Cybersecurity Lessons from the Pandemic: Data – Part 2

Having discussed issues relating to the collection and reporting of COVID-19 data in Part 1, we now turn to cyberspace, even though the jury is still out regarding much of the pandemic ...

Cybercriminals’ Motivations during Catastrophic Times

Brittany Haynes wrote an article about “How Criminals Are Benefitting From the COVID-19 Crisis” on March 19, 2020, which is available at https://www.igi-global.com/newsroom/archive/malicious-threat-your-inbox-covid/4477?utm_source=IGI+Global+Products+and+Publishing+Opportunities&utm_campaign=58a5a8500d-EMAIL_CAMPAIGN_Research_Trends_1_19_wk1_COPY_01&utm_medium=email&utm_term=0_bcbd627034-58a5a8500d-47781814 Haynes’s article references a March 9, 2020 article by ...

Cybersecurity Risk Management … Beyond the “Golden Period”

Where do we stand with the management of cybersecurity risk? Answer … Not in a good place. This position was further augmented upon reading an article in the January 23, 2020 Washington ...

Y2K … Two Decades Later

Why didn’t I use the title “Y2K at Twenty” for this column to match “The FS-ISAC at Twenty” that was posted on BlogInfoSec on January 6, 2020? Good question … easy answer ...

The FS-ISAC at Twenty

The FS-ISAC (Financial Services Information Sharing and Analysis Center) was launched in October 1999 by Treasury Secretary Lawrence Summers. It was the first such entity. Many subsequent ISACs have used the FS-ISAC ...

Another Fifth … Quantum Dawn Cybersecurity Exercise

Another Fifth … Quantum Dawn Cybersecurity Exercise Following my BlogInfoSec column “Taking the Fifth …” posted on October 29, 2019, I came across other “fives,” the most relevant of which was about ...

Are Cybersecurity Intelligence and Security Metrics Statistically Significant?

It is customary to begin an article on cybersecurity with some statement about the exponential growth of threats, attacks, vulnerabilities, etc. I’m no different. It seems like a reasonable, generally accepted thing ...

Are Ransom Payments Supporting Terrorists?

Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers ...

“All for One and One for All”

… So chanted the Three Musketeers. One of my main issues with cybersecurity risk management is that organizations seek to secure their own systems, data and networks, hoping that attackers will move ...

Cybersecurity is Failing—Time for a Reset?

When you read what’s happening in cybersecurity, you could cry. We are being bombarded with cybersecurity fails. Recent egregious examples are Equifax and Capital One. To quote an August 2, 2019 article ...