The Perimeter Is Holding. Barely. Let’s Talk About Why.

Cybersecurity leaders don’t get the luxury of a slow news day. 

Attack vectors shift daily. Zero-days drop like unwanted gifts. And somewhere right now, someone on your team is trying to convince another department to patch before it becomes everyone’s problem. 

We’ve all experienced this call: 

“Good morning, Accounting. It’s Paul from the security team.” 
“We need to perform emergency patching on your systems today.” 
“Today’s not good …hey, did you seriously try to expense cigars again last month?” 

Cigars aside, that exchange highlights something we don’t talk about enough: the organizational friction between a known vulnerability and a remediated one. Technology isn’t always the hardest part of this job. Competing priorities are. 

Which brings us to the perimeter. 

No edge protection is perfect. But the harder you make it for a threat actor to gain a foothold, the better the odds they move on. Security is, in many ways, a volume game. Raise the cost enough and adversaries self-select elsewhere. 

DDoS: The World’s Oldest Misdirection Play 

Of all the attack patterns I see regularly, DDoS remains one of the most underestimated. Not because it’s sophisticated, but because it works. 

A well-executed volumetric flood is loud, visible, and demands an all-hands response. That’s the point. While your team is focused on the front door, something quieter is often happening elsewhere. DDoS as a smokescreen isn’t a theory. It’s an operational playbook used repeatedly. 

That’s why I’m a firm believer in purpose-built DDoS protection. Not bolt-on, not checkbox compliance, but real, intelligent mitigation. 

I just returned from Scotland, where I spent time with our DDoS partner Corero. The conversation reinforced what many of us are seeing: threats are getting more sophisticated, attack vectors change quickly, and our response capability must keep up. 

Standing there, it’s hard not to think about the castle analogy. Strong walls matter. But what’s happening at the gates, side entrances, and inside the walls determines whether you actually hold the line. I’m proud to partner with a team focused on helping protect the castle. 

The security leader’s job has never been about perfect safety. It’s about making the math work against the adversary. Reduce the attack surface. Close the gaps fast. 

And yes, occasionally explain to Accounting why patching their systems matters more than your expense report history. 

If this resonates, or if you’re tackling these challenges in a different way, I’d welcome the conversation.