• Home
  • Authors
  • Lior Div

About Lior Div

Lior Div

Lior Div, CEO and co-founder of Cybereason, began his career and later served as a Commander in the famed Unit 8200. His team conducted nation-state offensive operations with a 100% success rate for penetration of targets. He is a renowned expert in hacking operations, forensics, reverse engineering, malware analysis, cryptography and evasion. Lior has a very unique perspective on the most advanced attack techniques and how to leverage that knowledge to gain an advantage over the adversary. This perspective was key to developing an operation-centric approach to defending against the most advanced attacks and represents the direction security operations must take to ensure a future-ready defense posture.

All posts by Lior Div

Defend Forward

Cybereason CEO Lior Div talks about the inaugural report from the Cyber Defenders Council and why the principles of Defend Forward are important for cybersecurity...

May 23, 2022 / 2 minute read

Russia Is Waging Cyberwar–with Little Success

Cybereason CEO Lior Div provides perspective on the cyber component of Putin's invasion of Ukraine, and why it is important for organizations to Defend Forward...

May 12, 2022 / 2 minute read

The Global Impact of Operation CuckooBees

Lior Div, co-founder and CEO of Cybereason, talks about the Operation CuckooBees revelations and the broad global impact of intellectual property theft.

May 6, 2022 / 2 minute read

CEO Blog Series: No Sector Is Off-Limits for Russian Cyberattacks

The risk of cyberattacks from Russia or threat actors aligned with Russia is high and every organization, regardless of industry or geographic location, needs to be prepared to defend against them...

March 25, 2022 / 2 minute read

CEO Blog Series: Microsoft Can’t Protect Themselves—How Will They Protect You?

Still considering Microsoft for your security needs? They issued patches for 234 vulnerabilities in just the first Quarter of 2022: 23 are rated Critical and 10 are zero-days--that’s an average of about 8 Critical vulnerabilities and 3 zero-days per month...

March 16, 2022 / 3 minute read

CEO Blog Series: Our People are the Secret to the Success of Cybereason

Cybereason CEO Lior Div honors Employee Appreciation Day and reflects on the core values of Cybereason and why it's important to appreciate employees 365 days a year.

March 8, 2022 / 2 minute read

CEO Blog Series: Ukraine Conflict Confirms Russian Cybercrime Connection

Cybereason CEO Lior Div looks at events unfolding with the Russian invasion of Ukraine and what it has revealed about the connection between Russia and the most notorious cybercrime and ransomware gangs...

February 28, 2022 / 2 minute read

Addressing the Risk from Cyberattacks in the Russia-Ukraine Conflict

While cyberwarfare operations are expected to be leveraged in order to distract, disrupt, and destroy systems critical to Ukraine's defense capabilities locally, there is a high probability that Russian operatives might also target organizations beyond the region...

February 15, 2022 / 3 minute read

Iranian Threat Actors Turn Up Heat on Cyber Cold War

Cybereason CEO Lior Div highlights new research on Iranian threat actors and how attacks blend nation-state adversary and cybercrime threat actor tactics and motives...

February 4, 2022 / 2 minute read

The Fog of Cyberwar

As tensions escalate between Russia and the United States over the situation in Ukraine, it is more important than ever for Defenders to be prepared to protect against cyberattacks...

January 25, 2022 / 2 minute read

New Year, Same Old Microsoft Issues

The New Year is a clean slate and an opportunity to be better than the year before, but Microsoft kicked off 2022 with 97 new security updates, including 6 zero-day vulnerabilities.

January 14, 2022 / 2 minute read

A ‘NEW’ Cybersecurity Philosophy for the New Year

The end of 2021 feels like a repeat of the end of 2020. Cybereason CEO Lior Div outlines why we need a new philosophy for the cybersecurity challenges in 2022.

December 31, 2021 / 2 minute read

The First True XDR Solution

Cybereason CEO Lior Div reflects on the events of this past week, including DefenderCon and the launch of Cybereason XDR powered by Google Cloud.

December 17, 2021 / 2 minute read

Cl0p Ransomware Gang Tries to Topple the House of Cards

Cybereason CEO Lior Div provides insight on the recent attack from the Cl0p ransomware gang and the potential implications for the upcoming holiday season...

December 3, 2021 / 2 minute read

Dear Defenders

This letter to defenders from Cybereason CEO Lior Div reflects on the state of cybersecurity and what defenders need to be prepared for in the year ahead.

November 19, 2021 / 5 minute read

Ransomware Whack-a-Mole

Cybereason CEO Lior Div shares his thoughts on how to deal with ransomware Whack-a-Mole after a busy week of both good and bad ransomware headlines...

November 12, 2021 / 2 minute read

The CISA Directive Is Crucial for Cybersecurity

Cybereason CEO Lior Div weighs in on the latest directive from CISA for federal agencies and the importance of viewing cybersecurity as a continuously evolving process...

November 8, 2021 / 2 minute read

NOBELIUM Demonstrates  Why Microsoft Is the Weakest Link

Troubling takeaways: Microsoft essentially took a product security advisory and framed it as threat research, and less than a year after the SolarWinds attacks, Microsoft allowed the same threat actors to slip through again...

November 1, 2021 / 2 minute read

Microsoft OneDrive Used for Ransom Operations

Microsoft needs to focus on creating products that are more secure and stop coercing customers into accepting inferior security solutions through its E5 "bundled" licensing model. - it is not even close to good enough security...

October 22, 2021 / 2 minute read

Ransomware: The Global Cybersecurity Pandemic

Cybereason CEO Lior Div shares his thoughts on the Biden Administration's 30-nation ransomware summit in an attempt to coordinate a global effort to fight ransomware...

October 15, 2021 / 2 minute read

Protecting the US Government from Cyber Attacks

We launched a new subsidiary, Cybereason Government, Inc., to empower US government agencies with the Cybereason XDR Platform.

October 8, 2021 / 2 minute read

If You Prevent Ransomware You Don’t Need to Recover from It

Not all ransomware protection is created equally. Cybereason CEO Lior Div shares why the goal is to prevent ransomware from succeeding, not just getting better at recovering from it after the fact...

October 1, 2021 / 2 minute read

1,460-Day Old Known Vulnerability Catches Microsoft Off Guard

Despite all the vulnerabilities they regularly introduce into the market, Microsoft professes to be a security provider - clearly Microsoft has enough on its plate just trying to keep their own products secure...

September 24, 2021 / 3 minute read

Grief Gang’s New Quadruple Extortion Scheme Doesn’t Change the Game

A new twist from the Grief Gang ransomware group raises the ransomware stakes to quadruple extortion, but it doesn't matter - the only effective defense against ransomware is to stop it before it gets to the extortion phase...

September 17, 2021 / 2 minute read

Microsoft Zero-Day-of-the-Month Club

Microsoft alerted customers to yet another zero-day flaw being exploited in the wild. There will continue to be zero-day vulnerabilities, but organizations need to defend against attacks anyway...

September 10, 2021 / 3 minute read

Microsoft Vulnerability Exposes Thousands to Risk…Again

Microsoft leverages its dominance in the enterprise market to try and push its security tools, but repeated security failures and massive breaches demonstrate that organizations shouldn't trust their security to Microsoft. It takes an operation-centric approach and a company dedicated to one thing--protecting customers against attacks.

September 2, 2021 / 2 minute read

Afghanistan, the Taliban and National Security

It's been a chaotic week with the situation in Afghanistan and the alleged cyber attack at the US State Department. Cybereason CEO Lior Div shares his thoughts on the implications for national security and what it means for cybersecurity in general...

August 26, 2021 / 2 minute read

T-Mobile and BlackBerry: More Lessons Learned the Hard Way

T-Mobile and BlackBerry made the news this week, but there are cybersecurity headlines every week. The lesson we need to learn from these events is that organizations need to be able to detect and stop malicious operations regardless of the latest vulnerability or data breach...

August 19, 2021 / 2 minute read

LockBit Ransomware Wants to Hire Your Employees

Cybereason CEO Lior Div talks about the latest ransomware attacks from LockBit and the insidious new twist LockBit has introduced--openly soliciting employees to help launch ransomware attacks from the inside...

August 12, 2021 / 2 minute read

‘DeadRinger’ Reveals Pervasive Cyber Espionage Campaign

Cybereason CEO Lior Div shares his thoughts on the DeadRinger report from the Cybereason Nocturnus team and the implications it has for cyber espionage and international rules of engagement for cyber attacks...

August 6, 2021 / 2 minute read

Ransomware Attacks: Will G7 and Biden-Putin Summits Prove Fruitful?

Cybereason CEO Lior Div shares his thoughts on the recent G7 meeting, the summit between Biden and Putin, and what it means for cybersecurity moving forward...

June 25, 2021 / 2 minute read

Deja Vu: What Do NotPetya and SolarWinds Have in Common?

Cybereason CEO Lior Div shares the experience of battling against NotPetya and the parallels that make the SolarWinds attack feel like deja vu...

June 15, 2021 / 3 minute read

The Line in the Sand: How We Respond Today Impacts Our Security Tomorrow

Cybereason CEO Lior Div shares his thoughts on how the United States needs to respond today in order to draw a line in the sand and prevent major attacks...

June 1, 2021 / 3 minute read

New Cybersecurity Executive Order: Will It Have Impact?

Biden's Executive Order (EO) focuses on response, reporting, and reinforcing, but how can we ensure that attackers know there are consequences?

May 25, 2021 / 3 minute read

Solving the Ransomware Crisis

Cybereason CEO Lior Div shares his thoughts on the global ransomware crisis and the efforts of the Ransomware Task Force to foster a collaborative "win as one" effort to develop effective strategies to address it.

May 14, 2021 / 3 minute read

100 Days Down, 1,360 Days of Nation-State Cybersecurity Threats to Go

Cybereason co-founder and CEO Lior Div takes a look at how the Biden team is addressing cybersecurity challenges as the administration hits the 'first 100 days' milestone...

April 30, 2021 / 3 minute read

HAFNIUM Exploits Live On

New research shows that cybercriminals continue to target vulnerabilities in Microsoft Exchange, highlighting the need for a better approach to cybersecurity...

April 22, 2021 / 2 minute read

2021 Security Crystal Ball: Trends and Predictions for the Year Ahead

Here are a handful of likely moves from the cyber adversaries in 2021 and where the risk lies.

December 22, 2020 / 11 minute read

UbU: Championing Diversity, Equity, and Inclusion at Cybereason

UbU (“you be you”) is the value that sits front and center at Cybereason. Acceptance of every person is at the heart of who we are as a company. As we celebrate PRIDE week (as we do every year), we also grieve the racism and violence taking place around us.

June 12, 2020 / 1 minute read

Q&A: Maintaining Secure Business Continuity with Lior Div

I have been actively counseling CEOs on how best to secure business continuity during this difficult time, and want to make those recommendations available to everyone.

April 20, 2020 / 2 minute read

Q&A: Cybereason CEO Lior Div on Responding to COVID-19

'Responding to the unknown is part of our DNA.' Read more of a Q&A with Lior Div on how Cybereason responded to the COVID-19 pandemic.

April 13, 2020 / 5 minute read

Cybereason named Israel’s most promising startup

Cybereason was named Israel’s most promising startup by Calcalist, the country's leading financial newspaper, edging out other cybersecurity startups.

April 19, 2018 / 2 minute read

Cybereason Raises $100 Million from SoftBank

Cybereason announces the signing of a $100 million investment from SoftBank Corp. Following this financing, Cybereason has raised a total of $189 million in capital from SoftBank, CRV, Spark Capital,

June 20, 2017 / 1 minute read

How security executives can feel comfortable in the boardroom and server room

Security leaders now play a role that goes beyond traditional security duties and encompasses contributing to critical elements of the business.

June 7, 2017 / 3 minute read

Lior Div in Network World: What enterprises should take away from the CIA leak

The Vault 7 leak can teach businesses lessons around the challenges of attack attribution, the risks posed by nation-state tools, and more.

March 30, 2017 / 2 minute read

Toss Out the playbook to staff the security team of the future

Toss Out the playbook to staff the security team of the future

March 14, 2017 / 3 minute read

Five lessons learned on the journey from Innovation Sandbox to global cybersecurity company

The RSAC 2015 Innovation Sandbox contest served as Cybereason’s debut to the security community.

February 3, 2017 / 2 minute read

Information security priorities for Trump's administration

In a recent Network World column, Cybereason CEO Lior Div explained why information security needs to be emphasized in all federal government agencies, just not those traditionally associated with IT

December 27, 2016 / 3 minute read

How the US government can help businesses fight cyber attacks

Cybereason CEO Lior Div discusses why companies need help from the U.S. government if they’re going to face adversaries who are using nation-state attack techniques.

November 17, 2016 / 2 minute read

The future of security: A combination of cyber and physical defense

As more items gain web connectivity as part of the Internet of Things movement, the need to protect devices from hackers and physical damage will only increase.

October 26, 2016 / 3 minute read

Behavioral detection becomes critical as nation-state hacking capabilities go mainstream

Nation-state hacking tools are now available to any hacker, meaning businesses are facing advanced threats that require them to rethink how they approach information security.

September 26, 2016 / 2 minute read

Is Fancy Bear really behind the World Anti-Doping Agency and DNC hacks?

Attack attribution may make headlines but does little to improve enterprise security. Cybereason CEO Lior Div explains why companies should spend less time figuring out if Russia or China was behind a

September 15, 2016 / 2 minute read

Lior Div in Network World: Attack attribution does little to improve enterprise security

Evidence is easy to alter in the online world, making accurate attack attribution difficult if not impossible.

August 22, 2016 / 3 minute read

Lior Div in Network World: Stop the attacker's offense, don’t do defense

Organizations need to approach cyber security by thinking about how they can stop offense.

July 28, 2016 / 2 minute read

Carbon Black's purchase of Confer shows EDR is the winning approach to cyber security

Carbon Black's purchase of Confer shows EDR is the winning approach to cyber security

July 19, 2016 / 1 minute read

Lior Div in Network World: The components of modern hacking operations

Cybereason CEO Lior Div explains how modern hacking operations are handled like a business operation and include hiring plans, budgets and timelines.

July 1, 2016 / 3 minute read

Lior Div in Network World: Rip up the script when assembling a modern security team

A diverse workforce leads to better security. Discard the playbook you typically use when forming a security team and the perspectives you gain will improve your company’s defenses.

May 23, 2016 / 3 minute read

Lior Div's post in Network World: What terrorism investigations can teach us about investigating cyber attacks

While terror attacks that have occurred in the physical world are making headlines, the virtual world is also under attack by sophisticated hackers.

April 20, 2016 / 3 minute read

Lior Div’s post in Network World: Hacking operations are as vulnerable as a house of cards

No matter what defensive measures are implemented, security teams will still be the underdog compared to the sophisticated enemies that they are facing.

April 12, 2016 / 3 minute read

Lior Div's Post in Network World: How my dyslexia launched my hacking career

Lior Div's Post in Network World: How my dyslexia launched my hacking career

February 18, 2016 / 3 minute read

APTs Will Force CISOs to "Grow-or-Go"

As advanced persistent threats (APTs) continue to take businesses off guard, CISO leadership will need to adapt or be left behind.

February 5, 2016 / 1 minute read

The Eternal Flaw of One-Shot Detection Methods

DGA.Changer has added a new trick to its arsenal: a technique that fools security tools into thinking they've captured it while it's already slipped away.

August 12, 2015 / 1 minute read

Forbes: Why The Hacking Team Breach Further Tips The Scales Against Businesses

Forbes: Why The Hacking Team Breach Further Tips The Scales Against Businesses

August 4, 2015 / 3 minute read

Forbes: Why It's Worth Divorcing Information Security From IT

These days, enterprise-computing environments are global, borderless, fully mobile, and extremely complex.

June 22, 2015 / 2 minute read

Lior Div in Forbes: Lessons From 2014 Mega Breaches: It's Time To Shift To A Post-Breach Mindset

Looking back at 2014’s mega breaches: from Home Depot to the Sony breach, it is clear that determined hackers will find their way into a network.

January 7, 2015 / 3 minute read

Too Fast To Remediate: Why The IT Mindset Is Risky When Applied To Security

Lior Div, CEO and Co-Founder of Cybereason discuss the risk of applying IT metrics and work processes to security.

December 5, 2014 / 3 minute read

Why are hackers ahead of the game?

Why are hackers ahead of the game?

November 24, 2014 /

Will the Excessive False Positives Syndrome Paralyze Security?

Will the Excessive False Positives Syndrome Paralyze Security?

November 24, 2014 / 1 minute read