Thursday, June 18, 2020

the Tech Supply Chain Held

The topic of information sharing has waxed and waned in popularity over the years. Lately, though, we’ve seen it become quite important. In fact, the new version of CompTIA Cybersecurity Analyst+ (CySA) expects candidates to have a strong understanding of how to use cyber threat data and intelligence sources for threat modeling.

I’ve noticed, though, that quite a few folks are still a bit hazy about what cyber threat intelligence and threat modeling really means. Even cybersecurity pros sometimes wonder. This is likely because the topic has been bandied about for a while and has taken a few different forms over time. So, before I go into any details about cyber threat intelligence, let me start with a quick analogy from Major League Baseball (MLB).

In 2017, the Houston Astros baseball team won the MLB World Series after a very impressive season. But in the years since, they have been accused of cheating in a major way: using the replay technology reserved for MLB officials (e.g., videos and televisions) to steal signs and warn their own batters about the next pitch coming to them.

Stealing signs wasn’t the issue – in baseball, using your wits is expected, and stealing signs through observation is expected. But using technology is against the rules.

According to an MLB investigation report, the Astros used high tech (video monitors) and low tech (literally banging on a garbage can) tactics to warn their batters about the next pitch. One bang on the garbage can meant a fastball. Two meant some sort of off-speed or change-up pitch. You don’t have to be an expert in baseball to know that every hitter would absolutely love to know what type of pitch is coming across the plate!
More Info: jobs you can get with an a+ certification

No comments:

Post a Comment