The bulk of what passes for “threat intelligence” is just ephemeral data, frequently changed by hackers, and only useful on short-lived blacklists. To improve their cybersecurity, organizations need to raise their “threat IQ”. The security ecosystem of vendors and… Continue reading
Last month I wrote about attending a Department of Homeland Security (DHS) conference on its effort to create a new wave of Information Sharing Analysis Organizations (ISAOs). Along with many in the industry, I believe the future of cybersecurity… Continue reading
In the wake of the OPM hack, Federal CIO Tony Scott launched a government-wide cybersecurity Sprint on June 12, giving agencies 30 days to shore up their systems.
The audience for the sprint announcement was clearly the media.… Continue reading
According to the FBI, a security researcher may have hacked into commercial airplane flight systems from poorly-designed and poorly protected inflight entertainment systems (IFEs). If even the high-flying airline industry can’t protect its critical systems, what does that say… Continue reading
At the RSA pre-conference Cloud Security Alliance (CSA) Summit both Philippe Courtot (CEO, Qualys) and Marc Goodman (Author, “Future Crimes”) highlighted the need for a paradigm shift in how enterprises and societies address cloud security.
Courtot finds… Continue reading
“One of the discussions that never happen in relationship to the numerous successful hacks is: What was the security architecture? Security architecture – or any architecture for that matter – is the foundation upon which we should secure and protect… Continue reading