Malspace

Multiple Actors, One Breach - Rethinking Threat Models in 2025

Jul 10, 2025
Chi En (Ashley) Shen, a threat researcher at Cisco Talos, shares her inspiring journey from Taiwanese hacking forums to leading threat intelligence at major companies. She delves into the rise of compartmentalized cyberattacks and the role of Initial Access Brokers, advocating for better threat detection strategies. Ashley also discusses her initiatives promoting diversity in cybersecurity, such as HITCON Girls and Raclette, emphasizing the importance of women in tech. Lastly, she suggests enhancements to the Diamond Model for more effective threat analysis.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

Ashley Shen's Cybersecurity Journey

  • Ashley Shen began exploring hacking at 17 influenced by detective stories like Sherlock Holmes and anime Conan.
  • She transitioned from hacking forums to threat intelligence through conferences and eventually became a Mandiant colleague of a speaker who inspired her.
INSIGHT

Compartmentalized Cyberattack Trend

  • Compartmentalized cyberattacks involve multiple threat actors handling distinct stages of the attack.
  • This trend, especially with nation-state actors, complicates attribution and detection efforts.
INSIGHT

Refining Terminology for Clarity

  • Using 'Initial Access Group' instead of 'Initial Access Broker' clarifies distinctions between financial and state-sponsored threat actors.
  • This terminology enhances communication and threat actor profiling.
Get the Snipd Podcast app to discover more snips from this episode
Get the app