Collaborate Disseminate
By removing the most common cause of traffic accidents – the human driver – autonomous vehicles are expected to reduce traffic accidents and fatalities. However, they may pose a completely different type of risk to drivers, passengers and pedestrians. … Continue reading Cybersecurity risks connected to AI in autonomous vehicles
President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera, and a microphone. You can take live classes online, work out with your friends, or join … Continue reading Presidential Cybersecurity and Pelotons
Experts have been predicting for decades that the insurance industry would eventually help drive better private sector cybersecurity practices by pricing premiums based on cybersecurity risk.
The post Jump-Start the Cyber Insurance Market to Drive… Continue reading Jump-Start the Cyber Insurance Market to Drive Better OT Security
Incydr is Code42’s new SaaS data risk detection and response solution, which enables security teams to mitigate file exposure and exfiltration risk without disrupting legitimate collaboration. Code42 focuses on the problems related to the massive “work… Continue reading Review: Code42 Incydr – SaaS data risk detection and response
Third-party SaaS apps (and extensions) can significantly extend the functionality and capabilities of an organization’s public cloud environment, but they can also introduce security concerns. Many have permission to read, write, and delete sensi… Continue reading How to reduce the risk of third-party SaaS apps
Sunoo Park and Kendra Albert have published “A Researcher’s Guide to Some Legal Risks of Security Research.”
From a summary:
Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA §1201), electronic privacy law (ECPA), and cryptography export controls, as well as broader legal areas such as contract and trade secret law.
Our Guide gives the most comprehensive presentation to date of this landscape of legal risks, with an eye to both legal and technical nuance. Aimed at researchers, the public, and technology lawyers alike, its aims both to provide pragmatic guidance to those navigating today’s uncertain legal landscape, and to provoke public debate towards future reform…
More organizations than ever before have shifted to a hybrid work culture to reduce the impact of COVID-19. This unprecedented change has not only given rise to new security challenges, but has also considerably increased the surface area available fo… Continue reading Build a resilient cybersecurity framework by transforming your IT team into a security team
Interesting usability study: “More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication“:
Abstract: Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code. RBA has the potential to offer more usable authentication, but the usability and the security perceptions of RBA are not studied well…
Really interesting conversation with someone who negotiates with ransomware gangs:
For now, it seems that paying ransomware, while obviously risky and empowering/encouraging ransomware attackers, can perhaps be comported so as not to break any laws (l… Continue reading Negotiating with Ransomware Gangs
The more “mature” among us may recall when decision-making under uncertainty was based on the concept of “rational economic man.” We estimated or calculated the probability and amount of a loss (or gain) of various courses of action, multiplied the num… Continue reading Cybersecurity Lessons from the Pandemic: Perception of Risk