Redefining Cyber Performance | Issue #4

Welcome to issue #4 of ThreatReady. 

We’ve got some huge industry news to share with you this week. And guess what? We’re the ones behind the buzz! With that said, CEO and founder Haris Pylarinos (aka “ch4p”) kicks off this issue with a special message.

A message from ch4p: Redefining “Cyber Performance” at HTB

"Dear cybersecurity community, since launching Hack The Box in 2017, I’ve spoken to hundreds of security leaders fighting a common, yet brutal, uphill battle:

Translating security budgets into a high-performance security function. 

Despite the increasing investment in technology, we still see a 600% increase in cybercrime year-over-year. 

We still see burnout run rampant in our industry. 

We still see leaders struggle to address technical skills gaps. 

We’ve championed security programs for more than 1,500 teams around the globe, and with 2.7 million platform members, became the hub for developing threat-ready cyber professionals and organizations. Our experiences & data over the last 7 years show that poor security performance boils down to one thing: 

People. 

The “people problem” isn’t exactly a grand revelation in the security industry. 

But most orgs solve the “people problems” (and try to improve security performance) in the wrong way. 

They over-index on budget when it comes to training, tools, and processes. 

But budget alone doesn’t drive performance. 

A culture of performance does. 

And that’s what our approach to Cyber Performance is about.”

The concept of the Cyber Performance Center marks the next stage of Hack The Box’s evolution. 

We will continue to support the industry by acting as a vital ally in crafting high-performing security teams and organizations that put the human factor at the forefront.

Regards, Ch4p

Learn about HTB Cyber Performance Center approach

Test your team’s might with the biggest CTF of the year

Mark your calendars for May 18-22, Business CTF is back!

Business CTF is a free annual event for security teams that offers cutting-edge content on emerging technologies and vulnerabilities. 

During last year’s global CTF, 982 security teams and 5,117 professionals worldwide rigorously tested their technical and collaborative skills for a $50,000 prize pool. 

The Vault of Hope is the name of this year’s Business CTF, challenging teams to decrypt the mysteries of The Vault in the aftermath of a devastating nuclear fallout. With more than 40 challenges to tackle, teams can try their hand at the following categories: 

• Web.
• Reversing. 
• Pwn.
• Forensics.
• Crypto.
• Blockchain.
• Hardware.
• Machines. 
• Cloud.
• Misc. 

💡Solving challenges together is a fun, free, and accurate way to benchmark against other security teams. For example, performance data from 2023’s event revealed that when confronted with blockchain and cloud-related technologies, most teams had lower “attack readiness” scores. 

The largest global corporate CTF competition awaits! 

We double dare you to enter. 

Sign up your team for free

Want more budget for team development? 

Silently defending, but never actually seen, heard, or awarded budget. 

That’s the harsh reality for many security teams. 

The cause of this reality? 

Acting as a siloed function that operates independently of business objectives.

The truth is that earning a coveted seat at the executive table requires more than effective defense measures. 

To gain buy-in and support from leadership, security investments must align with an organization’s core priorities and goals. 

Security staff tend to zero in on technical wins and objectives. 

Meanwhile, the C-suite prioritizes business goals—such as increasing the company's profitability, staying ahead of the competition, and being able to pay dividends to investors. 

As a result, cybersecurity leaders frequently struggle to communicate the business impact of security risks. So until a significant incident triggers scrutiny on security posture, requirements often go unnoticed or unsupported.

Read our latest guide for more info on how to start connecting security initiatives to business outcomes .

We turned 7 🤘

Hack The Box turns 7 years young this month! 

Haris started as a cybersecurity professional looking for ways to enhance his hacking skills and challenge conventional thinking. 

Yearning for more than just reading textbooks, he founded Hack The Box; a platform providing a community of cybersecurity professionals and enthusiasts with hands-on practice.

The rest, as we like to say, is history in the making 😉. 

We don’t want to give too many spoilers about our progress in this newsletter. So recap our biggest wins from last year on the blog.

Wins of the month (let’s celebrate fellow security leaders) 👏

Bailey Marshall , President and CCO, The Security Rex: Recently accepted into the Bank of America Institute for Women's Entrepreneurship Program at Cornell! This was a great way for her, as the President of The Security Rex, to learn and grow the company as one that can provide services and products to the technology industry. Way to go Bailey!

Ihor S. , Security Engineer, TechMagic: Together with his team presented their solution to monitor multiple AWS WAF instances effectively, gathered valuable insights, and automated responses to the ongoing attacks with the community.

👉 Share your win with the community

Your expertise and insights are invaluable. And we’re eager to share them with our vast audience of over 2.6 million members.

We’d be honored to feature your top "win" of the month related to your team, department, or security program in the next edition of ThreatReady.

A “win” could be:

• Achieving compliance or industry standards.
• Successfully onboarding new team members.
• Celebrating your team’s performance.

The top wins will be shared in the next month’s edition of ThreatReady (and if it’s really good, may get some additional love on social media). Want to share your win?

Drop a comment below telling us what it is👇