Expect the unexpected, simulate the unknown! | 26 September 2024

Here is a slide from my workshop at Security BSides Las Vegas this year!

I often use this image in my talks and training sessions to highlight the importance of Simulating unknown, unexpected cyber threat-actors and adversarial tactics. Because, focusing solely on emulating known cyber threat-actors and their TTPs is not enough. We already know how an elephant could attack you, what to do when an elephant charges at you - you can at least try to run.

[But the real question is: how would you react if a tusker jumped at you from a tall tree??]
Most of the breaches and incidents we are seeing today initiated from unexpected attacks, often carried out by unknown actors. How would you respond to unexpected attacks from unknown threat-actors and adversaries? That's when your organization’s offensive security team needs to think outside the box – get creative and begin simulating unknown/unexpected threat-actors, adversarial tactics and TTPs.