Five More Videos from RSA 2016

pexels-photo-66134

It’s been a few months since we last visited the RSA sessions from this year’s conferences. Much has happened since then: for starters,  more ransomware, Yahoo, increased GDPR awareness, news details on OPM, and state actors behaving badly. With that in mind, we reviewed the archived RSA 2016 videos and came up with five prescient sessions that help […]

Continue Reading →

How to setup your DNS Server like North Korea

pasted_image_9_29_16__11_38_am

I can only imagine it’s a high stress job doing IT support for Kim Jong Un as he’s the kind of manager who probably watches you over your shoulder, touches your screen a lot and drops dark hints about “disappearing” your family for three generations if the patches don’t get deployed properly. While we often […]

Continue Reading →

New York State Proposes Real-World Cybersecurity Regulations for Banks

people-new-york-train-crowd

The EU General Data Protection Regulation (GDPR) has raised the bar for what we expect from a national data security and privacy law. The US doesn’t really have anything close (outside of HIPAA for medical PII). So it’s interesting to see some movement at the state level. Let’s now give a shout out to New […]

Continue Reading →

Attorney and Data Scientist Bennett Borden: Find Insider Threats (Part 2)

Bennett-Borden--1

In this second podcast, Bennett continues where he left off last time. Borden describes his work on developing algorithms to find insider threats based on analyzing content and metadata.

Continue Reading →

If the GDPR Were in Effect, Yahoo Would Have to Write a Large Check

money-finance-bills-bank-notes-2

Meanwhile back in the EU, two data protection authorities have announced they’ll be looking into Yahoo’s breach-acopalypse. Calling the scale of the attack “staggering”, the UK’s Information Commissioner’s Office (ICO) has signaled they’ll be conducting an investigation.  By the way, the ICO rarely comments this way on an on-going security event. In Ireland, where Yahoo […]

Continue Reading →

Yahoo Breach: Pros react to massive breach impacting hundreds of millions of users

Yahoo has confirmed a data breach affecting at least 500 million users in the latest mega breach to make headlines. Here’s what some infosec pros had to say about it. If Yahoo waited ~2mo to inform Verizon of the breach, that says interesting things about the acquisition negotiations during that period. — Jeremiah Grossman (@jeremiahg) September […]

Continue Reading →

Attraction of Repulsion (to Ransomware) – IOSS 23

potatoes-french-mourning-funny-162971

When it comes to ransomware, we can’t stop talking about it. There’s a wonderful phrase for our syndrome, “the attraction of repulsion,” meaning that something is so awful you can’t stop watching and/or talking about it. How awful has ransomware been? According to the FBI, in the first three months of 2016, ransomware attacks cost their […]

Continue Reading →

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

blog_graphic_genesis

Genesis Financial Solutions is a financial institution, lender and America’s largest source of second-look financing. They really understand how important it is to keep their data secure from insider threats and cyberattacks. They were seeking a solution that would give them insight into their sensitive data and improve the effectiveness of their regulatory compliance. With […]

Continue Reading →

Interview with Attorneys Bret Cohen and Sian Rudgard, Hogan Lovells’ GDPR Experts

bret-and-sian-hl

We are very thankful that Bret Cohen and Sian Rudgard took some time out of their busy schedules at the international law firm of Hogan Lovells to answer this humble blogger’s questions on the EU General Data Protection Regulation (GDPR). Thanks Bret and Sian! Bret writes regularly on GDPR for HL’s Chronicle of Data Protection blog, […]

Continue Reading →

Statistician Kaiser Fung: Fishy Stats (Part 3)

fung-book

Over the past few weeks, Kaiser Fung has given us some valuable pointers on understanding the big data stats we are assaulted with on a daily basis.  To sum up, learn the context behind the stats — sources and biases — and know that the algorithms that crunch numbers may not have the answer to your […]

Continue Reading →

Why the OPM Breach Report is a call-to-action for CSOs to embrace data-centric security

The Committee on Oversight and Government Reform released a fascinating 231-page report detailing the how and why behind the epic breach at the United States Office of Personnel Management. Richard Spires, the former CIO of the IRS and DHS, remarked on OPM’s failure to take a data-centric approach to information security: “[I]f I had walked […]

Continue Reading →