This presentation is based on 20+ years in cybersecurity working across 50+ countries. It will explore the real-life history and use cases of hackers, hooligans, and heists. From mechanical computers to the Internet, acts of sabotage, fraud, theft, and other nefarious undertakings have been conducted with low risk, minimal hurdles, and high reward. In some cases, attackers even receive safe harbor from prosecution. Bad actors ranging from insiders and hacktivists to cybercriminals and nation-states are motivated by money, politics, revenge, and ideology.

We will translate the “who, how, and why” of cyberattacks. We will identify multiple “old school” and modern-day threat vectors and organize attacks by motives like sabotage and espionage. Each threat actor type will be explored in detail with real-life use cases and personal accountants. The examples used will illustrate the diversity in threats, methods, motivations, and organizational responses.

As an industry we respond with more buzzwords, shiny boxes, and bigger budgets. Unfortunately, that response is no longer effective and what kept us secure has stopped working. It will also examine new ways of approaching cybersecurity to mitigate nefarious acts by focusing on actual security effectiveness instead of the latest APT, 0-day, and regulatory mandate.

Organizations respond by investing in security, but the money we spend on security plus the level of effort isn’t resulting in effectiveness. We hire security professionals, deploy security controls, and build processes. We make this investment of time, money, and resources so when an attack occurs, we can fight and be able to prevent the attack — or at least detect and respond. In most cases we don’t know what security tools are working, where investments need to be made, how we should prioritize, and what we can retire.

If it wasn’t so sad, it would be almost laughable that we’ve gone so long without having measurable, quantifiable evidence about our security effectiveness. We can do much better and we can leave the mistakes of the past in the history books.