I very often see false choices about paths forward. One of the most common ones is the question about the future of humanity regarding AI, robotics, computers, cloning, vaccines, genetic engineering, you name it. Any new area of technology with a tremendous potential is always a multi-edged sword, and someone will always ask the question …
Of course until you are successfully attacked, doing nothing about security is a great approach. It saves money and time and costs you nothing. So lots of folks do nothing, or almost nothing, and I include myself in this latter approach – almost nothing. As little as I can get away with I do as …
Many years ago, Gartner declared “Firewalls are Dead”, but some 20 years later (give or take) they are still reporting on “next-generation” firewalls. Why is that? Right to the answer Firewalls provide an economy of scale by substantially reducing the input sequences and noise that can contact interfaces. Let’s break that down: The claims against …
How is an application program interface different from an other application interface? At a basic level, they are the same – in the sense that anything that can be exploited from one can be exploited from another – or at least it should be that way from a security perspective. But unfo9rtunately, that’s not how …
Perhaps because more higher impact incidents are making the media these days. Perhaps there is an actual increase in threat actors, their activities, or the effectiveness of their activities. Perhaps the defenses have been spread too thin, perhaps … oh heck, perhaps all sorts of things. I know that in my career, I have been …
Why does it seem like more attacks are taking place? Read More »
Good luck finding someone qualified… The SEC is apparently about to make it a requirement for public companies to report on “the board of directors’ cybersecurity expertise, if any, and its oversight of cybersecurity risk”.1 Some details: Why would it be hard to find someone like this? But here’s the rub And there are some …
So you’re looking for a cyber security board member for your public company Read More »
People who don’t have to do it seem to not understand the nature of the cyber threat. This very short summary is intended for everyone who is responsible for it to hand to everyone else to help start a conversation and gain mutual understanding. The 6 questions people are commonly taught to ask are: who, …
Every once in a while I come across something interesting with substantial potential impacts but that differs from the common misconceptions. Many of them I point out with a fevered disdain of foolishness, while others I view more philosophically. This article is about some recent results that I think are worth attention, that are counter …
Some results in cybersecurity and why they may be interesting Read More »
