Swimming Upstream at Black Hat

Recently I was one of the many tens of thousands of attendees converging on Las Vegas at Black Hat, the massive annual cyber security conference.  One morning of the event I found myself walking down a long venue hallway while thousands, and this is no exaggeration, I mean thousands of attendees were walking the opposite direction.  

The whole corridor was filled with people heading to the expo floor to see the new cyber security technologies on display and learn how AI, machine learning, magical mystery boxes, and other toys would help them finally secure their network.

How Do You Sniff Out Cyber Threats?

I read recently that the nose isn’t very good at maintaining awareness of the smells around us constantly, however it excels at detecting changes in smells.  Kind of strange to think about, but it explains how someone can live in a house with a deadly natural gas leak for hours or days and not realize it.  This may be a strange thought to start out a blog on cyber security, but thinking about how we relate to the world around us can help to develop new ways to improve the speed, scale, cost, and accessible of security. So how do you sniff out cyber threats?

The Cyber Security Context Challenge

In my last blog posting, I spoke about the importance of thinking about cyber security as a resource problem rather than a technology problem. I challenged readers to think about speed and scale as a solution for the resource problem. This posting expands on that discussion by considering the importance, or lack thereof, of “Context.” My assertion is that while context may matter in some situations, it is one of the biggest impediments to implementing effective cyber security today.  

The cyber security community is primarily made up of geeks, technologists, and nerds that typically can’t help themselves from going down a rabbit hole when it comes to digging into a problem. This growing community of men and women are on the front lines of protecting our payment systems, preserving our privacy, and keeping the valuable intellectual property from getting sucked out of the servers of companies of all sizes.  

Rethinking The Approach to Cyber Security

Everyone knows that cyber security is a big problem and most of what we hear about in the media is just how big of a problem it truly is: the average cost of a breach is $4M (http://fortune.com/2016/06/15/data-breach-cost-study-ibm); the global economic impact of cyber crime is $450B (http://www.cnbc.com/2017/02/07/cybercrime-costs-the-global-economy-450-billion-ceo.html); there were 4B data records stolen in 2016 alone (http://www.nbcnews.com/storyline/hacking-in-america/more-4-billion-data-records-were-stolen-globally-2016-n714066). Those are definitely some big numbers! Now, rather than wringing our hands over the size of the problems and challenges, let’s spend a little time thinking about a solution.

Expanded Threat Information is Almost Live!!

Friday is a big day for Dark Cubed!  We are preparing to launch a new feature that has been in the works for quite a while, and I couldn’t be more excited!  As I approach my one-year anniversary at Dark Cubed, I have enjoyed taking a few minutes to look back over time and see the incredible progress we have made.  From the rapid growth of customers, the new features implemented in the product, to the features requested by our amazing customers such as automated notifications, one-click blocking, and multi-level reporting.

SMBS and Cyber Security: A Real Challenge

Make no mistake: a proper cyber security strategy is essential for all companies that deal with intellectual property, customer data, financial information, and other sensitive materials. However, all too often small and mid-sized companies can feel lost in the marketplace since the majority of mainstream cyber security companies only offer services with a hefty price tag attached.

Yes, cyber security solutions can be expensive. But so are cyber attacks.

What is Grizzly Steppe? Dark Cubed Explains Russian Hackers, Elections, and Data-Driven Analytics

Two days before New Years, something interesting happened in the world of cyber security. The Department of Homeland Security released a report on hacking activities by Russian Intelligence Services related to activities against the U.S. Government. The report was somewhat interesting, however DHS also released a set of indicators in a .csv file with 956 lines of data. As the CEO of a new cyber security startup focused on using data in smarter, more interesting ways, this data tugged and pulled at me in a way that I did not expect. Over the next two days, in between (and through) family events, football games, and dogs grabbing food off of the counters, I sat on a stool in my in-law’s kitchen and tuned out the world. There was something about this analysis that I could not ignore.

How An Information Sharing Environment Can Better Predict Cyber Threat Trends

With sophisticated hacking schemes gaining velocity, maintaining an organization's cyber security can feel demanding. Few know that reality better than the federal government. In response to the events of September 11, 2001, the Department of Homeland Security, together with Congress, began to develop methods by which to gather crucial information on illicit cyber activity and disseminate it to other government agencies within the national security enterprise and private networks considered as critical infrastructure. Known as the Information Sharing Environment (ISE), DHS endeavored to boost inter-agency cooperation and reduce attitudes clinging to parochial interests in order to better protect the country from future cyber peril.

Cyber Security Monitoring In 15 Minutes? Really???

If you've read anything about Dark Cubed, you know that we pride ourselves on being different. We have built a powerful cyber security platform that is easy to install and use.

"no way." It's too simple.

Most people hear claims like that and think, “no way.” It's too simple. They are jaded. I don’t blame them. Most people discount those claims as marketing hype… if it is powerful, it cannot be easy to install or use. It has to be hard and expensive.

I have a Firewall, so I am protected, right??

Mike owns a financial advisory firm. He helps people save for life’s big events like college and retirement and knows each one of his clients personally. His team consists of 15 employees with a range of responsibilities, from providing investment advice to making trades and other administrative activities. As a result, Mike's company collects some really important personal information like social security numbers, bank account numbers, balances and transaction instructions. 

The Value of Shared Data Analytics

Here at Dark Cubed, we are focused on a new approach to cyber security that works for companies of all sizes. A key part of our mission is to use elegant engineering to simplify the deployment and use of sophisticated security capabilities. One key component behind Dark Cubed is our ability to provide enhanced protection for our customers through near real-time data analytics and predictive algorithms. As we continue to deploy Dark Cubed to more customers, we are ramping out our data science and analytics capabilities, both in-house and through partnerships. Two of the partnerships we are excited about are with the University of New Haven (focusing on IoT and Mobile Malware applications, www.unhcfreg.com) and George Mason University (focusing on data analytics and visualization, https://ece.gmu.edu).

Reflections on Last Week

I was on the road last week and had plenty of airplane time to catch-up on some overdue reading and reflection.  The conclusion of the week was marked by a rather interesting event that caused a relatively significant event on the Internet with the DDoS attack against the Dyn’s architecture.  Now, just to warn you, this isn’t a posting about how we could have fixed it and how we are the magic bullet for cyber security…we aren’t that obtuse (although many other cyber security companies are seizing this as a marketing opportunity).  Anyway, while at home this weekend and in between baseball games and kid birthday parties, I had a chance to reflect on the week and our vision at Dark Cubed, I was struck by the impact of three events from the week.

Lessons Learned From Protecting the 2016 Republican Convention

Last month I spent the week in Cleveland, Ohio – the home of the Rock and Roll Hall of Fame, Great Lakes Brewing Company, and LeBron James.  I wasn’t there to enjoy the sights, rather, Dark Cubed had been provided the opportunity to demonstrate our technology at the Republican National Convention as a member of the Cyber Security Operations Center.  Here are some of my thoughts resulting from supporting this historic event, regardless of your political leanings.

Great Press For Dark Cubed!!

We want to send a  huge thank you to a number media outlets for highlighting the hardworking team behind the scenes at the Republican National Convention (RNC) this past week. Rarely do we hear a success story woven into media coverage around cyber security. Instead, we read about data breaches, millions of dollars lost and encroaching Russian hackers. Advancements to the security measures at the RNC this year allowed the collective team to weave a story of success into the more common cyber security narrative.