A feeling of general malaise in the IT Security Industry prompted us to take a closer look at the current state of affairs. Despite the pervasive doom and gloom, there is perhaps a silver lining. Let’s take a look at malware, botnets and the other pesky critters wreaking all the havoc and how they may actually be serving a useful purpose.
Threat Modeling is a process which leads to better architecture, design, function and long-term security of software, hardware, information systems and even entire organizations.
In multiple research studies, USB devices that have been left in public places have been plugged into company PCs by those who have picked them up, despite no information on their origin. If the researchers had left spoons instead of USB devices, how many people would pick them up and put them in their mouth?
The use of multiple accounts, to handle separation of roles and responsibilities for a single person, has resulted in the increased use of special characters in usernames.
At long last, one is no longer beholden to DropBox or hacking away on command line with rsync for a convenient cloud file storage and synchronization service!
On October 13th the Corporate Finance division of the Securities and Exchange Commission (SEC) quietly released a document, CF Disclosure Guidance: Topic No. 2 , on the web that has the potential to make a major impact on the way that corporations look at cyber-security.
On October 13th the Corporate Finance division of the Securities and Exchange Commission (SEC) quietly released a document on the web that has the potential to make a major impact on the way that corporations look at cyber-security. What does it mean to you?
There are two orthogonal stacks in an IT ecosystem: Implementation or Doing and Parametric or Directing. A full security assessment covers all aspects of security that impact on an IT ecosystem and its supporting services.
A new technique for phishing has emerged. Dubbed “spear phishing,” it targets specific individuals or groups to gather information. The FBI documented spear phishing attacks in early 2009 , and since then the frequency, complexity, and motives behind spear phishing have grown more sophisticated and dangerous.
Other than divine intervention, the best answer is to rely on mathematical and statistical models along with computer simulation to help forecast, predict and control risk.
Another day and another story about a new cyber threat. It sounds worse each time - defenses that don't defend and employees that are just trying to do their job and allowing malware into the system, yet we don't seem to feel the pain. It's easy to get complacent, after all, how bad can it get?
RSA was hacked potentially compromising SecurID, currently the most popularly used 2-factor authentication mechanism. What is the attacker really after?
TPM can be found in many or most business PCs, but are neither well known nor popularly used. With the need and popularity of strong authentication rising, TPM introduces an alternative to strong authentication worth considering.
There are hundreds of identity access and authentication management and SmartCard systems integrators standing ready to support your security needs. So, how do you go about selecting the right vendor for you?
“Passwords are the worse irritating thing since the invention of the PC.” A common response to hear when asking the average computer user what they hate the most about their daily job.
View All 
