Enterprises can manage, mitigate and monitor their cyber risks by mapping threats and adversary tactics, techniques and procedures to known vulnerabilities. Ultimately, the goal is to have a scalable, reproducible metric for risk. On Feb. 4, 2021,…
Seems like an easy question. Less costly and more efficient beats expensive and inefficient every day, and twice on Sundays. Arizona had one of the most successful elections of the 2020 cycle. In the face of a global pandemic and record-breaking…
Securing federal systems, revisiting Solarium recommendations among first priorities, policy pros say With the SolarWinds and Microsoft Exchange hacks framing every discussion around federal cybersecurity efforts, policy pros are offering a variety…
Adopt threat modeling, control validation, and ATT&CK. Technology providers should anticipate being targeted by threat actors—either for financial gain or as a stepping stone into customer environments—and apply and validate security controls based…
Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company, and a senior fellow at the R Street Institute. He is also a senior adviser to The Chertoff Group. He formerly served as deputy assistant secretary for…
