A Cyber Executive Order For the 21st Century

The long-expected Executive Order On Improving the Nation’s Cybersecurity was published Wednesday, May 12, 2021. My initial reaction is positive. It calls for using multifactor authentication and encryption within Federal agencies after all, things th… Continue reading A Cyber Executive Order For the 21st Century

How to Protect Structured and Unstructured Data

Every effective PII protection effort addresses three critical imperatives – data discovery, access governance and risk mitigation. IT teams grappling with privacy mandates need to consider these factors across their unstructured and structured data c… Continue reading How to Protect Structured and Unstructured Data

Federal Court Narrows ‘Third Party’ Warrant Requirement

In United States v. Carpenter, the United States Supreme Court ruled that, before the police could obtain historical cell site location information (CSLI) about the location of someone’s cell phone in the past, they had to seek and obtain a warrant fr… Continue reading Federal Court Narrows ‘Third Party’ Warrant Requirement

Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues

“Click here to claim your bonus pay,” said email from a British train company. But it was a phishing test—and now the staff are hopping mad.
The post Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues appeared first on Security Boule… Continue reading Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues

DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack

Colonial Pipeline might be tight-lipped about the vulnerability hackers exploited to launch a ransomware attack that shut down the U.S.’s largest pipeline, but details are emerging about the DarkSide ransomware variant behind the attack and the cyberc… Continue reading DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack

Ransomware Attacks on Municipalities Continue

Recently, the Washington, D.C. police department suffered a ransomware attack when the Babuk Group gained access and encrypted and stole approximately 250 gigabytes of sensitive data from the department’s servers. The Russia-based criminal entity post… Continue reading Ransomware Attacks on Municipalities Continue

Lessons in Securing Development Environments

The new world of software development is inherently collaborative — development teams are geographically dispersed and require easily accessible and automated tools to ship products and features quicker with confidence. The new generation of developme… Continue reading Lessons in Securing Development Environments

Are Cybercriminals Evil or Greedy?

Are cybercriminals by nature evil?  Only the 1930s pulp magazine hero The Shadow really knows “what evil lurks in the hearts” of cybercriminals. At first glance, it would appear there is great deal of darkness in the hearts of malicious ha… Continue reading Are Cybercriminals Evil or Greedy?

Security Vs. Convenience: Navigating the Mobile World

The emergence of COVID-19 vaccines has offered the UK light at the end of the pandemic tunnel. However, even with an increasingly vaccinated workforce, it remains unlikely that we will witness a rush back to the office environment, the ‘old normal.’ A… Continue reading Security Vs. Convenience: Navigating the Mobile World

Security Vs. Convenience: Navigating the Mobile World

The emergence of COVID-19 vaccines has offered the UK light at the end of the pandemic tunnel. However, even with an increasingly vaccinated workforce, it remains unlikely that we will witness a rush back to the office environment, the ‘old normal.’ A… Continue reading Security Vs. Convenience: Navigating the Mobile World