Hot Topics

Avatar photo
Charles Kolodgy
“Charles J. Kolodgy is a security strategist, visionary, forecaster, historian, educator, and advisor who has been involved in the cyber security field for over 25 years. He is an Analyst with Accelerated Strategies Group and Principal at Security Mindsets. His views and understanding of information and computer security were shaped during his years at the National Security Agency. During that time he held a variety of analyst and managerial positions within both the information assurance and operations directorates. Following NSA is was a a Research Vice President covering security markets for IDC and then a Senior Security Strategist for IBM Security. Over the years he has identified market trends and authored numerous documents to explain market realities and has been a speaker at many security conferences and events, including the RSA Conference, CIO Conference, CEIG, and IANS. He has been widely quoted in the media. He is best known for naming and defining the Unified Threat Management (UTM) market which continues to be one of the strongest cyber security markets with vendor revenue of $3 billion per year. He has been a leading analyst on software security, encryption, and the human element. Charles holds a B.A. in Political Science from the University of Massachusetts at Lowell and an M.A. in National Security Studies from Georgetown University.”

privateering

Cyber Privateering Complicates Attack Attribution

| | Blog, cyber privateering, Cybersecurity, Hacking
The injection of sophisticated malware into SolarWinds software was attributed to Russian Intelligence. An unrelated attack, made possible by exploiting a vulnerability in SolarWinds software, is being attributed to Chinese hackers. Periodically, other breaches are attributed to North Korean and Iranian hackers.  However, nations do not often admit to being ... Read More
Security Boulevard
Nutanix Retrospect data encryption

Encryption Requirements Driven by Data State

| | data at motion, data state, Data-At-Rest, encryption
Have you ever had that feeling that something is amiss? While conducting research on when data encryption is required, I noticed something that seemed a little off. It is commonplace for regulations to require measures be taken to protect data. Many regulations recommend encryption to protect data as it exists ... Read More
Security Boulevard
vulnerability ADA bots standing Boa Web3 NIST supply chain digital data

A Natural Law for Digital Data

| | Data encryption, Data Security, Information Security, Privacy
Digital data provides the strength and vitality of the Information Age. Bits have as much, if not more, value than comparable assets in the physical world. Losing control of proprietary or critical information could have legal, financial or business ramifications. Digital data completely changes the nature of information. It is ... Read More
Security Boulevard
attacks

Cybercriminals Increasingly Exploiting Pandemic Trauma

| | covid-19 cybersecurity risks, Cybersecurity, education, Pandemic, Phishing, Security Awareness
The ancient military strategist Sun-Tzu wrote that “in the midst of chaos, there is also opportunity.” He was referring to the ability to point your opponent toward the direction of your choosing. Cybercriminals have taken this philosophy to heart: They use the personal and organizational disorder brought on by the ... Read More
Security Boulevard
Boothole

BootHole Shows Need for Greater Scrutiny

| | Application Security, Cyber Security, DevSecOps, Hacking
The recent BootHole and related vulnerabilities raise the question of whether software used for critical security functions should have special scrutiny. When a security operation fails the ramifications are considerable, especially when the security process is widely distributed. Heartbleed, a critical vulnerability found in the OpenSSL library, is an example ... Read More
Security Boulevard