By Dr. Ulrich Lang, CEO The press is full of coverage of Facebook's privacy breaches. The sad part of the story is that many security and privacy professionals (including myself) have been working for years to create awareness and educate about the issues that are (if you would believe the press coverage) just coming [...]
The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data[i]. The IoT is going to be transformational – significantly impacting most industries and parts of society. Experts estimate that [...]
1. Increased adoption of risk-based and biometric authentication tools Anthem and Equifax breaches have raised some very serious questions on password-only authentication options. Service providers as well as consumers are now looking for alternatives that will reduce the risk of data breach. As risk-based authentication tools assess the background behavior and other data of [...]
The number of reported major IT/hacking events attributed to ransomware by health care institutions increased by 89 percent from 2016 to 2017, according to cyber defense firm Cryptonite’s 2017 Healthcare Cyber Research Report, which used data reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). The research [...]
What is wrong with CyberSecurity? According to an article in The Hill the new DHS breach illustrates perfectly what is wrong with today's cyber security practices. They say that "organizations should focus less on how a breach occurred (hacking, insider, fraud, etc.) and focus more on building up and preserving customer trust in their [...]
Firewalls come in many forms and often do not offer enough protection. In this blog post I describe a little project I've done to see how we can use a hardware firewall with Suricata based intrusion prevention in a somewhat portable way. Paranoid or necessary? I'd say necessary, considering the myriad of attacks that [...]
Walk virtually through your information flows. ObjectSecurity OpenPMF now supports virtual reality and 3D (beta version). OpenPMF 3D automatically creates a graph (nodes + edges) visualization of the imported information about your systems and applications alongside the "drag and drop" visualization that has been supported for several years. ObjectSecurity's SCRAMS product (robust prototype) also supports [...]
Many Cybersecurity experts have said for years that we need to do better whitelisting, and that relying on blacklisting and anomaly detection is not good enough anymore. Unfortunately, organizations often cannot technically implement the comprehensive security policies they want to (or should want to). This is because there are too many overlapping technical configs [...]
Today’s information age would have felt like out of a sci-fi movie to someone 20 years ago. More data has been created in the past two years than in the entire previous history of the human race. 1.7MB of data is created for every human per second. Within 4 years, we will have generated [...]
The number one IT expense in 2017 is predicted to be cybersecurity. Gartner expects the market to reach one trillion dollars by 2020, and according to the Harvard Business Review cybersecurity will be the fourth most important item that will be discussed in the boardroom in 2017 — right after corporate strategy, political changes and shareholder [...]