How Rootkits Are Threatening Smartphone Security

Think your cell phone conversations are secure?  Think again….computer scientists at Rutgers University have shown how a familiar type of personal computer security threat can now attack new generations of smart mobile phones,  Read More →

What Your Employees Know About Your Business

What your employees know about your business might keep you up at night if you really thought about it.  In some cases the employee may have greater targeted knowledge or access to data than the owners, principals, executive team, or directors. What your employees know about your business may be of strategic value and provide that competitive edge.  It may be the special sauce that took the company years to develop and it may walk out the door prior... [Read More...]

There Is No Perimeter

Last week I mentioned the myth of the “network perimeter” and alluded to the futility of trying to secure it, and I wanted to expand on that theme a little more.  I frequently find myself working with IT staff that have a mentality of “us vs. them” or “inside the perimeter vs. outside the perimeter” concept of security.  I strongly believe that there needs to be a paradigm shift in thinking from the perimeter based view to one of embedding... [Read More...]

Your Network Is Less Secure Than the Internet!

I frequently have conversations with clients who struggle to understand the need for security controls on internal infrastructure, or why the mandates of certain regulations are important.  I get blank looks often phrases like “but it’s behind our firewall” or “that’s not reachable from the Internet”. There is a pervasive, and fallacious, belief that the Internet is some sort of wild middle-ages like kingdom full of marauding Huns and... [Read More...]

Cyber Warfare: Attacks Linked to North Korea

North Korea is suspected of being behind cyber attacks on U.S. and South Korean web sites, says a spy agency from South Korea. Video courtesy of Reuters.  Read More →

Cybersecurity Rules for Private Networks Proposed

According the the Washington Post and reporters Joby Warrick and Walter Pincus “Senate Legislation Would Federalize Cybersecurity, April 1, 2009″ there is a new Senate Bill which proposes mandatory security standards for private industry.  The legislation, co-sponsored by Senate Commerce Committee Chairman John D. Rockefeller IV (D-W.Va.) and Sen. Olympia J. Snowe (R-Maine), was drafted with White House input. It is my opinion that this is nothing... [Read More...]