A Tribute to IoT Device Security Researchers


This blog in the Internet of Things (IoT) series comes as a tribute to security researchers everywhere. The autumn’s largest security-focused show is the Black Hat Security conference. If you are not familiar with Black Hat, it is a tech conference that started in 1997 and covers numerous security topics in various presentations that are fairly to [...]



By | January 3rd, 2017|Uncategorized|0 Comments

The Desperate Need for Accuracy and Efficiency in Security for Detecting Network Intruders and Other Threat Actors Quickly


According to 2015 research reports published by Ponemon, Mandiant, and others, median intruder dwell time in a target network prior to detection ranges from just under to just over 200 days. That is a little over six months and as everyone agrees, totally unacceptable. How is it that an intruder can get into a network [...]



By | April 14th, 2016|Uncategorized|0 Comments

The Rise of Thingbots in the Internet of Things (IoT)


The Internet can be a pretty scary place. Places like the dark web exist in the form of trading houses with stolen personal information from credit cards and social security numbers, to health records and full identities being obtained for a price. Malware development and deployment and other attack services such as DDoS and botnets [...]



By | November 20th, 2015|Data Sharing, Internet of Things, IoT, Security, Uncategorized|0 Comments

Vectra Provides Pervasive Visibility & Analysis to Detect Cyber Attacks


Though cyber attacks have been around for years, in 2014 there was an explosion in the volume of attacks and a marked increase in the losses and damages they inflicted. In 2015, this does not seem to be lightening up. In February, Anthem health care insurers were compromised, putting 80 million current and former customers [...]



By | April 9th, 2015|APT, Malware, Persistent Threat, Security, Uncategorized|0 Comments

Allgress Insight Risk Management Suite Brings Flexibility and Functionality to IT-GRC


When I started out in security, only very large organizations with a mature set of business processes dared to talk about implementing some form of governance, risk, and compliance (GRC) or enterprise program (e-GRC). They generally did it in an attempt to get ISO or similar certification, or to "move their programs to the next [...]



By | December 19th, 2014|Uncategorized|0 Comments

Is EMV an Expensive Security Misstep for the Payments Industry?


There is no disagreement that the current mag-stripe technology used in the USA and other countries outside of the EU is antiquated and lends itself to fraud. The data is easily copied using various methods from manual card data copying and shoulder surfing, to database compromise and POS terminal malware.  Cards can be reproduced with [...]



By | December 5th, 2014|Uncategorized|0 Comments

Thoughts on Splunk .conf 2014


This week, Las Vegas hosted some 3500 people at the MGM Grand to mark Splunk .conf14, the annual user gathering for Splunk customers, referred to as “Splunkers”. For those of you not in the tech industry, spelunking, or the act of exploring caves, may come to mind. The theme of the conference was not cave [...]



By | October 24th, 2014|Security, Uncategorized|0 Comments

Symantec CyberWar Games Provide Valuable Cyber-Insight


The emotions oscillate between high frustration and high jubilation as I observe cyber-attack teams’ hacking activities against an unnamed financial institution… It’s the final day of the Symantec 2014 CyberWar Games Simulation taking place on Feb 20th in Symantec's World Headquarters in Mountain View, California. Almost two months ago, over 1100 Symantec employees representing 40 [...]



By | March 3rd, 2014|Uncategorized|0 Comments
Load More Posts