Today we released the 5th annual State of the Endpoint study, together with our colleagues at independent research firm, the Ponemon Institute. We’ve all known for some time the bad guys keep getting better and IT pros are continually challenged to keep the pace. Reinforcing the idea that it isn’t if an organization will be attacked but when,
On November 13-14, the North American Electric Reliability Corporation (NERC) will host a Grid Security Exercise, called GridExII, with Electricity Sub-sector entities across the U.S., Canada and Mexico. The goal is to simulate both a cyber-incident and physical attack for the purposes of testing organizational readiness and response.
Some pretty good movies have been made about the notion of a cut in on our nation’s power supply – which is what could happen in the event of a serious breach of our electrical grid.
In February, President Obama signed an Executive Order that called for increased cyber-threat information sharing between government and private companies who oversee our country’s critical infrastructure. The goal was to break down the barriers that cause privately-managed critical infrastructure companies to work independently of the government groups that could create a repository of intel on trending cyber attacks.
October marks the 10th anniversary of National Cyber Security Awareness Month, a public education campaign spearheaded by our colleagues at the National Cyber Security Alliance. It’s somewhat disheartening to consider the lack of progress made in cyber security over the last 10 years; cyber criminals continue to wreak havoc stealing personal identities, corporate IP, and even national secrets.
A few weeks after retiring Department of Homeland Security Secretary Janet Napolitano gave a farewell speech, we are still unclear on her replacement unfortuntely. In that departure speech, Napolitano advised her successor “You will need a large bottle of Advil.” Given the DHS Secretary is responsible for dealing with everything from natural disasters to terrorists attacks,
When you have something that someone else wants, you’re forced to protect it if you want that something to remain yours. Since the beginning of time, theft has been our unfortunate reality. As our world moved online and everything became digitally interconnected, thieves quickly recognized that’s where real value resides. To swipe it, they have gotten increasingly creative with their tactics and,
Imagine you woke up one morning to find all of your possessions gone. Someone broke into your house in the dead of night and stole all of your things. You don’t know how they did it or who it was, but the fact remains: your stuff is gone. You might step outside, see the broken window or the ruined lock,
Since writing “Are Journalists Sitting Ducks?” a few months back in response to the New York Times being targeted by Chinese hackers, several more high profile news organizations have been hacked including The Onion, AP, Financial Times and BBC. It’s apparent this trend is not going away any time soon.
To add insult to injury,
Every company wants to know the best way to protect their company, but it can be difficult when faced with the evolving security challenges of today. I recently sat down with Richard Mason, VP & CSO at Honeywell, Roger Grimes, security columnist and author, to get their thoughts on risk management best practices. I hope these strategies will help companies prioritize their IT risk and think beyond the traditional IT standards.
CISPA, the Cyber Intelligence Sharing and Protection Act, passed the US House of Representatives late last week and will move to the Senate for further debate. If this rings a bell, it should. Last summer, CISPA passed the House before stalling in the face of a Senate filibuster. Of course, it was not the only failed attempt at cyber security legislation.
- What laws are in place for cyber security and are they enough?
- Are the Chinese the only foreign nation hackers we need to worry about? Who are the real perpetrators?
- How big of a problem is stolen IP for the U.S. and other countries and what is being done about it?
Remember Mat Honan – a Wired reporter that covers consumer electronics? He had his entire digital life erased last summer. His Google account was deleted, his Twitter taken over, his iPhone, iPad and MacBook erased.
How about the New York Times hack? Chinese hackers allegedly broke into the paper’s systems,
For the good guys to get a leg up on increasingly brazen cyber criminals, we must share breach intelligence. The bad guys do it and we are at a significant disadvantage because we don’t. Or at least we don’t at the level we should. I’ve said this many times before but the road to cyber security legislation has been long and difficult.
How many movies have you seen where the fate of humankind depends on a geeky guy sweating in front of a computer? The specific drama varies from movie to movie, but they generally include the need to: hack into a system to get critical information, crack a password, or disable an evil supercomputer bent on destroying our way of life.
In yet another example in the saga of personalized malware from foreign nations, specifically China, The New York Times reported Wednesday that the Chinese had carried out an extensive malware campaign against the newspaper giant for the past four months. With this news, we see once again stand alone, signature-based defenses are completely ineffective,