Jonathan Reiber, Author at Security Boulevard

AttackIQ and MITRE Engenuity’s Center for Threat Informed Defense are “sighting” ATT&CK techniques in the wild. Come and help.

The goal is greater visibility and effectiveness. The post AttackIQ and MITRE Engenuity’s Center for Threat Informed Defense are “sighting” ATT&CK techniques in the wild. Come and help. appeared first on AttackIQ ... Read More

The U.S. Government Needs to Overhaul Cybersecurity. Here’s How.

In advance of the new Biden administration cybersecurity executive order, it’s time for the federal government to get proactive about cybersecurity. Deploying a validated zero trust architecture for the U.S. government's most critical high-value assets is an aggressive but achievable goal. The post The U.S. Government Needs to Overhaul Cybersecurity ... Read More

In partnership with MITRE Engenuity’s Center for Threat-Informed Defense, AttackIQ launches new automated adversary emulation plan for menuPass

After SolarWinds, organizations need visibility into their security program effectiveness against real world threats. Automated adversary emulations can help meet that need. By generating real data about how your security program performs against menuPass, you can see security failures, make data-informed adjustments, and plan smart investments to optimize your security ... Read More

If You Don’t Hire Robots to Attack Your Networks, You’re Not Doing Security Right

Complying with DoD’s new cybersecurity regulations requires hard data, the kind that pretty much requires automation to compile. The post If You Don’t Hire Robots to Attack Your Networks, You’re Not Doing Security Right appeared first on AttackIQ ... Read More

If You Don’t Hire Robots to Attack Your Networks, You’re Not Doing Security Right

Complying with DoD’s new cybersecurity regulations requires hard data, the kind that pretty much requires automation to compile. The post If You Don’t Hire Robots to Attack Your Networks, You’re Not Doing Security Right appeared first on AttackIQ ... Read More

Five Accelerating Digital Trends That Will Impact Risk Management in 2021

Digital risks escalated in 2020 under the onset of the novel coronavirus and shaped the cybersecurity policy landscape. Over the coming year, we can surmise five accelerating digital trends that will continue to exert their impact on security and human behavior. The post Five Accelerating Digital Trends That Will Impact ... Read More

Time to prepare for increased U.S.-China tensions in cyberspace 

| | Blog
Last week, the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to critical infrastructure owners and operators across the United States to be vigilant for potential Chinese cyberspace operations given heightened tensions between the two countries. What does the CISA alert recommend, and why is it important ... Read More

This election year, the health of the Union depends on how we safeguard our information 

Cybersecurity does not exist in a vacuum and current socio-economic pressures make the United States more vulnerable to cyberattacks of all kinds. With the U.S. presidential election underway, Americans need to take practical steps to defend our democratic processes, online and off. This essay outlines some of the issues facing ... Read More
Best Practices in Threat Informed Defense: Lessons from the Defense Department

“Think Bad. Do Good” Podcast Episode 3: Best Practices in Threat-Informed Defense

| | Blog
AttackIQ’s Ben Opel and Jonathan Reiber discuss threat-informed defense lessons-learned from their time serving in the U.S. Department of Defense in the U.S. Marine Corps and the Office of the U.S. Secretary of Defense. In this podcast, listeners will learn about how to implement a threat-informed defense strategy in the public and private sectors, ... Read More
AttackIQ Includes MITRE ATT&CK’s New Sub-Techniques for Customers

AttackIQ Includes MITRE ATT&CK’s New Sub-Techniques for Customers

| | Blog
By Jonathan Reiber, Senior Director for Cybersecurity Strategy and Policy; Chris Kennedy, CISO and VP for Customer Success; and Vinod Peris, VP of Engineering. Over the past year, the MITRE ATT&CK team has been beta testing ATT&CK sub-techniques, a major restructuring of the ATT&CK framework that provides a more granular organization ... Read More