Author Archives: Tripwire Guest Authors

Why a Decline in Cyber Attacks Against Banks Is Bad News for Everyone Else

Posted on by

There were three critical digital canaries in the cyber security coal mine in the past seven days, all of which signal a rising tide of threats for every sector outside of banking and finance. The first of the three critical reports came out on Wednesday, with the Anti-Phishing Reporting Group noting a record-breaking 250% increase […]… Read More

The post Why a Decline in Cyber Attacks Against Banks Is Bad News for Everyone Else appeared first on The State of Security.

Continue reading Why a Decline in Cyber Attacks Against Banks Is Bad News for Everyone Else

IT Security Tips for International Travel

Posted on by

When you travel internationally for business, you’re likely headed to a country that utilizes drastically different cybersecurity laws. In the U.S., you can expect a reasonable amount of privacy for your data and devices. Even with the uproar about the National Security Agency (NSA) and security violations in recent years, Americans still enjoy a higher […]… Read More

The post IT Security Tips for International Travel appeared first on The State of Security.

Continue reading IT Security Tips for International Travel

Re-Examining Identity & Access Management (IAM)

Posted on by

There is a lot security professionals disagree on when it comes to Identity & Access Management (IAM). One thing most would agree on though is that IAM means many things to many people, and has been shaped more by vendor product boundaries over the years than by overarching architectures, processes and governance. The basic term “Identity […]… Read More

The post Re-Examining Identity & Access Management (IAM) appeared first on The State of Security.

Continue reading Re-Examining Identity & Access Management (IAM)

IoT Problems Are about Psychology, Not Technology

Posted on by

I was on a security panel recently where we were asked to define the Internet of Things (IoT). This term is as vague as it is broad. It can be argued that it includes almost any “thing” that can be part of a network. I was not happy with any of our answers, including my […]… Read More

The post IoT Problems Are about Psychology, Not Technology appeared first on The State of Security.

Continue reading IoT Problems Are about Psychology, Not Technology

WhatsApp: Physical Access Trumps Encryption

Posted on by

WhatsApp is an instant messaging service with well over one billion global users. To put it into perspective, one in seven people on the planet actively use this popular messaging app to send some 30 billion texts, voice messages and videos every single day. In 2014, WhatsApp was acquired by Facebook for $19.3 billion. It […]… Read More

The post WhatsApp: Physical Access Trumps Encryption appeared first on The State of Security.

Continue reading WhatsApp: Physical Access Trumps Encryption

Domain Name Industry Still Weak on Content Quality Regulations

Posted on by

One of last year’s articles on The State of Security helped to open up a largely neglected topic in the domain name industry. The author, David Bisson, pointed to the growing volume of suspicious TLDs and how this could become a serious threat to organizations registering both new and old TLDs. With ICANN adding new TLDs at an […]… Read More

The post Domain Name Industry Still Weak on Content Quality Regulations appeared first on The State of Security.

Continue reading Domain Name Industry Still Weak on Content Quality Regulations

How to End the Gender Diversity Problem in Cyber Security Forever

Posted on by

We ourselves feel that what we are doing is just a drop in the ocean. But the ocean would be less because of that missing drop” – Mother Teresa. I live by this quote. It’s powerful. It inspires me and it’s one of the reasons why I do what I do. Let me explain. It […]… Read More

The post How to End the Gender Diversity Problem in Cyber Security Forever appeared first on The State of Security.

Continue reading How to End the Gender Diversity Problem in Cyber Security Forever

Chasing IT Security Trends: A Recipe for Disaster

Posted on by

If you spend your life chasing the security “threat of the day,” you’re missing the point of solid IT security, warns Ian Trump. Instead, work out how to create a resilient business. I get this question a lot: “What do businesses need to know about the latest security trends?” I work primarily with small and […]… Read More

The post Chasing IT Security Trends: A Recipe for Disaster appeared first on The State of Security.

Continue reading Chasing IT Security Trends: A Recipe for Disaster

But, We Only Sell ______ : Understanding Security Risk via Red Teaming

Posted on by

“But we only sell hammers, do we really need the Cadillac solution?” During a 9 AM meeting, I sat across from a C-suite executive as these words hung in the air. I was left gobsmacked. It was readily apparent a significant language gap needed to be overcome to help leaders understand the motivations of cybercriminals. […]… Read More

The post But, We Only Sell ______ : Understanding Security Risk via Red Teaming appeared first on The State of Security.

Continue reading But, We Only Sell ______ : Understanding Security Risk via Red Teaming

Baselines and Security Patches – A Tough NERC CIP Challenge

Posted on by

There are roughly 200 requirements and sub-requirements in NERC CIP, and to satisfy each one requires performance-based compliance evidence that produces the comprehensive documentation that proves each requirement and sub-requirement was met for all activities that fall under it. That by itself is no mean feat. Of those 200 requirements, baseline configuration management and monitoring […]… Read More

The post Baselines and Security Patches – A Tough NERC CIP Challenge appeared first on The State of Security.

Continue reading Baselines and Security Patches – A Tough NERC CIP Challenge