Snail Mail With a Privacy Twist
A friend of mine received an interesting piece of snail mail the other day. It was one of those inheritance scam letters that usually arrive in E-Mail. An image of the letter is shown below: In summary, the author, a high-ranking bank official, has an unclaimed inheritance that he is ... Read More
CISSP vs. Master’s Degree – Please Take a Neutral Corner!
The UK’s designated national agency responsible for providing information and expert guidance on qualifications (UK NARIC) recently announced that the Certified Information Systems Security Professional (CISSP) credential offered by (ISC)2 is rated as being RQF Level 7, and equal to a particular level of a Master’s Degree. This declaration is ... Read More
Revisiting and Revising Some Tips for National Cyber Security Awareness Month
As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month. Way back in 2015, when the world was an entirely different place, I contributed an article that offered some tips for protecting yourself. Those tips are still relevant: Password management. This should be ... Read More
New York Passes a Law that Further Expands Cyber Protection
The New York State Legislature recently passed a bill that aims to protect New York residents, regardless of the location of the business. The law, known as the Stop Hacks and Improve Electronic Data Security (SHIELD) Act is designed to address unauthorized access of data. The bill expands the definition ... Read More
Are the Robots Getting Better at Image Recognition?
I was logging into an account today and was presented with a CAPTCHA that struck me as quite odd. Normally, the CAPTCHA images are as clear as ever. However, look at these images below: The sample image of the car at the top right is fairly clear, yet the selection ... Read More
Opinion: Back to the Start for 2FA Adoption?
In a previous post, Tripwire asked contributors what their most memorable event of 2018 was. As a follow-up, guest author Bob Covello expands on his thoughts about two-factor authentication (2FA). We in the infosec community have made enormous progress towards getting multi-factor authentication the recognition it deserves. All the respected ... Read More
NCSAM: Consider the Nexus Between your Personal and Professional Life on Social Media
Another National Cyber Security Awareness Month is upon us, and although I have recently wished for its demise through better automated protections, there are some things that cannot be automated. One such area of manual interaction is all the social networks that we use. Unless you are a celebrity with ... Read More
Do Something, Know Something, Learn Something – A 3-Step Guide to Keeping Your InfoSec Career Exciting
If you are like most infosec professionals, each day brings new and interesting challenges. However, like most jobs, there are valleys that we fall into along the course of our professional development. How long can you stare at your SIEM tool before you start to experience some mild tunnel vision, ... Read More
The Next Milestone for the NYS DFS Cybersecurity Regulation is Approaching
The landmark NYS DFS cybersecurity regulation that took effect in New York State in March 2017 is approaching its third of four milestones. This was the first regulation of its kind that included prescriptive direction for the protection of personally identifiable information handled by all financial institutions that conduct business ... Read More
The GDPR Deadline Has Passed – Now What?
I was listening to Jenny Radcliffe interviewing Sarah Clarke on The Human Factor podcast the other day. (If you haven’t tuned in to this podcast, you are definitely missing out on a magnificently entertaining and educational experience!) Sarah made an accurate observation about what would happen after the May 25th ... Read More
