In the heat of a "cyber moment," how do you figure things out so you can get out of it quickly and cleanly? How do you handle a period of chaos when you've not experienced that particular situation before? It comes down to critical thinking β but how do you "get" that?
In the heat of a "cyber moment," how do you figure things out so you can get out of it quickly and cleanly? How do you handle a period of chaos when you've not experienced that particular situation before? It comes down to critical thinking β but how do you "get" that?
According to our guest, Dan Borges, critical thinking comes from practice. Not from practicing the same things over and over in traditional tabletop exercises. And, not just one side of the table at a time either. Instead, it's best to practice using real-world scenarios in an environment that is also real ... meaning, it is live, dynamic, and where anything can happen.
Dan covers this during our conversation through the work he does with the Collegiate Cyber Defense Competition (CCDC) and in his book,Β Adversarial Tradecraft in Cybersecurity: Offense Versus Defense In Real-Time Computer Conflict.
We hope you enjoy the conversation and get some tips to help you and your teams think critically now, so you have that skill when it matters most.
About The Book
Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.
This book contains two subsections in each chapter, specifically focusing on the offensive and defensive teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.
Throughout this book, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors' motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will learn how to gain an advantage through advanced research and thoughtfully concluding an operation.
By the end of this book, you will have achieved a solid understanding of cyberattacks from both an attacker's and a defender's perspective.
____________________________
Guest
Dan Borges
On Linkedin πhttps://www.linkedin.com/in/borges1337/
On Twitter πhttps://twitter.com/1njection
Blog Β πhttps://lockboxx.blogspot.com/
____________________________
Resources
Book: Adversarial Tradecraft in Cybersecurity: Offense Versus Defense In Real-Time Computer Conflict: https://www.amazon.com/Adversarial-Tradecraft-Cybersecurity-real-time-computer/dp/1801076200/
Collegiate Cyber Defense Competition (CCDC): https://www.nationalccdc.org/
On Twitter πhttps://twitter.com/NationalCCDC
Additional Resources: https://ahhh.github.io/Cybersecurity-Tradecraft/
____________________________
This Episodeβs Sponsors
Imperva: https://itspm.ag/imperva277117988
Archer: https://itspm.ag/rsaarchweb
Edgescan: https://itspm.ag/itspegweb
____________________________
To see and hear more Redefining Security content on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-security
Are you interested in sponsoring an ITSPmagazine Channel?
π https://www.itspmagazine.com/podcast-series-sponsorships