As heard on The CyberWire

While at Black Hat USA 2016, Lance Cottrell, Chief Scientist of Passages, was able to speak with the Executive Editor of The CyberWire, Peter Kilpe. This special edition podcast was published by The CyberWire as part of their event coverage, and it includes a few of Lance’s thoughts surrounding how industry trends are leaning towards the development of a self-healing, proactive form of security, rather than trying to clean up the mess after it’s already left a stain.

In addition to Lance’s remarks in the podcast, more of his comments are also recapped below from this edition of the CyberWire:

“It might be worth quoting some perspective we received from Ntrepid’s Chief Scientist Lance Cottrell last week. He notes that many of the things people worry about are Hollywood hacks. Reflecting on his participation in panels on Internet-of-things security, he said, “We tend to look for the extreme movie plot threat scenarios. What if they hacked your car and drove you off a cliff?” And how likely is it that someone would go after you in such a “Rube Goldberg” fashion? If they were rationally evil, and not in it for the baroque, Blofeldian lulz, wouldn’t they just hire a hitman?

Cottrell suggested that it’s useful to think about what he called the attackers “mindspace.” “What are their goals? They want to generate money. Why is ransomware suddenly a thing? Because it’s hugely lucrative. Why DDoS? Because it works, and can be easily monetized.” And, he noted, some once common attacks are fading because of black market forces. There are fewer attempts to steal credit cards in part because stolen paycard numbers have now been so commoditized that it’s hard to make money from them.

So, develop a realistic understanding of what you have that might be of value to an attacker and then manage your risk accordingly. Not every attack is out of “Skyfall.” Whenever an enterprise is breached, Cottrell noted, the first press release talks about how extremely sophisticated the attackers were. Of course it would: “You don’t want to say some script kiddie used a well-known exploit against our unpatched browser from two years ago to own us, but that’s actually what’s happening most of the time.”

Thus: watch the basics, and manage risks intelligently.”

To learn more about how we ensure secure web browsing for enterprises and their employees, check out Passages.