Brian Donohue on Security Analysis

Brian Donohue is a technology journalist who covered network security for Threatpost before joining Cyber4Sight, Booz Allen Hamilton’s cyber threat intelligence unit, as a consultant. Primarily, Brian works as a sort of investigative-journalist-for-hire at Cyber4Sight, relying on old fashioned newsgathering as well as his extensive array of industry contacts assist Cyber4Sight in its efforts to provide clients with actionable, predictive, and timely analyses of everything from organized cybercrime to state-driven cyber espionage operations.

However, providing technical information security reporting for a technical audience isn’t enough in the contemporary, computerized world where everyone is a potential target. In other words, while inarguably critical, it’s simply not enough for security operations centers to have all the latest indicators of compromise for the ransomware or banking trojan de jour.

In this way, it’s critical that network security information services provide bigger picture information for non-technical employees in addition to technical reporting. At the end of the day, in order for enterprises to stay secure, the entire enterprise has to be aware of the threats they face from persistent adversaries and sophisticated attack tools. Executives need to be aware of the spear-phishing attacks that are so often the initial infection vector of choice for attackers of all kinds, finance departments need to know about the business email compromises that are costing companies millions of dollars at a time, web application developers need a working understanding of the SQL injection vulnerabilities that are often the genesis for data breaches, and all employees require some level of security education if we are going to expect them to install their updates and maintain strong and unique passwords.

Cyber4Sight analysts collect open-source, deep web, and other critical information, converting it into a powerful resource for enterprises to defend their networks from all variety of intruders, whether they are politically, geopolitically, or financially motivated. This information provides Cyber4Sight and its clients with the ability to track the activities of groups that range from the perpetrators of distributed denial of service attacks to state-sponsored attacks, learn what they are motivated by, and hopefully predict how they might act in the future and respond to future scenarios, fortifying security as a result. From here, Cyber4Sight’s analysts can then prioritize the investigation of specific groups that would be statistically more inclined to involve themselves in malicious actions against particular targets.


Contact Brian Donohue on LinkedIn.