“All for One and One for All”

… So chanted the Three Musketeers. One of my main issues with cybersecurity risk management is that organizations seek to secure their own systems, data and networks, hoping that attackers will move ...

Cybersecurity is Failing—Time for a Reset?

When you read what’s happening in cybersecurity, you could cry. We are being bombarded with cybersecurity fails. Recent egregious examples are Equifax and Capital One. To quote an August 2, 2019 article ...

Outsourcing, Cost Cutting and the Boeing 737 Max Debacle

When we thought that Boeing had come up with ways to mitigate the risks that resulted in two major air crashes, we learn that Boeing has been outsourcing their software development to ...

The Cybersecurity Paradox

In “Our Neurotic ‘Privacy’ Paradox” by Jennifer Senior, which appeared in The New York Times of May 19, 2019, the reporter makes the following statement: “Resignation [to the loss of privacy] also ...

The Why and Wherefore of Cybersecurity Risk

There is a song in Gilbert and Sullivan’s “HMS Pinafore” light opera that begins “Never mind the why or wherefore.” Perhaps that has been a problem all along with cybersecurity risk management ...

Cyberwarfare—Yes? Cyber Insurance—No!

Just when you think that you are covered, you discover that you may not necessarily be protected by your cyber insurance. That was the startling message in an article by Adam Satariano ...

Security Metrics and Tesla’s Safety Statistics

I have long railed against the inadequacy of popular easy-to-record security metrics. They usually lack critical information about the nature and severity of vulnerabilities and are therefore misleading in providing support for ...

Cyberspace’s Weapons of Mass Deconstruction

The cyberworld is replete with exhibitionists and voyeurs, facilitated by social-network (or should I say social-engineering) technologies such as those provided by Facebook, Twitter, Google, Instagram, and others. Even seemingly staid news ...

Security Metrics, Application Security and Cancer Research

I would not have thought that there would be a relationship among security metrics, application security and cancer research until I read an article in the Sunday Magazine section of the June ...

AI Bias Validated!

In my BlogInfoSec column “Is A.I. For, or Against, Cybersecurity?” posted on June 18, 2018, I asserted that developers are introducing their personal biases into the design of AI (artificial intelligence) systems ...
Loading...