Cybersecurity Matters

George Hulme lends his expert insight into the latest developments in cybersecurity

Despite digital transformation efforts, federal agencies yet to fully embrace identity management

keyboard-thumbprint

Enterprises in the private sector have undergone tremendous change in recent years — end user mobility, cloud, shadow IT, and substantial digital transformation — and federal departments and agencies have been no different. In the past few years e-government efforts have digitized and automated many ways citizens interact with local, state, and federal government.  Of […]

Successfully defending against social engineering attacks

helmet-and-shield-armor

While it’s the technical aspects of cyberattacks that often make headlines — software exploits, worms, ransomware, and other forms of malware — it’s actually the subversion of people (end users) that make many, if not most attacks today, successful. All attacks eventually involve technical aspects, but it’s the trickery to get someone to click on […]

National Science Foundation funds additional cybersecurity research

empty-notebook-on-computer-desk

One might think that, since the dawn of the network firewall and intrusion detection systems in the 1980s, the tech industry would have a handle on the technologies necessary to adequately secure networks, applications, data, and people. Looking at the state of security and endless data breach story headlines, however, and it’s safe to assume […]

GDPR raising cybersecurity awareness among EU business leaders

EU-flag

As if the daily beating of data breach news wasn’t enough reason to bring the stark reality of cyber risks to the attention of corporate leaders, here comes the European Union’s General Data Protection Regulation (GDPR). Taking effect in May 2018, GDPR is managing to elevate cyber risks to the top of the corporate agenda […]

Not all cyberattacks are over data theft

locked-gate

When executives consider the risk to their systems they often consider only the value of their data and that of their customers. Too rarely do they consider the intrinsic value of their raw computing power or how their computing systems could be used as part of a larger attack. Case in point, last week security […]

Five keys to getting DevSecOps right

ornate-iron-fence

It’s amazing how successfully DevOps has spread through enterprises in recent years. Most enterprises are either completely embracing DevOps tools and practices, or they’re doing so within certain teams with plans to expand organization-wide in the near term. But the move to DevOps isn’t evenly embraced by all enterprise constituents. In fact, the fast and […]

Trove of infected Elasticsearch nodes uncovered

siren

Once again, thousands of misconfigured Elasticsearch servers have placed the internet at risk. The vast majority of the poorly secured servers were hosted on Amazon Web Services. Attackers enlisted 4,000 of those servers into a powerful Point-Of-Sale (PoS) botnet. The security firm Kromtech Alliance, which found the unsecured servers, says that they were researching Elasticsearch […]

Survey: Formal education leaves software developers short on security

Computer Programming

Recently released research has revealed that formal software education does little to prepare developers for today’s DevOps teams. In fact, 76 percent of developers indicated security and secure development education needed for today’s world of coding is missing from formal curricula. The study, commissioned by Veracode and conducted by DevOps.com, surveyed nearly 400 DevOps professionals […]

Small mistakes, big data breaches

Keyboard Data

We all make mistakes, especially simple mistakes, such as a typo here and there in email or grammatical oversights in a report. And who hasn’t called or texted a wrong number?  Just this morning I tried to submit a web form, and it was rejected because I didn’t format a field input properly. These types […]

Seven hacker documentaries you can’t miss

code hacking

The Summer grinds toward its unofficial Labor Day end. The days are still long and hot. The humidity is thick. It’s a time of the year when I like to tuck myself indoors and catch up on movies I’ve missed and old favorites. One of my preferred subjects is hacking. And to get a sense of […]