How the Adversarial Mindset Is Making Cybersecurity BetterBlack Hat's Jeff Moss Says Approach Is 'Getting More Currency'
Applying offensive hacking expertise and a more adversarial mindset to better hone not just network defenses but also public policy is proving effective, says Jeff Moss, founder and creator of the Black Hat conference (see: Cybersecurity Defenders: Channel Your Adversary's Mindset).
"This idea of the adversarial mindset stems from: People who started in attack and moved to defense were stunned to find how crazy the defense people were," Moss says. "They were really smart; they just weren't doing things that really mattered ... [because they were] disconnected from reality," he says, too often because they didn't have good information about how criminals or government attackers were hacking them.
All that changed, however, with the rise of large-scale digital forensics firms such as Mandiant that not only investigated intrusions, but publicly released details that spelled out "this is how bad guys are really behaving," he says in an interview with Information Security Media Group. And that has helped drive more organizations to build red teams that can bring a more adversarial mindset to bear on the organization's own defenses and help blue teams - defenders - put in place better safeguards.
In this interview (see audio link below the image) recorded at Black Hat Europe 2019, Moss also discusses:
- The increased use of red teams to help organizations' blue teams and engineers to be more effective;
- How private sector incident response findings and research is reshaping the industry;
- Why efforts to ensure bug-squashing during code design and review does not just aim to fix individual bugs, but whole classes of vulnerabilities.
Moss is the founder and creator of the Black Hat and Def Con conferences and a commissioner of the Global Commission on the Stability of Cyberspace.