For IT Pros Only

Lets be clear: this is for IT people. Not because IT people are better looking and drive cooler cars than the general populace (which is true: most IT departments look like extras from the set of The Fast and Furious), but because unless you're familiar with things like the dark blackness that grips your soul when you discover that two NICs have the same MAC address on your network - you probably aren't going to appreciate this at all.

Get Your Cards Now
Data Security

New York State Proposes Real-World Cybersecurity Regulations for Banks

The EU General Data Protection Regulation (GDPR) has raised the bar for what we expect from a national data security and privacy law. The US doesn’t really have anything close (outside of HIPAA for medical PII). So it’s interesting to see some movement at the state level. Let’s now give a shout out to New York regulators for their proposed cybersecurity rules for financial companies. Go Empire State! Like the GDPR, the New York  experiment…
Compliance & Regulation

If the GDPR Were in Effect, Yahoo Would Have to Write a Large Check

Meanwhile back in the EU, two data protection authorities have announced they’ll be looking into Yahoo’s breach-acopalypse. Calling the scale of the attack “staggering”, the UK’s Information Commissioner’s Office (ICO) has signaled they’ll be conducting an investigation.  By the way, the ICO rarely comments this way on an on-going security event. In Ireland, where Yahoo has its European HQ, the Data Protection Commissioner is asking questions as well. And here in the US, the FBI…
Data Security

Yahoo Breach: Pros react to massive breach impacting hundreds of millions of users

Yahoo has confirmed a data breach affecting at least 500 million users in the latest mega breach to make headlines. Here’s what some infosec pros had to say about it. If Yahoo waited ~2mo to inform Verizon of the breach, that says interesting things about the acquisition negotiations during that period. — Jeremiah Grossman (@jeremiahg) September 23, 2016 *** This will have an impact for years..yet another reminder to not reuse passwords on multiple sites! https://t.co/kAcI2N4zRN…
Data Security

[Podcast] Attraction of Repulsion (to Ransomware) – IOSS 23

When it comes to ransomware, we can’t stop talking about it. There’s a wonderful phrase for our syndrome, “the attraction of repulsion,” meaning that something is so awful you can’t stop watching and/or talking about it. How awful has ransomware been? According to the FBI, in the first three months of 2016, ransomware attacks cost their victims a total of $209 million. And it doesn’t stop there. It’s impacted many businesses including financial firms, government organizations, healthcare…
Customer Success

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

Genesis Financial Solutions is a financial institution, lender and America’s largest source of second-look financing. They really understand how important it is to keep their data secure from insider threats and cyberattacks. They were seeking a solution that would give them insight into their sensitive data and improve the effectiveness of their regulatory compliance. With ransomware on the rise, Genesis also wanted a way to quickly alert the IT staff to any unusual file access…
Compliance & Regulation

Interview with Attorneys Bret Cohen and Sian Rudgard, Hogan Lovells’ GDPR Experts

We are very thankful that Bret Cohen and Sian Rudgard took some time out of their busy schedules at the international law firm of Hogan Lovells to answer this humble blogger’s questions on the EU General Data Protection Regulation (GDPR). Thanks Bret and Sian! Bret writes regularly on GDPR for HL’s Chronicle of Data Protection blog, one of our favorite resources. Sian had worked at the ICO, the UK’s data protection authority, and helped draft the…
IT Pros

[Podcast] Statistician Kaiser Fung: Fishy Stats (Part 3)

Over the past few weeks, Kaiser Fung has given us some valuable pointers on understanding the big data stats we are assaulted with on a daily basis.  To sum up, learn the context behind the stats — sources and biases — and know that the algorithms that crunch numbers may not have the answer to your problems. In this third  segment of our podcast, Kaiser points out all the ways the stats can trick us through…
Data Security

Why the OPM Breach Report is a call-to-action for CSOs to embrace data-centric security

The Committee on Oversight and Government Reform released a fascinating 231-page report detailing the how and why behind the epic breach at the United States Office of Personnel Management. Richard Spires, the former CIO of the IRS and DHS, remarked on OPM’s failure to take a data-centric approach to information security: “[I]f I had walked in there [OPM] as the CIO—and, you know, again, I’m speculating a bit, but—and I saw the kinds of lack…
Data Security

The difference between SSL and TLS

Image credit: zviray The chronic epidemic of face blindness that affects the population of Metropolis and prevents them from realizing that Clark Kent and the freaking flying alien who looks just like him are actually the same person extends to the tech sector where we continually argue over how pedantic to be about the difference between “SSL” and “TLS”. To be fair, the situation is less of a “SSL is from Earth” and “TLS is…
Varonis News

I’m Jim Graham, Manager of Sales Engineering at Varonis, and This is How I Work

This quarter we will be getting to know Jim Graham, a Manager of Sales Engineering at Varonis, who manages employees located in California, Nevada, Arizona, New Mexico, and Hawaii. According to his manager Scott Truchot: Jim is well liked by his coworkers and there to provide a helping hand when needed, and his happy demeanor invites people to spend time with him off the clock as well.  How does Jim work his magic with customers?…