Browse Tag: Cyber Security

attribution in cybersecurity

Attribution: Does It Really Matter?

Unlike the movies, hackers typically don’t infiltrate businesses and steal intellectual property while sitting in their mother’s basement. Instead, they launch attacks from devices in organizations they’ve already infiltrated. They use these infiltrated sites to make multiple “hops” before arriving at their objective to obfuscate their location. These hackers use their skills and time to hide their identity prior to the start of the operation. This process makes it difficult for threat analysts to determine who they are and where they are located (aka attribution).

Not only can attribution be difficult, but if the wrong organization (nation-state, etc.) is identified, it can lead to false accusations, which can be risky for the accuser.

Over the past few years, attribution has come up more often as large-scale breaches have become more mainstream. After a major breach occurs, security analysts will typically attempt to determine who was behind the attack. For example, China was believed to have carried out an attack against the Office of Personnel Management; the Iranian government was believed to have hacked a small dam in New York; and North Koreans were believed to be responsible for the Sony breach. In the end, people want to know who is responsible for the incident, and attribution is an attempt to uncover the culprit.

Attribution is not a new concept. It’s been around for a while as officials try to identify who is responsible. Just as there isn’t always a direct answer to who committed a traditional crime, it can also be difficult to find evidence of attribution of a cybercrime.

“Attribution is extremely difficult and requires intelligence sources that are reliable and accurate,” says David Kennedy, CEO of TrustedSec. “The intelligence community typically monitors specific groups and activity in order to have high confidence. It’s not a perfect system, but the US is one of the best.”

Thomas Rid, professor and author of Attributing Cyber Attacks seems to agree. “Obviously there are cases where we cannot come to a clear conclusion in digital forensics. It’s always a question of what evidence did you get,” says Rid. “But there is still this ‘attribution is impossible’ knee jerk reaction that occasionally pops up, which really doesn’t make much sense. The idea that attribution is not possible really doesn’t carry any weight in the technically informed community anymore.”

Are We Focusing On The Wrong Thing?

Having a security team attempt to determine attribution can be a time-consuming process, and sometimes futile if you don’t have the evidence or talent to attribute the event. While having this information may be useful, it doesn’t help your organization improve its defenses so it will be better prepared for the next attack.

Your resources should be focused first on protecting your network to make sure you’ve done everything to stop future infiltrations. This includes following these steps:

  1.    Appoint a person to oversee your security program.
  2.    Update your security software (this includes operating system security patches).
  3.    Schedule security audits to make sure you measure your efforts.
  4.    Create a plan for incident response.
  5.    If you don’t have enough internal talent to handle the load, get help from a managed services provider.

While it may be helpful to know “whodunit,” it’s more important to protect your company before the next attack occurs. Following these five steps will help you reach that goal.

Want to get more information and updates on Cyber-security? Join our LinkedIn group >>

New Call-to-action

Network security

Network Security vs. Endpoint: Which One Is Right For Your Business?

Every week,  95% of network threat alerts are ignored worldwide, leaving behind an average of 16,232 threats that go unchecked. Most of these are unwanted and irrelevant alerts, but what about the vital ones that go unnoticed?

Should you block these threats using network security before they actually hit your endpoints with detection and sandboxing?

What if you don’t have secure endpoints? Will this create a single layer that hackers can easily  penetrate?

Network security

Network security involves protecting the devices and files on your network against unauthorized access. It focuses on protecting the integrity, confidentiality, and availability of your data. Network-based security can provide information about traffic on the network and threats that have been blocked. The downside is that so many warnings can be generated that it’s easy to get overwhelmed by the data and false alarms and miss the actual attack.

Network security can also be time consuming. When a viable threat is found, it needs to be investigated, which can be a long process. Networks have also become unpredictable, which makes protecting them using network-based security more difficult.

In the past, network security has been a majority of an organization’s security budget. However, things may be changing. As more security options are moved to the endpoint such as authentication, encryption, and anti-malware, network security is changing.

“It’s certainly not time to rip out the firewall, network security isn’t dead yet. It’s changing,” says Spencer Ferguson of Wasatch Software.

Endpoint security

Endpoint security secures end-user devices like laptops, desktops, and mobile devices. It addresses the risk associated with the devices that are connecting to your network. Endpoint security is different than traditional antivirus in that with an endpoint security framework, each individual endpoint is at least partially responsible for maintaining their own security.

“The focus is going away from the network perimeter and to the endpoint because it has to,” says Shane Vinup with Cyber Advisors. “There’s a lot of data and a lot of sensitive data in the wild outside of the firewall. The focus now really is: How do I protect that data? The focus for a security professional has shifted from the perimeter.”

Mike Spanbauer, VP of Research and Strategy at NSS Labs seems to agree that endpoints are important, but has concerns about determining who is responsible for protecting them. “Organizations have more endpoints today than ever, and securing those endpoints is challenging, because it’s rare that any one organization is responsible for all the endpoints that touch its network and servers,” says Spanbauer. “This is why it’s so critical for businesses to identify who’s responsible for securing which endpoints before a security incident occurs.”

Why Not Use Both?

The advantages of endpoint and network security are not mutually exclusive. There are advantages to using both. With network security, anomalies can be identified and confirmed and then endpoints can provide clarification.

To help secure your network, make sure your endpoints are secure. Then make sure your network security is in place to supplement your endpoint protection.

Want to get more information and updates on Cyber-security? Join our LinkedIn group >>

New Call-to-action

Email cyber security marketing


Cybersecurity professionals are by nature a cautious group who spend their days trying to figure out what types of tricks the attackers will attempt next. Some even try to teach employees in their organization good practices like not clicking on emails from people they don’t know. 

Enter the marketing professional, whose job it is to market to this group of cautious professionals and get them to trust us enough to actually click on a link so they can check out our products and services. As marketers, we like to collect analytics to show how readers are progressing through the sales cycle. Unfortunately, in order to get this type of tracking data, our links have to be unique and don’t display the true destination of the click (i.e. might become This means that cybersecurity professionals can’t tell where a link goes and are therefore unlikely to click. 

In order to succeed as marketer with cybersecurity professionals, you need to understand how they’re different. This group of professionals is wary of many types of marketing as they are constantly on the lookout for people trying to dupe them or their fellow employees.

Here are 4 tips to improve your email marketing to cybersecurity professionals:

1. Get To Know Your Audience (Intimately)

  •  Create a Use Case that clearly defines who your audience is, the challenges they  face, and how you need to position your product or service so that it is the     unique  solution they need to solve their problem.
  •  Understand which sector of the cybersecurity industry your product or service  occupies (i.e. endpoints, incident response, antivirus, logging, etc.).
  •  Understand and use their language of cybersecurity in your email correspondence.
  •  Find out if there are any regulations or standards by which your software will be  affected.

2. Take The Time to Build Trust

Whenever working with this highly technical group of people, always use facts instead of bold marketing claims. If you try to exaggerate the features or benefits of your services, you will likely get an unsubscribe.

This is a group of people who are regularly being told by vendors that their software is the “magic silver bullet” that will stop any type of attack. The problem is, saying that anything is “unhackable,” “undefeatable,” or “able to stop any type of attack” to this audience will quickly destroy the trust you’ve worked hard to build.

Instead, stick to the facts, features, and benefits that you can prove and market your product or service with credibility. 

3. Take Advantage Of Case Studies

There is no better way to prove that your product or service is credible than hearing success stories of other customers who have used your product or service. Customer case studies provide a real-world story of how a challenge was met and then uniquely solved with your service.

images (2)-1.jpgHow can you get these case studies? When you’re negotiating price with an existing customer, ask them if they would be willing to do a public reference in exchange for a reduced price.

4. Start With A Strong Welcome Series

After your lead has downloaded your gated content (i.e. case study, whitepaper, webinar, etc.), make sure you send them a strong welcome series. A welcome series will typically have the best open and click-thru rates.

Keep Nurturing

Providing real value that connects with cybersecurity professionals in their own language using a welcome series is a great way to start building trust. By following these tips, you can keep nurturing cybersecurity leads until they are ready to make a decision.

New Call-to-action

Lead Generation Tips for CyberSecurity Companies

Lead Generation Tips for CyberSecurity Companies

While most companies today already use some form of online lead generation, how they do so is frequently evolving. If cybersecurity businesses want to keep up with the times, it becomes important to periodically evaluate the current lead generation strategy and see if there are better opportunities out there.

For example, in the past, many companies used specific landing pages – often connected to ad accounts – that are hidden from the sitemap and used primarily to address specific leads. But many businesses are finding that this strategy is no longer necessary, and that on-page lead captures may be more successful.

How each company generates leads is going to be dependent on the type of business they run, what their current marketing strategies are, what products and services are available, and who their ideal customer is. However, there are several tips and strategies that should be considered as a cybersecurity company.

Optimizing On-Page Tactics

It starts with on-page lead generation. These are the efforts that companies use to attract leads on the page/website that the visitor is currently viewing. Rather than using a specific landing page, the business captures the lead from whatever site page the visitor has hit.

Most news websites, eCommerce sites, and consumer blogs tend to use some type of on-page lead capture. As a cybersecurity company you are no exception. Some recommended software that allows for this type of lead generation includes SumoMe (welcome mat, list builder, scroll box, triggered pop ups), Optinmonster (exit intent, full screen welcome gate, sidebar forms), OptiMonk (exit intent, inactivity pop up, scroll, dynamic text), Optin Forms (embedded in-page forms) and Wistia (video integration).

Adapting your website for on-page lead capture is a great first step. But placing a sign-in sheet and asking for a visitor’s email simply won’t cut it, as many will be hesitant to give it to you for various reasons. The good news is that there are a number of effective methods that you can use to earn their trust:

Tips for lead generation cybersecurityGive them a reason why – Why, with all the free content that’s available, should they give you their email address? What do you offer that justifies giving you something that nowadays is seen as incredibly personal? Think long and hard about your pitch, and do your best to provide potential clients with true value.

Trigger emotions – While simplicity is a must, creativity is still highly valued. Triggering emotions with words or images can be a powerful way to get people excited about the idea of hearing more from you in the near future.

Keep it simple – Assume you have only a few seconds to give them a reason to sign up, because their mouse is already inching closer to clicking the X on your message. The more they have to read, the less likely they’re going to accept the lead request and give you their information.

Add visuals – Impressive visuals capture attention in ways that words often cannot, and in today’s increasingly visual world, adding some complementary images can assist you in your quest to trigger emotions.

A/B test everything – Finally, don’t be afraid to doubt yourself. Take risks, try different things, and test all of your weapons to see which one is getting you the best reaction. Something as simple as font size can have a very different impact on your results, but you won’t know unless you put it out there in front of a bunch of eyes.

Above all else, recognize your audience. You’ll generate far more leads when you know what the needs of your visitors are than you will if you’re in the dark.

Taking Advantage of Social Media

Another great tool for finding leads as a cybersecurity company is via social media (yes really!), as it allows you to display even more of your personality. Of course, it takes time and effort to plan your next moves and figure out ways to develop a consistent voice and brand, but in the end this helps you differentiate yourself, and builds trust with potential leads.

Products such as Socedo can be quite effective here, as it allows you to first connect with your prospects on Twitter, then automatically filters them into your database with their email addresses so you can nurture them further. This is a new found tactic of combining outbound strategies with inbound strategies (without buying a list!) as you have essentially warmed up a cold lead using a very natural action of today – connecting on Social Media.

However, when it comes to effective strategies to improve social media lead generation, you may want to consider the following:

Ask powerful questions – Any time you can get someone thinking, you’re creating a space in their mind for your business. Asking the right questions encourages people to participate in a conversation that involves you as well as other followers.

It’s social media…so try to be social – People are more likely to be interested in following you when they know you’re managed by real human beings who aren’t afraid to engage in some back and forth, no matter how sensitive the topic. That means interacting with the people that like and comment, answering questions, and showing you’re actually listening.

Send them to your site – Social media can adapt very well with your on-page lead capture campaign. Create content your followers want to see more of, and then develop an on-page strategy that takes them further down the funnel.

Social media, when used correctly, is a tool that can give your cybersecurity business a whole lot of character, and that can be an extremely powerful tool for finding and capturing potential leads.

Additional Lead Generation Tactics

A number of additional (and useful) strategies include posting interactive contact such as surveys and games, and of course videos, infographics, and other forms of digital content which can be powerful additions to the written content, keeping people on-page longer and giving them more reason to believe you can assist them with their needs.

In the end, cybersecurity businesses that make a point of listening to their customers and reinventing themselves by implementing new and engaging messages and strategies are going to be the ones that stay relevant and attract those precious leads.

Want to get more information and updates on Cyber-security? Join our LinkedIn group >>

New Call-to-action

tips for cybermarketing on reddit


For many marketers, targeting Reddit is a no-brainer. It’s the 3th most popular website in the United States and gets a reported 430+ million users per month – a massive audience in rabid search of new content to consume.

“For cybersecurity marketing professionals, Reddit is a slam dunk marketing opportunity.” Click to Tweet

For cybersecurity marketing professionals, Reddit appears to be even more of a slam dunk marketing opportunity. The majority of Reddit users are men between the ages of 20 and 40, a demographic that matches cybersecurity professionals.

Furthermore, cybersecurity marketers have found that in a slow month, Reddit can provide 25% of social media traffic, with Reddit postings more likely to go viral than posts on any other social media platform.

Yet there’s a problem marketers face when it comes to Reddit, and it’s one that can take a lot of work to overcome. The problem is that if there’s one thing Redditors hate, it’s marketing.

So how can cybersecurity companies leverage Reddit for marketing purposes without getting busted? By following a few simple rules…and perhaps posting some cat GIFs.

Rule #1 of Reddit Cybersecurity Marketing: CREATE GOOD CONTENT

This should be the number one rule for all content marketing, but in case it isn’t already, it’s especially important when it comes to capitalizing on Reddit traffic.

Before choosing content to share on Reddit – or before creating content specifically for posting on Reddit – a marketer needs to ask him or herself if the content is either timely or timelessly interesting.

In cybersecurity, timely content may include articles about a recent IoT data breach or Mirai botnet-powered DDoS attack. Articles about recent security vulnerabilities, new essential patches or other interesting or necessary developments would also be considered timely.

Yet as much as Redditors are current events junkies who want to be informed of the latest news, they’re also interested in topics that are quirky and fascinating, regardless of relevance – the kind of topics that can be used as conversation starters.

For instance, how the first public hacking (and perhaps public pawning) occurred in 1903 when a magician disrupted a demonstration of a supposedly secure wireless telegraphy technology to transmit insulting messages in Morse code.

Timely articles that relate to a company’s services will provide an easier gateway to further pages of a company’s website. However, both timely and timelessly interesting content have the potential to go viral and can do great things for traffic.

“Timely and timelessly interesting content have the potential to go viral and can do great things for traffic.” – Click to Tweet

Rule #2 of Reddit Cybersecurity Marketing: CONSIDER KARMA

Reddit cybersecurity marketing karma coffee.jpgTo effectively reach Redditors, a marketer must be a Redditor to gain the community’s trust and respect. Given how easy it is to see the kind of value a Redditor brings to the community, there’s simply no way around it.

When a link is posted on Reddit, other Redditors can upvote or downvote that link based on what they think of it. That score – also referred to as post karma, is forever associated with the Redditor who posted the link.

The same goes for comments – they can be upvoted or downvoted, and the comment karma stays with the Redditor who posted the comment.

Altogether, this provides every user with a cumulative post karma and comment karma score that’s immediately visible when someone clicks on his or her profile. Also immediately visible is everything a user has ever posted – both comments and links.

In order to become a trusted and valued Redditor, cybersecurity professionals need to take the time to not only submit fresh content in the subreddit it is best suited for, but provide valuable information in various discussions and maybe even have a little fun (GIFs/jokes).

Transparent marketers will be identified as such by the Reddit community, and this reputation will be impossible to shake – one that inevitably gets associated with the company behind the marketing.

Related Article: It’s Time to Get Animated, The Secret World of GIF Marketing

Marketers also need to be careful to not repost links, either intentionally or unintentionally. This will, without fail, be called out by the community. Link posts should be limited to the one subreddit they are best suited for (more on that below), not posted to multiple subreddits in an attempt to gain more traffic.

Marketers should also take the extra few seconds to paste the link into the search bar and search the entire website for previous postings of that link.

Rule #3 of Reddit Cybersecurity Marketing: CHOOSE SUBREDDITS WISELY

There’s a tremendous amount of information and content available on and through Reddit – more than one can imagine – and it shouldn’t come as a surprise that computing and internet technology is a popular topic.

That means there’s subreddit after subreddit dedicated to cybersecurity, which results in a bevy of options for link posting.

In reality, however, not all subreddits are created equal. So while marketers will want to target a variety of subreddits in order to avoid being marked as a spammer or shill, it’s important to find subreddits that are:

1. Populated by subscribers
2. Have active discussions
3. Are welcoming of the type of content a marketer is looking to promote.

There’s just no point in marketing to an empty room.

Subreddits relevant to cybersecurity marketing professionals include:

r/AskNetsec r/bigdata r/blackhat r/CIO
r/computerforensics r/darknet r/hacking r/InfoSecNews
r/InternetIsBeautiful r/IOT r/jailbreak r/linux
r/Malware r/netsec r/privacy r/ReverseEngineering
r/rootkit r/security r/sysadmin r/technology

However, the list goes on and on – all you need to do is start digging.

Rule #4 of Reddit Cybersecurity Marketing: GET THE MOST OUT OF THOSE WISELY CHOSEN SUBREDDITS

Whether or not a cybersecurity marketer is actively participating in all relevant and active subreddits, he or she should definitely be subscribed and regularly read them.

This not only provides great content curation opportunities, allowing marketers to increase a company’s standing (or their own) by reposting the top-voted Reddit content on other social media platforms, but also enables marketers to see the topics that are popular and write their own content on those topics for future use and success.

Related Article: Your Personal Guide to the Best Content Curation

Rule #5 of Reddit Cybersecurity Marketing: DON’T BE A REBEL!

Redditors take pride in the various communities they’ve built in the form of subreddits, and the way those subreddits function is thanks to the rules for link posting and discussions they’ve all established.

Every subreddit has its own set of rules which will be readily visible on the sidebar. Marketers must simply familiarize themselves with these rules prior to posting, or else they can count on consequences in the form of downvotes, bad karma, and a distaste for the company associated with the marketing efforts.

star trek animated GIF


Even if a marketer follows all rules to the letter, there’s a good chance that some posts may go down in spectacular flames with insults and downvotes being indiscriminately hurled. Getting toasted like that once in a while is all part of being a Redditor.

There’s really no need to become discouraged, since even a failed Reddit posting will garner more clicks and traffic than the average Facebook or Twitter post, so there’s essentially no such thing as wasted effort on Reddit.

Participating in discussions for a while and building up a buffer between link postings will help any slipups be forgotten by the community. But when in doubt, a clip of a cat playing Jenga is like currency in many subreddits.

Want to get more information and updates on Cyber-security? Join our LinkedIn group >>

New Call-to-action



Wars are no longer fought on the battlefield. Wars are now fought in cyberspace.

They are fought from behind computers, with keyboards as the weapons and sensitive information as the casualties. The dangers of hacking may have come into greater prominence after the United States presidential election, but the growing need for better cybersecurity has been growing even more apparent for years, with major organizations on the receiving end of attacks, including Yahoo! (now Altaba), Oracle, Sony, Anthem and JP Morgan Chase.

Continue Reading

Cyber Security Leadership

How to Establish Cyber Security Thought Leadership

Marketing is often about making a splash. The best material sets itself apart with thought-provoking ideas, sensational visuals and language that tells a story. But setting a cybersecurity firm apart from others requires a careful balance of promotion, conversation and brand formation.

Continue Reading

Create Your Cybersecurity Elevator Pitch

Crafting Your Cybersecurity Elevator Pitch

Good marketing for cybersecurity products and services is a fine balancing act. Security companies need to show prospective customers why security solutions are essential to the longevity of their business ventures. This needs to be done without coming off as pushy or telling tall tales. And often, it must be accomplished at a face-to-face touch point, within seconds or minutes.

Hence, the need for a thoughtfully crafted elevator pitch. Continue Reading

cyber marketing scare tactics

Marketing Cyber Security Solutions without Using Scare Tactics

The easiest and perhaps most effective way of convincing customers they need to buy and use a cyber security solution is by showing the terrifying consequences of not implementing cyber defenses. Data breaches, leaked personal information, exposure to customers’ sensitive records are the obvious results of vulnerable networks. Loss of funds, reputation, business, stability and customer trust are the long-term effects of cyber-attacks. Continue Reading

Cyber Security is a Problem

Cyber Security is No Longer (Just) a CTO Problem

At the advent of the information technology industry, companies of all types began employing IT teams to take care of technology and digital data concerns. Soon, many executives realized they also needed someone to lead their IT teams and be the authority to make all technology decisions. That’s how the position of Chief Technology Officer (CTO) was born. Continue Reading

  • 1
  • 2