When an intrusion or attack happens, it’s hard to resist asking the question: who is the threat actor responsible and why did they do it? However, it’s challenging to gather concrete proof and these questions only provide psychological comfort.

Instead of asking who is behind the attack, our efforts towards attribution should be directed towards the controls that failed and HOW the the threat actors were successful.

In this episode of the InSecurity podcast, host Shaun Walsh is joined by special guest Jesus Oquendo as they discuss problems with attribution in cybersecurity.