MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’
All too many companies lack a full appreciation of how vital it has become to proactively manage and keep secure “unstructured data.” One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. Related video: Why it’s ... Read More
Q&A: The troubling implications of normalizing encryption backdoors — for government use
Should law enforcement and military officials have access to a digital backdoor enabling them to bypass any and all types of encryption that exist today? We know how Vladmir Putin, Xi Jinping and Kim Jung-un would answer: “Of course!” Related: Nation-state hacks suggest cyber war is underway The disturbing thing ... Read More
MY TAKE: Poorly protected local government networks cast shadow on midterm elections
In March 2018, the city of Atlanta fell victim to a ransomware attack that shut down its computer network. City agencies were unable to collect payment. Police departments had to handwrite reports. Years of data disappeared. Related: Political propaganda escalates in U.S. The attack also brought cybersecurity to the local ... Read More
MY TAKE: Here’s how diversity can strengthen cybersecurity — at many levels
Of the many cybersecurity executives I’ve interviewed, Keenan Skelly’s career path may be the most distinctive. Skelly started out as a U.S. Army Explosive Ordnance Disposal (EOD) Technician. “I was on the EOD team that was actually assigned to the White House during 9/11, so I got to see our ... Read More
MY TAKE: Can Hollywood’s highly effective ‘source-code’ security tools help make IoT safe?
Over the past couple of decades, some amazing advances in locking down software code have quietly unfolded in, of all places, Hollywood. Related: HBO hack spurs cyber insurance market Makes sense, though. Digital media and entertainment giants like Netflix, Amazon, Hulu, HBO, ESPN, Sony, and Disney are obsessive about protecting ... Read More
NEW TECH: Critical Start applies ‘zero-trust’ security model to managed security services
All companies today are exposed to intense cyber-attacks. And yet the vast majority simply do not have the capability to effectively defend their networks. That’s where managed security services providers, or MSSPs, come in. MSSPs monitor and manage cybersecurity systems as a contracted service. This can include spam filtering, malware ... Read More
MY TAKE: The amazing ways hackers manipulate ‘runtime’ to disguise deep network breaches
There is a concept in computing, called runtime, that is so essential and occurs so ubiquitously that it has long been taken for granted. Now cyber criminals have begun to leverage this heretofore innocuous component of computing to insinuate themselves deep inside of company networks. Related: The coming wave of ... Read More
Q&A: How emulating attacks in a live environment can more pervasively protect complex networks
Most large enterprises today can point to multi-millions of dollars expended over the past two decades erecting “layered defenses” to protect their digital systems. Yet catastrophic network breaches continue apace. Turns out there’s a downside to “defense in depth.” Related: Obsolecense creeps into legacy systems There’s no doubt that monitoring ... Read More
NEW TECH: WhiteSource leverages automation to mitigate lurking open-source vulnerabilities
Just like the best sourdough bread derives from a “mother” yeast that gets divided, passed around, and used over and over, open-source software applications get fashioned from a “mother” library of code created and passed around by developers. Related: Equifax hack highlights open source attack vectors In today’s world, quick ... Read More
GUEST ESSAY: A call for immediate, collective action to stem attacks on industrial control systems
As the Industrial Internet of Things continues to transform the global industrial manufacturing and critical infrastructure industries, the threat of aggressive, innovative and dangerous cyber-attacks has become increasingly concerning. Adopting modern technology has revealed a downside: its interconnectedness. The vast web of connectivity has expanded the number of potential entry ... Read More
