Ryan Connolly’s Post

I have to say, I loved moderating this panel with Grace A. Gair, CISSP, CRISC, Open FAIR, CTPRP Luis Valenzuela, CISSP, PMP and Zach Kacprowicz and felt very privileged to know or work with these talented individuals. We had a great #FAIRCON24 overall and in addition to meeting new and old friends, clients, colleagues, and thought leaders, I came away with the following: 1. Cyber risk quantification is a hugely valuable tool. Security leaders are starting to see more scrutiny and it isn't all regulatory. Management and the Board are still seeing cyber breaches despite major investments in technology, and they want to know why. CRQ / FAIR is a great way to ensure we can communicate the value of our cybersecurity investments for more cyber-aware Board members, and ensure the cybersecurity budget is allocated in the most important places. 2. FAIR can't be a standalone program or something done in a vacuum. There were some great panels on ERM and GRC integration, and the importance of overall cyber governance. The risk management process is a circle for a reason. 3. Anything that isn't being distilled and communicated effectively to influence decision making isn't worth doing. As risk analysts we have to continue ensuring we're asking the right questions of our models, and we have to communicate insights in a way that can actually influence decisions. Thanks to the FAIR Institute and Luke Bader for a great conference! Looking forward to #FAIRCON25.

The Living Off the Land module explained the essential concept of "Living Off the Land" in Red Team engagements. The learning objectives covered the term Living Off the Land of red team engagements, how to use the Living Off the Land Binaries And Scripts (LOLBAS), and applying the techniques used in red teaming engagements.

🔍 What is Red Teaming? 🔍 🚨 Red teaming is an adversarial, threat-led method of security testing designed to put your defenses to the ultimate test. 🎥 In this video, Dom Mortimer, Red Team Specialist is joined by Nicky Whiting, Managing Director, as he dives into exactly what red teaming and the associated benefits of the service. 🔗 Discover more about our red teaming services here - https://lnkd.in/eEYzQG2B

A couple of weeks ago Cyber Security Associates was kind enough to invite us to their customer event on Red and Blue teaming. Seeing a live attack play out, with the defending team tracking and responding was fascinating. It certainly made me think about the types of controls organisations might need to adapt or redesign as a result of the type of attacks being launched! CSA put together a short video of the day: https://lnkd.in/e7GexjYv #redteaming #blueteaming #internalcontrols

Hello Everyone! Here is my first lecture on the cyber security concept known as the CIA Triad

🔍 Brilliant session, Mr. Mark Brand! A big green tick for choosing such a timely topic for ‘special interest’ day. Great concept. Thanks to Tony Barnes for sharing your insights and expertise. Running these simulations should be a must for businesses of every size – essential practice for when the unexpected hits. Key Takeaways: 👉 We need to refine our crisis incident playbook and sharpen our crisis communication plan. 👉 The question of whether or not to pay in a crisis is far from straightforward. The answer may surprise you. Food for thought. 💡 #CrisisManagement #cyberincident #cybersecurity #cyberinsurance #cybersecurityawareness

Such a powerful session with Vistage Australia and New Zealand and celebrated Chair Mark Brand! It was inspiring to see members from our Brisbane groups come together to tackle the critical issue of ransomware. Sessions like these go beyond our regular peer advisory meetings, offering valuable insights on high-stakes topics that business leaders face today. It’s all about preparing for complex situations, assessing risks, and making decisions under pressure. If you’re interested in how Vistage membership can strengthen your leadership and prepare you for today’s toughest business challenges, let’s connect!

In the ever-changing landscape of cybersecurity, this session is your guide to understanding threats, defenses, and compliance. Whether you're an experienced IT professional or someone looking to bolster your understanding of the digital security landscape, this session promises to equip you with the knowledge and strategies essential for navigating the complexities of cybersecurity. After this session, attendees will: - Understand cybersecurity jargon, threats, and threat actors. - Identify cybersecurity risks and what is at stake. - Review cybersecurity basics and where to start. - Understand cybersecurity defense strategies. - Understand compliance and regulation standards, and their implications for your business. REGISTER TODAY!

I've just completed a series of Red Team engagements on TryHackme. This experience has deepened my understanding of offensive security tactics and techniques, from reconnaissance and exploitation to post exploitation and persistence. #cybersecurity #RedTeam #TryHackme #offensivesecurity