• Feb 09
    2016
    About a year ago, I compared cybersecurity to the siege of Helm's Deep (an episode in the Lord of the Rings saga): "a small group of stalwarts defend a thoughtful and well-designed position (and everything they hold dear) against an unlimited number of orcs. The orcs aren't particularly competent, but they don’t have to be. From time to time, their efforts are enhanced by explosives and siege technology. But their ...
  • Feb 02
    2016
    The 2016 Vormetric Data Threat Report is out, and it's worth your reading time if you’re at all interested in data security. You can download it at vormetric.com. I suggest reading the entire report, which is based on a survey of more than 1,100 senior security executives across the globe. But I wanted to discuss a couple findings that caught my eye. The first finding that interested me was that ...
  • Jan 26
    2016
    When they announced the Powerball jackpot was over a billion dollars a couple weeks ago, I almost bought a ticket. It's only two dollars, so why not? But when I thought about it, I could see I stood a better chance of finding a billion dollars in the street than I did of winning it at Powerball. And I could get more out of my two dollars by setting them ...
  • Jan 19
    2016
    The 2015 Vormetric Insider Threat Report polled 800 senior executives and IT professionals worldwide, finding that 89% report feeling vulnerable to insider attack. In the U.S. alone, it's 93%. Most cyber-attacks still come from outside, but insider attacks may well pose greater risk because the damage can be so much more devastating. Insiders are in a position to know your organization's assets intimately, and they know where your weak points ...
  • Jan 12
    2016
    Nuix, a big data software developer that originated in Australia, has released its second annual Defending Data report. (The link goes to a page from which you can download the entire report.) It is based on in-depth interviews with 28 corporate security officials. Nuix points to nine key findings from these interviews: Compared to last year, corporate officials are more aware of how they are spending their security budgets. The ...
  • Jan 05
    2016
    According to the 2015 Data Breach Investigations Report from Verizon, the top threats are now (in order of importance): credentials RAM scraping phishing spyware/keyloggers. Compromising credentials is still the greatest threat, but it has been shrinking in recent years and now constitutes no more than half of attacks. Spyware/keyloggers has shrunk most dramatically in the recent past and is now down to about 5% of attacks. But both RAM scraping ...
  • Dec 29
    2015
    The major hacks of the recent past - Sony, OPM, Anthem, Target, Ashley Madison - occurred without warning in unexpected places, making it seem like there is little you can do to personally protect yourself or your business from them. But that’s just what the criminals want you to believe. There’s a great deal you can do to protect yourself and your business. You can practice safe computing, and you ...
  • Dec 22
    2015
    It takes seven to ten years to grow an IT specialist, from novice to adept. This complicates career planning for IT professionals. Many of them try to smooth out the process by using the U.S. Bureau of Labor Statistics Occupational Outlook Handbook. You can go there, and if you can reconcile real-world job titles with those used by the Bureau, you can get a report of last year’s median salary ...