Standards, Regulations & Compliance

Which Threats Should CISOs Address Now?

Kevin Flynn of Skybox Security on Setting Priorities
Kevin Flynn, global director of products, Skybox Security

The notion of patching the most critical vulnerabilities is outdated and ineffective thanks to today's black market for exploit kits, says Kevin Flynn of Skybox Security. Evaluating the exposure and context of holes in your organization is crucial to shoring up defenses, he says.

See Also: Making Sense of FedRAMP and StateRAMP

Crimeware as a service enables criminals to purchase multiple types of exploit kits at varying price levels for different kinds of attacks.

"The threat landscape now includes the notions of something that is very distributed," Flynn says. "The attacks have become very broad based. They're not just going after the zero day vulnerabilities."

In an interview at Information Security Media Group's New York City Fraud and Breach Summit, where Flynn was a featured speaker, he also discusses:

  • The key factors for determining which threats to address first;
  • How to utilize insights from the dark web;
  • Suggestions for prioritizing which vulnerabilities need your attention.

Flynn is global director of products at Skybox Security. Previously, he was director of product marketing at Blue Coat Systems. He has more than 25 years of experience in high tech and has been involved in cybersecurity technologies for more than a decade.


About the Author

Joan Goodchild

Joan Goodchild

Director of Multimedia Content, ISMG

Joan Goodchild is veteran writer and editor who has been covering security for more than a decade. Before joining ISMG, she was the editor-in-chief of CSO, where she led the team to several national awards, including an AZBEE (ASPBE) for website of the year and several Digital Eddie (Folio) awards for B2B website of the year. Her previous experience in business journalism includes roles as a broadcast and web editor with the Boston Business Journal and as a news writer covering the Windows OS with TechTarget. Prior to that, she worked as a television reporter and anchor for more than a decade. She has a master's degree in journalism from Northwestern University's Medill School of Journalism and is the recipient of an Edward R. Murrow award for investigative reporting.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.