Bill Bowman

Cipher Blog - English

Scammers use different stories to "fish" sensitive information from targets. The goal is to get as much information as possible from the target. "Smishing" is the term for phishing for information via text message (SMS). The methods used to phish is the same regardless of the medium of the message ... Read More

The European Union's General Data Protection Regulation (GDPR) has been a lightning rod in the debate over online privacy and data security since it went into effect in May of 2018. Another act aimed at privacy and data security has passed in California and is set to go into effect ... Read More

Companies that accept credit cards must comply with certain standards set out by the Payment Card Industry Security Standards Council. The standards help ensure the card data and processing is safe and secure. The requirements for passing the assessment are exhaustive. However there are 12 categories that the requirements fit ... Read More

Having your computer infected with malicious code is a difficult experience. The person whose device gets infected is not wholly innocent however. Unless the virus is on a device beforehand, there are typically four types of actions that can result in malware getting on a computer. Understand what they are ... Read More

Biometric identification is in the palm of every modern smart phone users' hands. People can unlock their devices with their face, eyes or fingerprints. Businesses have adopted biometric identification techniques for entry into offices and secure areas. Getting unfettered access to systems is the goal for hackers. As a result, ... Read More

A Security Incident and Event Management (SIEM) tool ingests logs from your environment, correlates the data and can disseminate insights via alerting, visual dashboards or reports. SIEMs normalize data into a readable format for the common layman. SIEMs, however, are inherently complex tools. Utilizing a SIEM effectively involves understanding the ... Read More

The AAA Framework is a simple way to understand security issues surrounding the access ability of individuals within an organization. The Internet Engineering Task Force researched and coined the acronym in the early 2000s. The 3 As stand for Authenticate, Authorize and Account. Understanding and crafting policies around this framework ... Read More

The debate over Brexit is raging in Parliament. The outcome will have far-ranging impacts across the UK. If your business either sends personal data to another EU country or operates in the European Economic Area (EEA), there will be additional considerations for organisations. As no firm decisions have been made ... Read More

The start of employment is the time to give new hires a run down on security measures for your company. Ideally, a formal training session should occur where protocols are covered for security measures. There should also be an Acceptable Use Policy (AUP) for the employee to review and sign ... Read More

Last month a hacker who stole $5 million resulting from SIM Hijacking was sentenced to 10 years in jail. In the end, SIM Hijacking or SIM Swapping results in your phone number being taken. Your phone number is the key for 2-factor authentication and other verification processes ... Read More