Cybersecurity Executive Insight, opinions and analysis l SC Media

Executive Insight

Scary but true: ransomware is getting smarter

The recent WannaCry attack shows why ransomware is one of the top-of-mind issues for executive boards, security operations centers, and incident response and forensics teams. The attacks seem to have high success rates despite being relatively simple. It’s a threat that’s both pervasive as well as extremely disruptive to not only technical operations, but in…

Petya: Using blast radius to deduce attribution

As the global ransomware attack coined Petya continues to proliferate globally, identifying the culprits is an important piece of the puzzle. At this point, it’s prudent to attempt to rule out who it doesn’t appear to be through process of elimination. While there was clear forensic evidence connecting the code used by the WannaCry actors…

An Alan Turing-Inspired Solution to the Cybersecurity Labor Shortage

As the global pool of malicious cyberattackers grows in strength and innovation — finding new, unheard of ways to breach our systems — the pool of professionals with the skills to outsmart them continues to shrink. If your company has ever tried to recruit an IT professional with cybersecurity experience, you know the skills gap…

How Artificial Intelligence Became the Darling of an Industry

The rise of behavioral analytics, machine learning, artificial intelligence, or whatever the latest nomenclature is currently being promoted by vendors, has taken the security community by storm and showing no signs of stopping. It’s almost impossible not to see these phrases mentioned on new preventative solutions going to market and rightfully so. With an industry…

Combatting the Security Risks of the IoT

The market for connected devices has exploded in recent years, leading to billions of Internet of Things (IoT) devices being deployed around the globe. To be competitive, and to get to market quickly, many device manufacturers used off-the-shelf technologies without really considering ‘security’. Ease of use, function and price were the primary considerations and we…

The Great Architecture vs Platform Debate

It may sound like a debate only engineering geeks should care about – the terms platform and architecture. Are we getting in the weeds here? Aren’t they basically synonymous?  Well, I’m a proud geek and assert that these terms do not mean the same thing. The fact is, one approach future-proofs your investment and makes…

The Eurocontrol Phish: When the Routine Becomes Remarkable

Security news over the past few weeks has been dominated by a number of innovative, sophisticated phishing and ransomware attacks that have proven alarming and highly destructive. When malicious actors manage to leverage Google’s own network and apps to execute a widespread phishing scheme or marry ransomware to an exploit-based network worm, you can expect…

Unsupervised anomaly detection giving security pros a leg-up on bad online actors

Cybersecurity attackers in 2017 have it easy. Powerful tools for abusing online services are easy to find online for free. Compromised Android devices provide attackers with a vast reservoir of high-reputation IP addresses for hackers to exploit.  A more privacy-conscious public is leveraging privacy-protecting devices and browsers and IP-masking services that can hide an original…

The Truth About Mainframe Security – And Where You Should Be Focusing

Have you ever noticed that technology is the only industry where the term “legacy” carries a negative connotation? In recent months, so-called legacy systems – most notably the mainframe – have drawn much unwarranted ire, particularly in the government sector. Mainframe technologies are outdated, not compatible with modern security approaches and represent a major risk,…

Blocking Government Backdoors to Encrypted Messaging Apps… Not!!!

Recently, the topic of a government’s right to have unfettered access to encrypted data for national security reasons was back in the news when it came to light that Khalid Masood, the British extremist who killed four people outside parliament had used WhatsApp a few minutes before he launched his attack. For many people, privacy…

Next post in Executive Insight