• Feb 08
    2018
    Did you know that nearly half of all of the small businesses in the United States are in serious danger of being hacked? Because business owners are not taking their cybersecurity seriously enough, over 14 million out of the estimated 28 million small businesses have actually been breached already. Thankfully, there is some good news. Companies can make simple changes that will help reduce the chance of their data being ...
  • Aug 01
    2017
    Nearly a year ago, I wrote a blog post about how criminals are changing their approach to cybercrime. They are increasingly well capitalized, and they are investing resources in research and development, both in the areas of social engineering and the technical investigations of system vulnerabilities. Since I wrote that blog post, the criminals have continued to change. Cybercrime looks different today than it did a year ago. It will ...
  • Jun 13
    2017
    If you’ve ever taken a trip to Paris and found your two years of undergraduate French to be utterly useless, you have encountered the training transfer problem. Your French classes may have been excellent and your teacher dedicated, but once you left school (or even the course), the environment encouraged skills decay. The transfer of training, i.e., the application of new skills back on the job, depends more on post-training ...
  • May 09
    2017
    The 2017 Data Breach Investigations Report is out. Verizon Enterprise Solutions performs a service to the community by publishing this report every year. It is one of the most comprehensive reports of its type that I have ever seen. This year’s compilation covered 42,068 incidents and 1,935 breaches. I advise you to visit http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/ and download the entire report, but I wanted to pull out one or two highlights that ...
  • Apr 19
    2017
    A recent opinion piece in Computerworld by Ira Winkler asks, “What prevents breaches: process, technology or people? One answer is PC, and one is right.” Most people — and most security experts — when asked the most important element in cyber security will say “people.” Winkler says it’s not people, it’s process: “Before you can focus on the people in a security program, you must be able to define exactly ...
  • Apr 14
    2017
    In March, the U.S. Senate voted to roll back broadband provider privacy regulations promulgated by the FCC. This means ISPs will not be prohibited from selling customers' web-browsing histories and other data without their permission. In terms of your life on the web, there are three things you should understand about this development: It’s largely symbolic; the privacy regulations had not yet gone into effect, so the rollback is unlikely ...
  • Apr 04
    2017
    There are millions of mobile apps available now through the Apple App Store, Google Play, and Windows Phone Store. But the major commercial app outlets are only part of the story. Increasingly, organizations are harnessing employee connectivity by creating their own proprietary mobile apps. Organizations find that developing a mobile app is a lot like developing a traditional desktop app, in that best practices include start with security in mind, ...
  • Feb 28
    2017
    Stephen Cobb, writing in December for WeLiveSecurity, said there is currently a global shortage of one million cyber security workers. Cobb, who does regular surveys on this subject, said the US alone needs something like 200,000 more people skilled in cyber security. These are not just people that IT managers fantasize about hiring. They are funded positions that remain empty because there aren’t enough qualified applicants to fill them. Cobb ...