Open in app

Sign in

Write

Sign in

We have to think about these differently, a low energy threat can be defeated with a quality implementation of a checklist, a medium energy threat through the application of expert thinking frameworks like NIST or risk whereas a higher energy threat takes a more responsive approach such as the cyber equivalent of the gaze heuristic for hunting teams. It means checklists, risk frameworks and hunting are all equally useful and switching from compliance to risk to cyber hunting and back again is a waste of focus, we should be using all of these as appropriate depending on the threats we face.

This phrase is interesting and I think opens up a world of debate about cyber risk:
1
1

Phil Huggins

Ryan McGeehan
1 min readApr 12, 2020

--

I believe very strongly, that every team has some ratio of “checklists vs risks” approach. My writing, lately, errs very strongly towards the analytical risk path. It’s my belief that this is where the best practice is formed that ultimately ends up on a checklist after it has survived as a hypothesis long enough.

As an example, there are not very many established standards for enterprise cold storage of cryptocurrency. Many organizations have built / are building it from scratch with a cognitive heavy approach. Mainly because requirements differ so drastically. In twenty years or so, there may be more established policy approaches that follow a runbook, or even so far as, a regulation, and it will likely satisfy a lot of common design patterns as a result.

I think this sort of lifecycle of “checklists vs risks” is related to your comment.

--

--

Ryan McGeehan
Ryan McGeehan

Written by Ryan McGeehan

2.9K Followers
186 Following

Writing about risk, security, and startups at scrty.io

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams