Changing the physics of cyberdefense
John Lambert over at Microsoft did a great presentation at the Security Analyst Summit on Changing the Physics of Cyberdefences. We've heard that attackers have all the advantages. Defenders are too slow, too disorganized, and too far behind the curve. The physics of cyber favor the offense. Today's modern defenders are changing all of this. The world is in transition and the playbook for network defense is being re-rewritten as a new set of forces take hold.
Modern defenders are harnessing the cloud to store data volumes that were economically out-of-reach just a few years ago. Attacker's opsec mistakes are imprisoned in today's big data systems waiting for discovery by defenders that are sharing knowledge more widely than ever before. The skillsets of defense have changed from AV and SIEM to reverse engineering, intelligence driven hunting, and data science. This talk discusses these and other major trends sweeping the world of defense and why they are changing the balance between attack and defense. Its a great watch.