Explore the unique cybersecurity challenges faced by SMBs in today's interconnected landscape, where the threat of ransomware looms large. Brad emphasizes the importance of adopting a smarter approach to security validation, focusing on optimizing resources and maximizing protection.



Here is the verbatim discussion:

Anybody else because on the internet for a ransomware guy is the same IP so they just Target every single IP address across the globe right so how how do you think SMB should approach uh building a continuous security validation program yeah and my advice is same process but um think smarter not harder so um and really what it comes down to is uh it comes right back to the attack surface but it's it's really being strict around you and have being open and saying do we really need this so um good good aspect to it is um you know you talked about uh the attack surface getting into you know areas where uh now we have you know iot and endpoints and more things that are you know interconnected with the cloud and and more exposed it's no longer just a a network perimeter especially in these these smaller organizations they have all these end points and um and all these different aspects and and having a their environment be hardened and then um implementing uh Network segmentation and and breaking off those components so like a good example going back to the the the house analogy you know if someone breaks into my house and I lock each individual door within my house which is the equivalent of having segmentation it actually you know it it kind of hardens the the the internal aspect once they actually break in so the the overall uh impact that that exists is is greatly reduced and and that's really the fundamentals around the attack surface management component so if if it and I kind of the advice I've given organizations is like if it doesn't need to be in your environment then don't have it be in your environment so if you don't need organizations to access uh to basically not have any kind of like URL filtering or having any kind of like block websites like you shouldn't be able to go to whatever website that you want um if you're working in a corporate environment on a corporate machine.



Redefining the Attack Surface: Brad underscores the need for SMBs to redefine their understanding of the attack surface, considering the proliferation of IoT devices and cloud-connected endpoints. By implementing network segmentation and hardening their environment, organizations can minimize exposure to cyber threats and reduce risk.

Strategic Resource Allocation: Rather than adopting a one-size-fits-all approach, Brad advises SMBs to prioritize security measures based on necessity and relevance. By questioning the need for certain technologies or access privileges, organizations can streamline their security posture and allocate resources more effectively.

Embracing Network Segmentation: Drawing parallels to securing a physical house with multiple locked doors, Brad highlights the benefits of network segmentation in fortifying internal defenses. By compartmentalizing network assets and restricting access, SMBs can mitigate the impact of potential breaches and thwart lateral movement by cyber attackers.


Brad emphasizes the importance of adopting a smarter, more strategic approach to cybersecurity for SMBs. By redefining the attack surface, prioritizing resource allocation, and embracing network segmentation, organizations can build a robust security framework tailored to their specific needs and constraints.



Brad LaPorte a former army officer with extensive experience in cybersecurity, provides invaluable insights into the evolving landscape of digital threats. With a background in military operations, LaPorte witnessed firsthand the early stages of nation-state cyber attacks, laying the groundwork for his deep understanding of cybersecurity challenges. Through his journey, he has observed the transformation of defense tactics from traditional, labor-intensive methods to modern, cloud-based solutions. LaPorte's expertise offers a unique perspective on the intersection of technology, security, and the underground economy of cybercrime. In this discussion, he shares his experiences and analysis, shedding light on the complexities of cybersecurity in the digital age.


Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.

Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to the cloud. 

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)



CISO Breakfast at BlackHat Las Vegas 2024!

  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.


    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa