The health sector continuously get’s pummeled by malicious actors and hackers because their cyber-kinetic security is being managed by “Participation Trophy” winning wimps!

The security theater we are witnessing in our election system boasting the illusion of security via ‘clunky as heck’ and air gap defense will do nothing against the real and sophisticated adversarial landscape that is zeroing in on our democracy

Many members of Isis are not sophisticated attackers. The majority of members do not have a technical background. The UCC is predominately capable of hacking soft targets, such as Twitter accounts, and spreading propaganda or defacing websites

Cyber hygiene, patching vulnerabilities, security by design, threat hunting and machine learning based artificial intelligence are mandatory prerequisites for cyber defense against the next generation threat landscape.

You'll have the right to be angry about Vault 7 only after you boycott dragnet surveillance data providers like Google, Microsoft, Skype, Facebook and LinkedIn. The true threat is coming from the private sector surveillance profiteers.

Real cybersecurity means that your Security Operations team is consistently pen testing your network with the same stealth and sophistication as the Russian nation state, the same desperation as China’s 13th Five Year Plan, the same inexhaustible energy of the Cyber Caliphate and the same greed and ambition for monetary payoff as a seasoned cyber-criminal gang.

I don’t care how secure you think your organization is, I’ll social engineer my way inside in less than 24 hours regardless of the sophistication of your IoT microcosm security. Whatever obstacles I run into exploiting your technical vulnerabilities will be made up for by exploiting the vulnerabilities in the cyber hygiene of your staff.

A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network.

In an age of dynamic malware obfuscation through operations such as mutating hash, a hyper-evolving threat landscape, and technologically next generation adversaries, offensive campaigns have an overwhelming advantage over defensive strategies.