the Navy in 2001. In my opinion, it's one of the best deals going.  One of the things that you see from the minute that you walk in, are magnets, handouts, and wallet cards —seemingly everywhere —all designed for one thing; they give a vet a place to call when they're in crisis. Maybe that applies more to some than others, but for that one, who finds themselves in crisis, it could mean everything.

I was having dinner with Liz last night. Liz is the head of our intelligence team. We talked about the idea that since starting Red Sky Alliance back in 2012, people, laws, and trends have really changed. In Red Sky for example, once fertile two-way communication has become more the place where we get RFIs from members, deliver PIRs and get asked questions about the intelligence we push through.

So in talking with Liz last night, who's given talks to over 1000 people in the last three weeks —her audience largely bankers, with the majority being smaller --all on fraud; a subject we know well, She says, you know what? These companies just want a place where they can ask questions, not necessarily share a bunch of information.

"They're not all big companies" she says. The majority of those she's talked to haven't built an internal, 200 person infosec team (like many of our original members), nor do they have dedicated intelligence. They have Directors of IT who, many times find themselves double, even triple-hatted —CIO, CISO, Analyst, Fraud person, privacy, and general go-to person for anything wrong with the IT. They participate in free groups and pull down as much information as they can, and make due with it as best they can, but when they get stuck… they want to talk with someone.

And for the last four years, this is exactly what Red Sky Alliance has been. Red Sky Alliance is a place talk to an analyst. Not only can you talk to a Wapack analyst, ask the RFI, or get your intelligence, but Red Sky still today maintains roughly 40% month over month participation —not including my own analysts. Companies come in when they want to talk —when in crisis and they get expert feedback from folks dedicated to monitoring the chatter, pulling apart code, and tracking the fraud. And when we don't know the answer, someone else usually does. Did I mention 40% participation? Yeah, someone else usually knows.. it's called crowdsourcing… and it's amazing.

And in the coming weeks, we're making it easier than ever to talk to someone. We've been on Jive since the start, and realized the need is for more tactical communications. We're moving to a Slack-based platform starting November 1st. Tactical, mobile, and always on. Need to talk to an analyst? Compare notes? We're here; and so are about 60 of your closest friends. This isn't a group of 2000+, it's small trusted, and smart.

I think Liz stumbled onto our new marketing message. Talk to an analyst. 

She's dead on.

**********************************************

This week was the week for fraud. Liz has delivered three talks in the last two weeks to over a thousand people, is preparing to do another one this week, and will give a talk on cryptocurrencies in fraud next week at the MacKenzie Institute in Toronto. 

We published several pieces of analysis, one originally appearing to be a simple smash and grab leading us down another analytic path only to believe (still a WIP) that it may turn out to be a major data loss breach and even more, ongoing fraud —for over a year. 

Me? I'm speaking at ISC2 in New Hampshire on Tuesday and heading off to ZeroDay Con in NY later in the week. I'm looking forward to seeing some of you.

So until next time,
Have a great weekend!
Jeff