Level of capability that is being applied with hacking into a normal company is on the scale of being a defense contractor just a few years ago.
Offensive cybersecurity is now how some countries compete.
“After a frantic global search, the admins finally found one lone surviving domain controller in a remote office—in Ghana.” —loss of 100M as civilian impact of military cybersecurity attack in unrelated universe (act of war may not qualify covered as insurance)
“Can predict what the weather might be and how it is like right now, but cannot predict what will come in two weeks.”
“Push everything into the cloud as soon as possible. Every company is limited and restricted by in-house security teams.”
“Microsoft doesn’t run its own Exchange server anymore — why are you hosting your own?” 👈
“Every day there are cyberattacks that if happened in the real world would be considered as acts of war.” 👈
Simple security hack is to delete all mails after 90 days. Or, “Make email ephemeral,”
“You do not achieve resilience simply by installing secure technology. It is mostly about understanding and mitigating risks in order to apply the right protection at the appropriate points in the system.”