Everything You Need To Know About Passwords – IOSS 11


The latest string of mega breaches that compromised approximately 642 million passwords has shown us how vulnerable we still are. Yes, passwords are obsolete, and we should at least use two-factor authentication. But the fact remains, unless we find a password solution to really shake up how to think, use, and manage passwords on apps […]

Continue Reading →

The Cyber Kill Chain or: how I learned to stop worrying and love data breaches


Pulling off a heist is no easy feat – and in order to prevent theft, you best understand the plan of attack. Like any good ol’ traditional heist, there are multiple stages to consider in a cyber-attack. To help prevent and detect cyber-attacks and security breaches, we look to the cyber kill chain. Lockheed Martin […]

Continue Reading →

Cyber Espionage: Could Russian and Korean Hackers Have Been Stopped (With UBA)?


Once upon a time, breaking into the Democratic National Committee required non-virtual thieves picking real door locks and going through file cabinets. And stealing the design secrets of a fighter jet was considered a “black bag” job that utilized the talents of a spy who knew how to work a tiny spy camera. Then, that […]

Continue Reading →

The Differences Between DLP, IAM, SIEM, and Varonis Solutions


You can’t always do it all alone and sometimes you need help from your friends. It’s good life advice, and as it turns out, good advice for a security solution. A multi-pronged security program that uses a mix of technologies and approaches is the best way to reduce risk and to protect you organization’s most […]

Continue Reading →

Recent Cybersecurity Warnings from the FBI – IOSS 10


Rob Sobers, Mike Buckbee and Kilian Englert joined me for an interesting conversation as we discussed recent cybersecurity warnings from the FBI. Here’s the best of what you might have missed: Keystroke loggers disguised as USB phone chargers Cindy: Let first define keystroke logging Mike: A keystroke logger is anything that’s recording the keystrokes and often […]

Continue Reading →

EU GDPR Spotlight: Protection by Design and Default


Privacy by Design (PbD) is a well-intentioned set of principles – see our cheat sheet – to get the C-suite to take consumer data privacy and security more seriously. Overall, PbD is a good idea and you should try to abide by it. But with the General Data Protection Regulation (GDPR), it’s more than that: […]

Continue Reading →

Why The Greatest Danger To The Financial System Is Cybersecurity – IOSS 9


According to the chair of the SEC, the greatest danger to the world financial system is cybersecurity. And it made me wonder, at what point, while the financial transactions are happening that money is vulnerable? Mike Buckbee and Kilian Englert joined me for an interesting conversation as I inquired about shopping online, using wearables and […]

Continue Reading →

Next-Gen Ransomware (Ransomworm!) Gets Deadlier


Ransomware developers have been busy adding more deadly functions to their evil creations. First we heard about DDOS capabilities appearing in modified versions of Cerber.  Now Microsoft reports that a new ransomware variant has the power to spread like a worm. Known as ZCryptor, it infects other users by dropping an autorun.inf file into removable […]

Continue Reading →

Password Security Tips for Very Busy People


If you needed another reminder that you shouldn’t use the same password on multiple online sites, yesterday’s news about the hacking of Mark Zuckerberg’s Twitter and Pinterest accounts is your teachable moment. Mr. Z. was apparently as guilty as the rest of us in password laxness. From what we know, the hackers worked from a […]

Continue Reading →

3 Malware Stats That Will Annoy You


Earlier this week, it was reported that the Russian police arrested 50 suspected hackers for malware bank attacks. One of the largest arrests of hackers in Russian history, these alleged cybercriminals took over $45 million from banks. This arrest also prevented another potential bank heist that would have netted the cyber thieves $35 million. While this […]

Continue Reading →

Five of our Favorite Videos From RSA 2016


For those who weren’t able to attend their giant security conference in San Francisco, the RSA folks released videos of the sessions on their website. Like I did last year, I binged watched RSA videos over a few days to come up with my faves. Here are five that are worth watching. How to Explain […]

Continue Reading →