When Trends Collide: Data Collectors Are Gathering Information from Smartphones Used for BYOD

I had an interesting conversation the other day with Rob Shavell, the co-founder and CEO of the online privacy company Abine. We talked about two big trends in mobile computing and what happens as a consequence of their intersection. This collision of Continue Reading →

Bookmark and Share

Passwords Are Like Underwear—They Aren’t Meant to Be Shared

In the world of IT security, perhaps nothing is so maligned as the humble computer password. End users hate jumping through hoops to create and remember complex passwords that contain letters, numbers and special characters. IT security professionals complain that end users Continue Reading →

Bookmark and Share

First Line of Defense Against DDoS Attacks in a Hosting Environment

Hosting Providers and Datacenters must overcome the challenges associated with a wide range of hosting requirements; maintaining highly available applications, mission critical systems and maximum levels of reliability.

Bookmark and Share

Boost Your Security Posture through Membership in an Industry Information Sharing and Analysis Center (ISAC)

It’s a huge responsibility to try to ensure cyber security for an organization, regardless of its size. Few companies would say they have the full complement of resources they would like to have in order to properly protect themselves from cyber threats. Continue Reading →

Bookmark and Share

Six Common Sense Steps from the FFIEC to Address DDoS Attacks

Who can forget the series of distributed denial of service (DDoS) attacks on American banks back in 2012 and 2013? Some of the attacks were highly effective in knocking online banking services offline for days at a time. Over time, financial institutions Continue Reading →

Bookmark and Share

Why Prompt Breach Notification Is Important

In a blog post last April, I wrote about a merchant that waited up to a year to notify customers that their payment card information may have been compromised in a breach. There were extenuating circumstances; the federal authorities investigating the breach Continue Reading →

Bookmark and Share

Specially Crafted Packet DoS Attacks, Here We Go Again

One of the most unique types of Denial of Service (DoS) attacks involves the usage of specially-crafted packets.  Most cybersecurity professionals are already familiar with volumetric and amplified DDoS attacks, but more recent attention has been surrounding fragmented and application-layer DDoS attacks. Continue Reading →

Bookmark and Share

A Real Story About Successful DDoS Mitigation

If you’re a cybersecurity professional, you may be all too familiar with the risks associated with DDoS attacks. Over the years, the threat landscape has had detrimental effects on organizations. Including, system downtime, brand damage, loss of customer confidence, and ultimately negatively Continue Reading →

Bookmark and Share

Considering Standards Security

The Internet Engineering Task Force (IETF) Request for Comments (RFCs) are required by RFC 2223, Instructions to RFC Authors, to have a section titled “Security Considerations” that is supposed to call out any special security implications relating to the protocol itself or Continue Reading →

Bookmark and Share

Why Do We Call It Cyber Crime If We Don’t Treat It Like a Crime?

My subdivision outside of Houston, Texas has a monthly newsletter, and one of the features is the neighborhood police patrol report. It’s mostly stuff like items being taken from unlocked cars or suspicious people or vehicles in the neighborhood. Every now and Continue Reading →

Bookmark and Share