#122 - Methodologies for Analysis (with Christopher Crowley)
CISO Tradecraft® - En podcast af CISO Tradecraft® - Mandage
Sometimes you just need structure to the madness. Christopher Crowley stops by to talk about methodologies that can help security organizations. Come and see why you need them, how we get the scientific method wrong in cyber, and how to leverage a CIA analytical methodology that can help you. There's a lot more to check out so tune in. Analysis of Competing Hypothesis https://www.cia.gov/static/9a5f1162fd0932c29bfed1c030edf4ae/Pyschology-of-Intelligence-Analysis.pdf Christopher Crowley's Company https://montance.com/ Full Transcripts: https://docs.google.com/document/d/1P4MI02fIw3y_u8RhLVDbB3iu0o7e27Fr Chapters 00:00 Introduction 02:30 The Morris Worm and the Internet 04:17 The Future of Cybersecurity 06:41 How to setup a shared drive for multitasking 10:26 The Evolution of Career Paths 12:02 The Importance of Methodology in Problem Solving 14:16 The Importance of Hypothesis in Cybersecurity 19:58 MITRE ATT&CK® Framework: A Two Dimensional Array 21:54 The Importance of a Foregone Conclusion Methodology 23:29 The Disruptor's Role in Hypothesis Brainstorming 25:18 The Importance of Resilience in Leadership 27:45 Methodologies and Threat Hunting 29:21 The Importance of Information Bias in Threat Hunting 34:31 How to Sort Hypothesis in a Spreadsheet 37:22 The Importance of Refining the Matrix 40:34 How to Automate Analysis of Competing Hypothesis