Does the term "novel attack" resonate with security teams? or does "unknown attack" resonate better? What would you consider novel/unknown attacks? Does your current threat detection solution detect novel/unknown attacks?

Security & GRCPredictive Analytics
4.2k viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
Director of Information Security in Services (non-Government)a year ago

Novel attack resonates more. These attacks may include multiple stages and exploit vulnerabilities to perform an EDR bypass, C2, or ransomware. 

Lightbulb on1
CISO in Softwarea year ago

I always think of 0-day vulns and associated attacks as novel.

CISO (CISO) in Healthcare and Biotecha year ago

Novel attack certainly resonates more. Unknown attacks are only unknown until forensics figure it out.  A robust incident detection and response system (SIEM, UEBA, XDR) should be able to detect unusual activity and let your SOC investigate. them.

Content you might like

I’m in the process of developing and formalizing the Risk Appetite Statement (RAS) for my organization, a public transport operator. Before we bring the draft to the Board, I’d appreciate your views on the best approach for engaging the Senior Leadership Team (SLT): Is 1:1 engagement more effective to gather candid input? Or would a group workshop be better to align perspectives and drive collective ownership? If anyone has experience developing a RAS specifically for a public transport or infrastructure-focused entity, I’d love to hear your lessons learned or key considerations. Appreciate any tips or tools!

Read More Comments

Disesdi Susanna Cox outlines 3 critical threats:
1. Non-deterministic decisions – same prompt, different actions (e.g., unintended transfers).
2. Cascading failures – multi-step tasks = more attack surface.
3. Emergent behavior – guardrails can’t cover infinite edge cases; focus on blast radius and recovery.

3 Controls to Implement Now: 
• Map agent workflows to attack tactics (MITRE ATLAS)
• Weekly prompt-injection tests (OWASP + CSA)
• Least-privilege, expiring agent tokens (NIST AI RMF + CSA MAESTRO)

Which control or framework gives you the biggest headache, and how are you tackling it?

Full analysis: https://disesdi.substack.com/p/openai-just-dropped-their-agentic

How does your organization refer to a plant stoppage for scheduled maintenance?

Shutdown25%

Turnaround40%

Outage25%

STO (Shutdown, Turnaround, and Outage)5%

Other (please comment)3%

View Results

A common challenge in our risk-tiering framework for suppliers is that even the lowest risk tier still requires processing.
Has anyone implemented a "not relevant" risk tier in their model?
This tier would apply to vendors posing genuinely negligible security risk.

Where do you think your organization needs the most help in the Cloud related technologies / solutions?

Cloud Security33%

Cloud Data Analytics (Streaming, Big Data, AI, Data Lake, Data Warehouse etc.)51%

Cloud Migration / Modernization43%

Cloud Native Development (DevOps, Micro Services, Containers, Kubernetes, etc.)31%

Cloud Data (Databases, Data Management, Governance, etc.)14%

View Results