There are two clichés that I think about when I think about cybersecurity, especially the blue team aspect of it. The first is, “The definition of insanity is doing the same thing over and over again and expecting a different result.”

This has been so true over my 20+ years in cybersecurity. Some tools and practices are still in place even though they aren't effective risk countermeasures. If you asked about the effectiveness of certain tools to 100 cybersecurity professionals, you'd get about the same number of takes.

Without real testing and metrics, who knows what works? But regardless, we keep on keeping on with the same things.

Another cliché classic is from Otto von Bismarck, who said something like, “Only a fool learns from their own mistakes. The wise person learns from the mistakes of others.” Most blue teamers are graduates of the School of Hard Knocks.

Many blue team careers have been built on using trial and error to create effective security models. The reason I started the Tribe of Hackers series is so that people can learn from other professionals’ insights on how to optimize cybersecurity technology, processes, and personnel for optimal impact.

Just like the Tribe of Hackers: Red Team book, we took our questions from social media. We are pleased that the community came together once again to ask those questions. Our amazing contributors are leaders in cybersecurity who want to share their tribal knowledge.

Knowledge sharing is key to getting better ...