Information Security News
Krebs on Ransomware
The Krebses—Chris and Brian—are not related, but they have both come out with positions on ransomware. Chris was the former head of DHS’s CISA (Cybersecurity & Infrastructure Security Agency), and Brian is ...
Solar Winds Blow Hard
Unbelievable! But true. The enormous hack, purportedly by Russia (per Secretary of State Mike Pompeo and others), of major U.S. government agencies and the U.S.’s biggest corporations—apparently some 18,000 organizations according to ...
CISA and Desist
It’s an old joke: “Heads I win, tails you lose,” but it can also play out in reality. How often do cybersecurity professionals end up on the wrong side of that bet? ...
The Massive Shift to Cyber Crime
There is a cartoon in The New Yorker of March 30, 2020 showing four mobsters, one with a gun, sitting around a table. The caption reads: “For health and safety reasons, we’ll ...
Y2K … Two Decades Later
Why didn’t I use the title “Y2K at Twenty” for this column to match “The FS-ISAC at Twenty” that was posted on BlogInfoSec on January 6, 2020? Good question … easy answer ...
The FS-ISAC at Twenty
The FS-ISAC (Financial Services Information Sharing and Analysis Center) was launched in October 1999 by Treasury Secretary Lawrence Summers. It was the first such entity. Many subsequent ISACs have used the FS-ISAC ...
“All for One and One for All”
… So chanted the Three Musketeers. One of my main issues with cybersecurity risk management is that organizations seek to secure their own systems, data and networks, hoping that attackers will move ...
Oh, BTW, The Russians Cyberattacked the U.S. Critical Infrastructure
While we have been distracted by the dalliances of an errant president, the exfiltration from Facebook of personal information belonging to a gazillion users, and the use of those data to influence ...