The wildfire that ripped through California in early October caused tremendous damage and the loss of over 30 lives.  So far this year 8.5 million acres have been burned, and last year 4.8 million acres were destroyed due to wildfires.  The loss of life, property, and our valuable forests is staggering.  However, at the recent Dell IQT Day, solutions were discussed for a variety of modern challenges, and I believe IoT can aid in reducing wildfires. According to the National Park Service, a bureau of the Department of the Interior,…

Continue reading

Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 was established in 2015 to protect Controlled Unclassified Information (CUI).  CUI is information that is not classified, but still must be protected.  CUI is important sensitive information that it does not require a security clearance to view. The National Institute of Standards and Technology (NIST) has established special publication 800-171 to provide guidance on how to protect unclassified data in the private sector.  DRARS mandates that organizations that store, process, or transmit information for federal or state agencies including the DOD comply…

Continue reading

Some ransomware are strategically designed to cause as much damage as possible while producing large profits for cybercriminals. And the ransom demands for these Advanced Ransomware Threats (ARTs) far exceed those for a typical ransomware attack. ARTs hold your most valuable assets for ransom and ensure that copies of the data are not available for restoration. There are typically six phases of an ART attack, including: Reconnaissance This process begins with reconnaissance. The attacker reviews information on the company and may even make a list of employees mentioned on the company web…

Continue reading

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and update the popular open-source operating system. There is a broad range of Linux distributions aimed at different purposes and preferences. Some are built for specific tasks such as privacy protection or perimeter defense and a host of options are available for both desktop and server operating systems. Linux has been around for decades, yet it only claims 2.36% of the desktop operating system market share. Linux is much more popular on the…

Continue reading

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  Over the last few decades, the industry has moved from an explorative infancy to an integral and vital corporate function. I had the opportunity earlier this month to discuss the evolution of cybersecurity with Dr. Alissa Johnson, CISO at Xerox.  Her perspective on this journey was interesting to me because Alissa Johnson, also known as “Dr. J”, has served in both the public and private sectors.  She has been involved in…

Continue reading

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our creations become tangible and yet; this intermediary has become so pervasive and such a mainstay of our technological world that it was assumed somewhat unchallengeable.  However, while the basic functions of printing, scanning, copying and faxing have stayed the same, the modern printer is a far different creature from the monoliths of the past or even the printers of last year. Today’s printers exchange data with users not only on the local network…

Continue reading

There are a variety of different ransomware variants that encrypt your data with no intention of ever decrypting it. There are also ransomware distributors who are happy to collect ransom payments but have no interest in returning anyone’s data. Innocent victims often fall prey to ransomware hoaxes or find problems with ransomware decryptors. They all end up in the same place they started, without their valuable data. Some of the groups behind the most prevalent ransomware viruses are working to build-up confidence that victims will receive their data if they…

Continue reading

I recently did an interview with Karen Marcus for Careers in Cybersecurity on education, career development, and cybersecurity career success.  The transcript is provided below and is divided into a section for those just starting out in cybersecurity, those mid-career and those late into their career.  Enjoy the read and please let me know your thoughts in your comments. For someone just starting out in cybersecurity: What degrees should they pursue? Any advice for landing that first job? There are a variety of degrees from associates to Ph.D. that concentrate…

Continue reading

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, tablets and other mobile devices and use them to content to corporate networks. Additionally, employees regularly use personal computers and other devices not owned by the organization to work at home or on the road. Unfortunately, BYOD can be risky for organizations that do not implement adequate security controls.  Personal devices that aren’t properly managed by the company often have inconsistent security controls implemented on them. For example, one device…

Continue reading

Ransomware is infecting the computers of unsuspecting victims at an astronomical rate. The various methods that cybercriminals use to take over a machine and encrypt its digital files are called the attack vectors, and there are quite a few. In this article, we’ll explore the top 10 ransomware attack vectors. The first five exploit human weaknesses through social engineering attacks. In other words, they use carefully crafted messages to entice victims into clicking a link, downloading software, opening a file or entering credentials. The second five spread ransomware computer to…

Continue reading