The SOC is dead — long live the SOC!

Overwhelmed by existing traffic volumes and held back by a shortage of skilled workers, the average Security Operations Center is approaching a state of crisis – and the challenges will only worsen if SOCs don’t evolve. No doubt about it, the SOC’s mission is vital: detect and respond to all threats. Unfortunately, most SOCs today […]

Be aware: Connected toy security and privacy risks have arrived this holiday

shady-robot

Internet-connected toys are popular – and your children may have received some over the holidays, but are you aware of the security risks? We know that IoT devices are notoriously insecure. Too often they are difficult to update when security vulnerabilities are uncovered — if users are notified of updates at all. The problem with […]

Ce que vous devriez déjà savoir à propos de l’Internet des objets

Il y a quelques semaines j’écrivais un article à propos des différentes étapes par lesquelles une entreprise doit passer avant de sauter le pas de l’Internet des objets (IoT). Je soulignais par exemple l’importance de centraliser et analyser les données collectées grâce aux appareils connectés. Mais pour y parvenir avec brio, il faut faire attention […]

Negative consequences of IoT could extend beyond cybersecurity

Last week, the U.S. Government Accountability Office (GAO) published a 78-page technology assessment of emerging Internet of Things (IoT) technologies and their implications. Internet of Things: Status and Implications of an Increasingly Connected World was conducted at the request of Congress, and involved a review of current literature and expert input. Report authors named information security as […]

The IoT lesson you should have already learned

IoT skills DXC Blogs

A few weeks ago I wrote about the steps enterprises must take to get ready for the Internet of Things (IoT). I focused on the importance of managing and analyzing data generated from connected devices. Doing this successfully, however, is predicated on two things: connectivity and security. Without these, your IoT initiatives are doomed to underperform or, even […]

Getting your enterprise ready for IoT

IT professionals have heard plenty over the past year about how the Internet of Things (IoT) is going to dramatically impact their enterprises and their jobs. Indeed, many IT pros already are managing devices connected via the Internet to their networks and infrastructure. These pros are learning what many learned not long ago as they […]

Wishful thinking is not a mobile security strategy

Fear is a gift. Sure, it can generate anxiety and discomfort, but fear is a gift because it has the power to motivate changes in behavior that can improve our well-being. We probably all know someone who has redesigned his or her diet and lifestyle after a big health scare. There are endless other examples of fear-based behavior modification, […]

48 hours at the GE Minds + Machines 2016 Hackathon

It’s amazing what sometimes fits into 48 hours. In a blog post about how to become a distinguished technologist, I recommended the following as a general, long-term heuristic for building a distinguished career: Learn a lot about things that matter Work on genuinely useful projects… with people you like and respect I watched that wisdom […]

IoT botnet attacks continue, copycat emerges

internet of things security CSC Blogs

According to a MalwareMustDie.org blog, a new botnet malware based on a previous DDoS botnet aims to utilize vulnerable devices exploited in the recent IoT botnet Mirai attack. The new creation, dubbed Linux/IRCTelnet, was first identified by researchers at MalwareMustDie.org. It exploits vulnerable IoT devices via hard-coded authentication credentials. This botnet malware is based on the Aidra botnet code and managed […]

The good (and bad) news behind the Dyn DNS DDoS attacks

Cybersecurity malware cryptolocker

After a massive distributed denial-of-service attack targeted at Dyn DNS, companies are starting to respond and more details are being made public. As I covered in The Dyn DNS attacks: What we know now, the massive attack knocked offline big-name websites, including Amazon services, Tumblr, Twitter, Reddit, Spotify, Netflix, among others. For those not familiar, Dyn […]