Infosec glossary entry
[...] refer to the series of behaviors that a cybercriminal exhibits prior to executing a cyberattack. The intent of cybercriminals may be evaluated during the research stage of the cyberattack kill chain — where they investigate potential entry points, and collect data about the company, users and technology systems in place. Indicators of attack are not so much a static description of the attacker, but a dynamic profile of how an attacker interacts with your technologies and users. https://www.splunk.com/en_us/blog/learn/ioa-indicators-of-attack.html
By jean-christoph
June 3, 2023
— And why your SOC might actually need a Bard 🐉⚔️ Cybersecurity teams are often compared to armies, fire brigades, or special forces. Personally? I think they’re much closer to a party of heroes in a classic fantasy role-playing game. No matter how many frameworks, SIEMs, or AI tools we summon, defending a digital kingdom
Read MoreIntroduction Sun Tzu’s "The Art of War" is a legendary strategic treatise written more than 2,500 years ago. Its enduring principles of warfare strategy have transcended military boundaries, influencing disciplines from business management to competitive sports. In today’s digital age, its relevance is increasingly apparent in the cybersecurity landscape, particularly for CISOs of medium-sized enterprises,
Read MoreWhy We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime,
Read More