Cyber Learning - Who to Follow Part 2
More cyber experts and companies who can help you to always be learning
This is Part 2 of what I think may become a little bit longer series of posts on the topic of good people and organizations to follow in the cybersecurity space. Learning is a wonderful habit to embrace in life of course, and it’s useful in our work lives as well.
With that in mind, Part 2 of the Cyber Learning - Who to Follow is below. I’ve added just a little spice to it by sharing each person’s own blurb from their Twitter / X accounts, and in some cases a link to something that stands out most to me when I think of them.
Rob Joyce: Whose former title at the NSA is one of the most glorious euphemisms I’ve ever seen: “Chief of Tailored Access Operations”. What sticks in my memory most about Rob Joyce is his epic talk at the USENIX Enigma conference in 2016, titled Disrupting Nation State Hackers.
Jen Easterly: Director of CISA, really enough said right there. CISA is one of the most active federal agencies in the US when it comes to sharing valuable and often critical information to the cybersecurity community.
David J. Bianco: A guru level figure in the world of cyber threat hunting and creator of the Cyber Pyramid of Pain, which lays out what is easiest and hardest for attackers to change within their attack techniques.
Selena Larson: A well-respected thinker and speaker on cyber threat intelligence (CTI). I love this article of hers that offers this learning from history opportunity: Intelligence Failures of Lincoln’s Top Spies: What CTI Analysts Can Learn From the Civil War.
John Hultquist: A leading voice in the cyber threat intel space, who has been tracking the infamous Russian state-backed adversary group, Sandworm, for many years - as highlighted in this Wired article.
MITRE ATT&CK: I’ve written about ATT&CK here, and I just can’t get tired of talking about it. It is a true best in class, unique resource for cybersecurity teams. A treasure trove of data on how cyber attacks are carried out, from their initial planning phases through to their final phases where damaging impact is the goal.
Here’s the link to Part 1 of this little mini series: Cyber Learning - Who to Follow Part 1.