It’s unthinkable: hackers targeting that sacrosanct American institution, the sports team? The recent incident in which the Houston Astros’ internal trade discussion were hacked and posted on the Internet shows that, today, no target is off limits. Jeff Luhnow, GM for the Astros, was quite right when he said: “It’s a reflection of the age […]
I would like to offer my congratulations to the private and public entities that participated in the recent investigation and arrests of cyber criminals in New York City, Ontario, Canada, and London, United Kingdom. A tremendous amount of hard work and dedication from all parties is required to successfully dismantle an international criminal enterprise. The […]
Breached! This is the new watchword in the executive office suite these days. Ever since Brian Krebs revealed to the world that Target had been breached, every company is on notice. While the primary role of the CEO is revenue and growth, there are a host of other activities that support revenue and growth. […]
Google’s move to set up Project Zero is very welcome. The infrastructure on which we run our businesses and our lives is showing its fragile nature as each new, successful attack is disclosed. Unfortunately, we all share significant risks, not least because IT tends towards “monoculture”, with only a few major pieces of hardware and […]
On an autumn day in 2008 while I was an active, practicing journalist, I sat in my office and interviewed Todd Davis, CEO of LifeLock for my article on scanning the underbelly of the web. Todd is perhaps best known for appearing in ubiquitous advertising and broadcasting his Social Security Number. At the time, it […]
I recently wrote about the necessity of getting the right data for security analytics. But I’m continuously reminded how typical organizations lack an even roughly complete understanding of their network, or even a map of it. I can understand why this happens – entropy is just as inevitable for organizations as it is in Physics. […]
Recently, on a rainy Colorado afternoon, I sat down at my kitchen table to decide how I was going to upgrade our home security system. Just as anyone who has gone through this process would do, I walked around the house and looked at all of the possible ways an intruder could attempt to enter. […]
I remember when I first started trying to solve network security problems, using fancy network analytics. I applied the classic suspension of disbelief that’s necessary to work on any emerging technology – first, you assume all the hard problems will be easy, and second, you assume the impossible ones will just go away. Happily, much […]
This morning, I woke up, walked downstairs, and performed my morning rituals, including a review of OmniFocus on my iPad to see what was on tap for today. I looked at my list of projects, my next actions, and those items that are due in the next few days. Then, I went to work.
I recently attended a gathering of Wall St CISOs, one of whom referred to the “negative unemployment” in our industry. I thought this was a great phrase, and I’ve found it’s a quick way to get across some quite deep points about current security.
At first, it just sounds cute, but in practice, it’s about […]