Trying to Mix CyberOffense and CyberDefense is a Bad Idea

Trying to Mix CyberOffense and CyberDefense is a Bad Idea: "Back in the Internet bubble years, the old version of this was “shouldn’t we hire hackers to be our CISO’s, since they know the threats the best?” Um, no – that was a dumb idea then and it is a dumb idea now. I can break my PC very easily – but if you hire me to run your desktop operations to keep all your 5,000 PCs running you are an idiot. It would be like hiring a demolition derby driver to run an automotive repair shop."