Using the Tools at Our Disposal in Nontraditional Ways
Too often, our response to cyberwarfare in the U.S. is reactive. Companies’ key leadership don’t seriously contemplate what they could be doing better until after they’ve already suffered a cyberattack, and by that point, the damage has already been done.
Our typical response to a major cyberattack is for federal policymakers to regulate more strict compliance standards for a particular industry. This approach is slow and ineffective, since in the time it takes to get any new standards enacted, our adversaries have more than enough time to create new tools that can break through whatever modest new safeguards we’ve added — assuming, of course, the new measures would actually have been implemented effectively anyway.
As attackers around the world become increasingly sophisticated and nimble, our country’s conventional and predictable approach seems jarringly out of step with the level of response needed to be effective.
At Conquest Cyber, we take a wholly different approach to cybersecurity, one derived from lessons I’ve learned throughout my life, both from personal experiences and from those who planted the trees well before me. Before entering the cybersecurity field, I spent years in the U.S. Joint Special Operations community and as a student of Brazilian Jiu Jitsu, learning that the basics make or break you once the enemy gets a vote. These experiences shaped me not only physically, but mentally and emotionally.
Many people have heard of Brazilian Jiu Jitsu, but may not know what sets it apart from other martial arts practices. Jiu Jitsu has been growing in popularity in the U.S. since the 1990s, when a Brazilian mixed martial artist named Royce Gracie came to the U.S. and swiftly rose to prominence in the UFC, defeating competitors up to twice his size despite his relatively light weight. Gracie has since been recognized as one of mixed martial arts’ most influential figures, and his success was pivotal in popularizing Jiu Jitsu in the U.S. and making it an integral part of training in military and special ops programs.
In the early stages of Jiu Jitsu, students learn standard moves and sequences through repetitive drills. The idea is to develop sound technique so that it becomes instinctive. This isn’t all that different from military training, in which soldiers spend years having established tactics instilled in them so they can react correctly to situations without a moment’s hesitation.
But as students’ Jiu Jitsu skills become more advanced, we go beyond these conventional habits and start to develop a personalized style — and this is where the true art is found. Defeating an opponent in Jiu Jitsu could be compared to a chess match, where you need to anticipate their next move and sense flaws in their logic, finding an opening to create a trap. Similarly, those of us in the military who join special ops are encouraged to think outside the box of traditional structures and become the most effective version of ourselves, working alongside others with a similar perspective and sense of focus.
This formula, I believe, is the only way that our country can adequately confront the scale and complexity of our national security challenges. Instead of paving over the rubble of each successive cyber disaster, we need to get two or three steps ahead of our adversaries. We can do that by using the tools at our disposal in nontraditional, unconventional ways.
As I’ve assembled our core team at Conquest Cyber, I’ve tried to make sure this mindset is how we approach our work for clients. Many of our team members have no special ops experience or Jiu Jitsu training, yet they excel here because they’re able to solve problems creatively, building from a foundation of skills that they’ve developed over years.
Make no mistake: When it comes to our nation’s cybersecurity, we are in a war. To win, we must be prepared to think as strategically and aggressively as our adversaries, throwing away outdated thinking and ineffectual options.
As artificial intelligence continues to evolve, more and more companies are getting over their initial skepticism and beginning to embrace its usefulness. Recent statistics show that the vast majority of leading companies (91.5%) are already investing in AI to...
October is Cybersecurity Awareness Month, a time when organizations worldwide focus on enhancing their cybersecurity posture and promoting digital safety. While cybersecurity is everyone's responsibility, this blog is dedicated to CEOs and C-suite executives,...
War is no longer fought only on a battlefield. It happens everywhere at any moment in the devices we carry around in our back pockets and on our wrists. Cybersecurity was unheard of until 50 years ago—years before personal computers became commonplace. Now, with...