Expert analysis
What’s needed for the first NYS DFS cybersecurity transitional phase?
The first transitional phase of the New York State’s Department of Financial Services (NYS DFS) cybersecurity regulation is upon us. As of August 28th, 2017 covered entities …
Gaming the system for a better experience
I play a lot of video games and one of the things I’ve noticed is that when you first start playing, the game often keeps you from venturing into places where you’re likely to …
Three barriers to digital IDs on the blockchain
There has been a lot of hype around blockchain technology and the benefits it could potentially bring to a wide variety of verticals, including identity verification. While …
Motivation roulette: Is pseudo-ransomware a term?
It used to be so simple. Attack campaigns were relatively simple to determine, for example when we detailed the recent Shamoon campaign it was clear that this was intended to …
We can’t rely on black swans: Three areas to improve cyber policy now
What will it take for cybersecurity policy to finally catch up to the digital age? I get this question often, and increasingly I worry that it will take a true “black swan” …
Where does corporate cloud security responsibility begin and service provider responsibility end?
Security has, is and will continue to be the cornerstone of advancement in the digital age. Conditions of trust, real or expected, are essential for digital economies to grow …
Has healthcare misdiagnosed the cybersecurity problem?
Take a cursory look at the U.S. Department of Health and Human Services’ (HHS) wall of data breach shame and you might be scratching your head: Why does the healthcare sector …
Identity-in-depth and the evolution of defense
We’ve seen it over and over again: the parade of companies and government agencies announcing the impact of their latest breach. These players have something in common that …
Intrusion detection is speeding up: Is it enough to tackle global cyber threats?
As criminals continue to develop new methods to break or sidestep cyber defences, in many cases the focus is shifting towards the ability to detect and respond to an incident …
Shark or not? 3 real-life security scenarios and how to tell which will really bite
We’ve just wrapped one of my favorite weeks of television, Shark Week. Viewers were treated to show after show of sharks stalking and attacking helpless victims. In most …
Container security: The seven biggest mistakes companies are making
As enterprises increase adoption of containers, they also risk increasing the number of mistakes they make with the technology. Given that many companies are still wrapping …
The future of AppSec: Stop fighting the last war
It’s a cornerstone of military doctrine: when you focus too much on the last battle you faced, you miss signs of the new battleground taking shape. The principle holds as true …