As 2018 wraps up, InfoSec Insider looks back at some of the most popular articles we've produced for our loyal audience. From communicating security metrics to the board and making sense of attack patterns, to key areas that you should focus your cybersecurity strategy on, here's a list of the top 10 articles.

10. How to Make Sense of Attack Patterns

In this featured post, we speak to TrustedSec Founder Dave Kennedy who offers up advice on how you can set up your security department’s defenses to respond and defend against common attacks.

9. Areas to Focus On in Your Information Security Strategy

Trustwave’s Karl Sigler discusses the state of cyber threats in 2018 and suggests what areas of your security strategy you should focus on to take proactive steps in measurably reducing risk within the business.

8. Key Questions to Ask Your Cybersecurity Recruiter

There is no question that the cybersecurity job market is hot. Experienced practitioners are in high demand, leaving recruiters and HR professionals clamoring for top talent. While it may be tempting (and flattering) as a job seeker to prospect every opportunity, you’re probably currently employed and therefore must choose wisely between invitations for exploratory calls.

Attack-Primer-Main

7. Imagine If Security Solutions Understood Our Language

It's up to security professionals to infer security significance of all the events security solutions report. The first step to arriving at an answer to this intractable problem is teaching our security tools to understand us. Advancements in Natural Language Processing could help.

6. Blockchain: What It Is and What It Means for Infosec

Blockchain has become the new buzzword of choice across a wide spectrum of industries, such as finance, tech, and the information security industry. However, what blockchain is and what its applications are still seem to be unclear. This article sets the record straight.

5. A Look at the Current State of Mobile Security

Whatever the hesitance, security organisations should be focused on how to improve their mobile security programs using advancements in the field, and they can start by asking themselves: How should we perceive the current threat situation and where should we invest our resources to best protect ourselves from threat actors?

4. A Look at the Windy City's Newest Cyber Command Center

We take a first-hand look at Trustwave’s new SpiderLabs Fusion Center in Chicago and speaks with Chris Schueler, senior vice president of managed security services, on the purpose behind its creation.

Board-Threat-Main

3. Selling Security Metrics to the Board of Directors

For security metrics to be relevant to the board of directors, security teams must tell the story of how those metrics are supporting business goals. How to accomplish this is no easy task, but we provided a breakdown of some important steps you can take.

2. A Primer on Breach and Attack Simulations

In this age of vendors offering simple solutions to complex problems, defenders need the ability to see past the glamour of marketing. That's where attack simulation technology can help, enabling use cases in the market that help answer pressing questions in enterprise security.

1. The Art of Aligning Security Goals with Business Goals

To help security leaders find new ways to better align with business colleagues, we turned to two experts to find out how they’re constantly maneuvering between technical requirements and fueling business priorities.