“Make no mistake, everyone's job ultimately boils down to defending our enterprise; we just take different approaches to defense.”

Twitter: @jotunvillur

Lauren is an experienced incident responder and threat hunter who has helped identify and mitigate cyber adversaries in Fortune 500 networks. She has led investigations ranging from data breaches to targeted attacks and continues to focus on defining some part of the limitless unknowns in cyberspace and making cybersecurity less abstract and more tangible. Lauren sits on the CFP board for BSides Kansas City, heads up SecKC parties, and attends all the cons. She currently holds GCIH and GREM certifications. When she is not behind a screen, you can find Lauren outdoors, trying not to crash her mountain bike.

How do you define a blue team?

To me, a blue team is any group of individuals who actively identify, mitigate, eradicate, or weaken threats and threat actors. A blue team is evolving daily with each new attack. Make no mistake, everyone's job ultimately boils down to defending our enterprise; we just take different approaches to defense.

The key factor of a defined blue team is that they are always on, constantly evolving, and constantly improving themselves and their enterprise. I worked in incident response for years, and you constantly have to be on your toes for the next event. Ransomware doesn't wait ...