CyberWeek 2020
Here is one more chance for you to register for one of the best Cybersecurity Events of the year, for free. And as bonus you can join my session as well 🙂
Below are the details :
When : 18 -19 November
URL : https://cyberweek.ae/2020/register/
More info :
Red Team Village
Red Team Village (https://redteamvillage.org) is a community driven combat readiness platform for Adversarial attack simulation, Red teaming tactics and Offensive security operations. This community is managed by a group of cyber security and red team tactics enthusiasts. A red teamer needs to be skilled in every aspect of Adversarial Simulation and offensive security operations. We can consider this as a platform to share tactics, techniques, and tools related to various domains of adversarial attack simulation.
We have been organizing workshops, talks, demonstrations, open discussions, Capture the flag challenges (CTF) and other exercises at Cyber Security conferences for the past 4 years. We do design real life corporate CTF scenarios with the same network architecture and defensive mechanisms used by the organizations. The CTF players needs to do the red teaming against this infrastructure which protected and monitored by Blue teams. This village welcomes Red teams, Blue teams and Purple teams. Blue teams get to know the attack tactics used by the adversaries, and Red teams get to learn the security monitoring/detection techniques used by the SoC teams. A collaborative purple teaming culture can be cultivated.
We have organized more than 10 villages (Talks, CTF and training) along with cyber security conferences such as Nullcon, c0c0n, OWASP, DEFCON Group Trivandrum etc
Please feel free to follow our social media accounts in Twitter and Facebook for the details about previous events or upcoming events/villages.
If you would like to contact us, please drop an email to ops [at] redteamvillage [dot] org.
For more evets :
https://www.erdalozkaya.com/category/free-events/
CISO Insight
Cybersecurity is not a product you buy or a project you complete — it is a continuous operational discipline. The organisations that achieve genuine security maturity embed security thinking into every business decision, invest in people and processes alongside technology, and build resilience for the inevitable day when preventive controls fail.
The Evolving Cybersecurity Landscape
The threat landscape continues to evolve at a pace that challenges even well-resourced security teams. AI-powered attacks, supply chain compromises, ransomware-as-a-service, and state-sponsored campaigns create a multi-dimensional threat environment no single technology can address. Organisations that defend most effectively take a risk-based approach — understanding which assets are most critical, which threats are most likely, and where investments will have the greatest impact. For CISOs, translating this complexity into actionable strategy requires quantifying cyber risk in business terms, prioritising based on risk reduction, and communicating in language that resonates with non-technical stakeholders.
Building a Defence-in-Depth Strategy
Effective cybersecurity requires layered defences addressing the full attack lifecycle — from reconnaissance through exfiltration. No single control is sufficient; every control can be bypassed by sufficiently motivated adversaries. The goal is creating enough layers that attackers must overcome multiple independent defences, while ensuring detection and response capabilities identify and contain breaches before catastrophic damage. The most common mistake organisations make is treating security as a technology problem rather than a business risk management discipline. The fundamentals — patch management, access control, security awareness, incident response planning — prevent more breaches than any advanced technology.
Frequently Asked Questions
What is the biggest cybersecurity mistake organisations make?
Buying security tools without coherent strategy, skipping basic hygiene in favour of advanced solutions, and failing to invest in people and processes. The fundamentals prevent more breaches than advanced technology.
How should CISOs prioritise security investments?
Start with risk assessment identifying critical assets and likely threats. Prioritise controls for highest-risk scenarios. Ensure basic hygiene is solid before investing in advanced capabilities. Use NIST CSF or CIS Controls to structure your programme and measure progress with board-friendly metrics.
Related reading: Visit our Cyber Resilience Hub or download the CISO Toolkit for governance templates.