Great reads… (HackBack)

A few great first person write-ups I found documenting how these companies below were breached… – FlexiSpy – Hacking Team – Gamma

Please share other posts/write-ups you’re aware of…

More Detection + Response, Less Prevention

A friend sent me this Reuter’s article recently about the NSA’s new operating assumption to treat production systems as though they may be compromised.  From the article:

"There's no such thing as 'secure' any more," Debora Plunkett of the
National Security Agency said on Thursday amid U.S. anger and  embarrassment
 over disclosure of sensitive diplomatic cables by the web  site WikiLeaks.
"The most sophisticated adversaries are going to go unnoticed on our
networks," she said.Plunkett heads the NSA's Information Assurance
Directorate, which is  responsible for protecting national security
information and networks  from the foxhole to the White House."We have to
build our systems on the assumption that adversaries will  get in," she
told a cyber security forum sponsored by the Atlantic and  Government
Executive media organizations.

This is why organizations need to spend more resources on DETECTION and RESPONSE and less on PREVENTION.    A domestic terror attack is not preventable — we just need to be ready!