Why it is Taking the State Department So Long to Root Out Hackers
Danny Yadron’s article discussing the amount of time it is taking to get attackers out of the unclassified network at the U.S. State Department is a reminder to all of us how hard this really is. We’ve...
View ArticleCybersecurity Lessons can be Learned from Credit Fraud Paradigm
“Hi, there. We’ve noticed some suspicious activity on your credit card. Did you purchase four plane tickets from Rio de Janeiro to Paris?” “No, of course not. I live outside of San Francisco.” This is...
View ArticleThe Case of the Missing Laptop
Missing (or stolen) laptops are a big deal, but, they are an even bigger deal in the heathcare vertical. The HIPAA/HITECH act essentially updated HIPAA in 2009 to take into consideration electronic...
View ArticleThe Expanding Attack Surface: A Common Sense Security Approach
Recently, I had the pleasure of reading Jon Olsik’s opinion piece on The Increasing Cybersecurity Attack Surface. I agree with many of the opinions put forward in the piece. Those business advancements...
View ArticleAttack of the Cyber Vampires–phishing at the White House
OK — my apologies up front for the headline but the analogy is too apt not to use. In Bram Stoker’s 1897 book Dracula, there’s a famous scene where Dracula is outside a castle window looking into the...
View ArticleMeritalk’s Cyber Security Survey: Too Much Data and No Complete Story
A recent survey of federal, state and local agencies by Meritalk tells a very interesting story. Five key facts stand out: 68% of cyber pros say their organization is overwhelmed by the volume of...
View ArticleWith the RSA 2015 Security Conference Behind Us, What do I do Now?
Observations Before long, RSA will be a distant memory. This was the year that people started to realize that spending additional dollars on yesterday’s solutions to address today’s new security...
View ArticleDyer Malware Updated to Defeat Malware Sandboxing Solutions
Is this the beginning of the end of effectiveness for malware sandboxing solutions? Many organizations have invested heavily in malware sandboxing solutions as a way to detect malware that gets past...
View ArticleSecurity Breaches and the “Crown Jewels” of Creativity and Research
The resent data breach at Penn State was a reminder to me of how much research and intellectual property is created at America’s universities. Research in quantum computing, materials science, and...
View ArticleThe Cybersecurity Personnel Shortage, Identity Theft & Fraud at the IRS
Question: What do a wave of baby boomer retirements and a trend toward outsourcing have in common? Answer: The inability of state and local governments to fill cyber security jobs and increased risk of...
View ArticleWhat’s Wrong With Today’s Security Technologies and Processes?
In general, today’s security operations center (SOC) monitors security alerts and alarms from security products and threats indicated by a security information and event management system (SIEM). These...
View ArticleSecurity Issues : Agencies Are From Venus — Legislators Are From Mars
About two weeks ago I had the privilege of briefing legislative staff members in Washington DC on a variety of cyber security issues. I met with staffs from the offices of three senators and one...
View Article
More Pages to Explore .....