Protecting Data for the Next Generation of Applications

As we look to the future, our reliance on data is only going to increase. Technologies such as IoT, AI, robotics, […]

Full Details

Four Steps to Effective Cybersecurity Logging

Logs are crucial elements to breach investigations.  However, some investigations suffer from a lack of logs.  In such cases, the company […]

Full Details

Legal and Ethical Obligations in Cybersecurity

I recently presented at the Duke Law EDRM on Cybersecurity and Law Firm Understanding Legal and Ethical Obligations.  Some questions […]

Full Details

Four Pillars of Data Protection for the Modern Enterprise

Data, a crucial asset for the modern business, is under attack.  Data breaches, ransomware, employee theft, and mistakes can each […]

Full Details

Data Protection Challenges in Preserving Company Value

Data is the building block of the modern business. It is essential for daily operations and ongoing commercial operations, but more […]

Full Details

Four Steps to Patch Management Success

The need for patch management has repeatedly been demonstrated in recent years as companies large and small suffered data breaches […]

Full Details

The Framework for the Future: Cybersecurity and Automation in 2030

It is healthy to take a step back from the technological changes of today to strategize on how the technology […]

Full Details

The State of Cybercrime

Companies experienced a deluge of cyberattacks in 2017 and the first part of 2018 has proven no different.  In 2016, […]

Full Details

Securing IoT with Blockchain

While blockchain has earned its most significant claim to fame by making possible the rise of cryptocurrencies like bitcoin, researchers […]

Full Details

Know Thy Enemy: Tools, Tactics, and Techniques of Cybercriminals

Many view the cybercriminal as an unknown.  This is due, in part, to the difficulty inherent in tracking down individual […]

Full Details

The lonely castle: Insights into the evolution of cybersecurity defense

This technological era is one that changes rapidly and so do defense strategies.  In the ancient world, combat strategies might […]

Full Details

GDPR and the Road to Increased Customer Loyalty and Trust

The General Data Protection Regulation (GDPR) is set to go into effect on May 25, 2018, and yet many companies […]

Full Details

IoT Security is Living on the Edge

As the size of the Internet of Things (IoT) continues to grow, so too do the potential security risks for […]

Full Details

Protecting Critical Infrastructure from Cyber Threats

In recent years, there has been a fundamental change in both the scope and scale of cyber threats to critical […]

Full Details

Reducing Wildfires with IoT, ML, and Drones

The wildfire that ripped through California in early October caused tremendous damage and the loss of over 30 lives.  So […]

Full Details

NIST SP800-171 and the upcoming DFARS deadline for DOD contractors

Defense Federal Acquisition Regulation Supplement (DFARS) clause 225.204-7012 was established in 2015 to protect Controlled Unclassified Information (CUI).  CUI is […]

Full Details

The 6 stages of an Advanced Ransomware Threat attack

Some ransomware are strategically designed to cause as much damage as possible while producing large profits for cybercriminals. And the […]

Full Details
Linux Ransomware

Ransomware threatens Linux servers, especially web servers

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and […]

Full Details

The Journey to Cybersecurity Success: Interview with Xerox CISO, Alissa Johnson

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  […]

Full Details

Smart printers require smart security

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our creations become tangible […]

Full Details

Ransomware extortionists not as trustworthy as they’d have you believe

There are a variety of different ransomware variants that encrypt your data with no intention of ever decrypting it. There […]

Full Details

Cybersecurity career landscape and industry trends

I recently did an interview with Karen Marcus for Careers in Cybersecurity on education, career development, and cybersecurity career success.  […]

Full Details

How to create a BYOD policy that keeps your business data secure

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, […]

Full Details

The top 10 ransomware attack vectors

Ransomware is infecting the computers of unsuspecting victims at an astronomical rate. The various methods that cybercriminals use to take […]

Full Details

Safeguarding against the insider threat

The insider is still one of the most vulnerable elements of cybersecurity.  Insiders are those who are authorized to work […]

Full Details

How ransomware extortionists hide their tracks

Cybercriminals extorted about one billion dollars from ransomware victims last year, according to the FBI. And nearly all of those […]

Full Details

Key security strategies for data breach prevention

If we have learned anything over the last few years about data breaches, it is that they are likely to […]

Full Details

Ransomware distributor gets hacked: A look behind the curtain

Two email accounts of a ransomware distributor were recently compromised. The analysis of these accounts gives an interesting “behind the […]

Full Details

Enterprise Ransomware Protection Insights

This past year, ransomware has extorted vast sums of money from enterprises.  Ransomware is a form of malware that encrypts […]

Full Details

Protecting against APTs with Machine learning

Machine learning is a science that uses existing data on a subject to train a computer how to identify related […]

Full Details

Backup and recovery means you can say no to ransom demands

Ransomware continues to be a huge problem for companies and consumers—and a major source of income for cybercriminals. Malicious hackers […]

Full Details

Cloud 2.0 – Built on security refinements from cloud technologies

In the world of technology, paradigms shift quickly.  Not long ago, we focused organizational security efforts on the perimeter of […]

Full Details

Breaking Free: A list of ransomware decryption tools and keys

Security software companies and research organizations are collaborating to break the encryption codes of ransomware variants and free those who […]

Full Details

Warning: Some ransomware attacks are just a diversion

Ransomware computer viruses are becoming more sophisticated—and so are the attacks that make use of ransomware. In some cases, ransomware […]

Full Details

Mamba ransomware takes a bigger bite out of your data

As if encrypting your individual files was not enough, a recently discovered ransomware called Mamba encrypts your entire hard drive. […]

Full Details

Crucial Elements of an Incident Response Plan

The news is crowded with reports from noteworthy companies of cyber-attacks.  Last year was the year of the data breach […]

Full Details

5 steps to a winning incident response team

People are the core of any incident response effort.  You must have the right people to provide the right response.  […]

Full Details

Pokemon Go ransomware virus is out to catch’em all

A Pokemon Go themed ransomware virus has appeared on Windows computers, tablets, and phones. The ransomware is the latest in […]

Full Details

Securing Hybrid IT the Right Way

The average company today is a hybrid collection of traditional on-premise and cloud-based IT solutions.  On-premise solutions may include identity […]

Full Details

Cybercriminals turn to DIY kits and Ransomware as a Service (RaaS)

Ransomware creators are monetizing their software in creative new ways. Not only are they using ransomware to encrypt files and […]

Full Details

Will Hacktivists Turn to Ransomware?

The US presidential election is upon us and some political activists are out in the streets, and in convention halls. […]

Full Details

Newest Ransomware has Polished, Professional Look

Criminals are raising the bar in the fight for your money.  It’s natural to expect that competition would follow success—and […]

Full Details

Adding Ransomware to Security Radars

Ransomware is the quickest way to turn your valuable data into garbage.  Ransomware is a form of malicious software that […]

Full Details

The human brain vs. computers in the identity challenge

The concept of identity is core to the protection of data.  Data and other computing resources exist to be used […]

Full Details

Top security initiatives for 2016

2016 is going to be a big year for security. News of data breaches and the major technological innovations of […]

Full Details

4 ways to avoid holiday phishing on Black Friday

This is the start of the season. No, I am not talking about the Christmas season or the shopping season. […]

Full Details

Which Security Career is Right for You?

Security is a growing field, and with its growth come many different career options. As you gain experience in different […]

Full Details

The missing leg – integrity in the CIA triad

Information security is often described using the CIA Triad. The CIA stands for Confidentiality, Integrity, and Availability and these are […]

Full Details

Security Career Networking Tips

Do you know why all the major online retailers offer a way for users to review products? It’s because people […]

Full Details

Protecting consumer data in the Internet of Things

The Internet community grows larger everyday as more and more devices are attached to it. These devices increasingly include not […]

Full Details

Windows 10 Privacy Concerns and Enhancements

Microsoft officially launched its successor to Windows 8.1, Windows 10, on July 29, 2015, and millions have already downloaded this […]

Full Details

A breach is found. Now whom do I tell?

In 2014, the Identity Theft Resource Center (ITRC) tracked 783 data breaches with 85,611,528 confirmed records exposed. This year appears even more […]

Full Details

Point/counterpoint: Breach response and information sharing

Some breaches require notification such as those involving patient data or customer information, but sharing is optional. Of course, notification […]

Full Details

What’s all the buzz about IoT?

A relatively new term has entered into our vocabulary; Internet of Things (IoT).  IoT refers to any device that is […]

Full Details

Investigating the negative SEO threat

I was talking to Mark Schaefer and he said that SEO content today is about insight rather than quality.  This […]

Full Details

Cybersecurity’s common cold

New and creative security threats may grab headlines, but smart security practitioners know that many attackers still rely on the […]

Full Details

Not caring or not wanting to care

Last week I was walking down the street with a friend and a guy and a girl yelled over to […]

Full Details

Future ready cloud security

In 5 to 10 years, the cloud will be as ubiquitous as the Internet is today. It is predicted that […]

Full Details

Is your culture interfering with data security?

With the ease and prevalence of global expansion, security leaders must understand how to implement security across a global organization […]

Full Details

Successful companies use security metrics

Successful security leaders demonstrate their effectiveness through metrics. Metrics are used more and more as security executives emulate the way […]

Full Details

Don’t be a victim. Be a protector

As vigorously as many organizations are working to prevent them, data breaches are becoming more of a common occurrence, and the consequences […]

Full Details

A positive outlook on security

It is easy to get down or even depressed with the focus on negatives in the news and in conversation.  […]

Full Details

The case for consistency in security

Security spending could be compared to the stock market. It increases and decreases depending on intangibles such as how “at-risk” […]

Full Details

The 5 W’s of data identification and inventory

I always figured that you would need to know what you have in order to protect it. However, I have […]

Full Details

How to Promote Cybersecurity without using Fear

We’ve seen quite a variety of online threats recently. A simple email containing a convincing subject line can compromise a […]

Full Details

Cloud security empowerment

The cloud has received a lot of negative press from security professionals and, I have to admit, we’ve come off […]

Full Details

Cybersecurity and the boy who cried wolf

It seems like security practitioners are still saying the same things they said ten years ago. Use complex passwords. Change […]

Full Details

Cybersecurity debriefs are core to continuous improvement

Do you conduct debriefing sessions after completing a cybersecurity project? Quite often, our minds are moving on to the next […]

Full Details

The five stages of cybersecurity maturity

As an organization becomes more conscious and engaged in protecting information, it progresses along a path of security maturity. I […]

Full Details

Cybersecurity Investigation, Prosecution, and Prevention

Join the Cleveland Metropolitan Bar Association Business, Banking & Corporate Counsel Section on Thursday, December 11, 2014, for a panel […]

Full Details

What to expect in 2015 in security and technology

As hard as it is to believe, 2014 is almost at a close. While some think about Holiday gatherings and […]

Full Details

Essential Computer Security at the Untangled Conference

I welcome you to join me on November 8 at Grace Baptist Church of Westlake for the Untangled Conference.  I […]

Full Details

Preventing Fraud from Top to Bottom | Information Security Summit 2014

An estimated 5% of annual corporate revenues are lost each year to fraud, represented in part by computer fraud. Protection […]

Full Details

Is staying safe online possible?

I was asked a question on Twitter today. The question was, “Is staying safe online possible?” This is a great […]

Full Details

The Largest Internet Security Breach in History

The largest internet security breach in history has just been discovered. Hold Security, a small cybersecurity firm, first reported the […]

Full Details

Information security leader to follow on Twitter

I was recently listed as the number 10 information security leader to follow on Twitter in Information Security Buzz’s 25 […]

Full Details

Data Security Breaches at Retailers

Security breaches and identity theft are becoming an increasing concern for consumers as hackers continue to target large retailers. Target, […]

Full Details

Latest Botnet Defense Techniques

A botnet or zombie army is a group of computers – with their owners unaware of it – that is […]

Full Details

Vanderburg preventing identity theft on Twitter

I want to thank Amber Newby for listing me as the number 11 person on Twitter aiding against identity theft.  […]

Full Details

Twas the Night before the Breach

Twas the night before the breach, when all through the place Not an alarm was ringing, nor even a trace […]

Full Details

Cyber Security and your Information

I appeared on the Sound of Ideas program on National Public Radio channel 90.3, WCPN on November 3.  In the […]

Full Details

Multifactor authentication via mobile app

I was talking with a client about multifactor authentication and they wanted a demo of what that looked like so […]

Full Details

JURINNOV Tweets Security

Vanderburg was recently listed as the number 10 information security leader to follow on Twitter in Information Security Buzz’s 25 […]

Full Details

Companies with Virtual CSOs get ahead without losing an arm and a leg

Security remains a complex discipline.  This ever-changing challenge grows in complexity daily as new threats emerge and compliance requirements increase.  […]

Full Details

Sharing is not always caring

There are so many ways to share on social media today and users, especially the younger generation, are sharing almost […]

Full Details

Recent indictments reveal debit card fraud techniques

On May 9, 2013, Federal prosecutors issued indictments against eight individuals for hacking and theft.  The case revealed the methods […]

Full Details

Ineffective Security Policy Adherence Results in Another Data Breach

The Florida Department of Juvenile Justice (DJJ) had a mobile device containing 100,000 youth and employee records stolen on January […]

Full Details

Malware behind university data breach

Salem State University in Massachusetts issued a data breach warning to faculty and students on March 11.  The warning informed […]

Full Details

Cyber Forensics: Collecting evidence for today’s data breaches

I will be presenting at the ISACA CPE & Social Event – Cyber Forensics & Cleveland Cavaliers vs. Miami Heat […]

Full Details

50,000 Medicaid providers’ data breached

On March 8, 2013, a contractor working for North Carolina’s Department of Health and Human Services (HHS) billing department stored […]

Full Details

Data breach threats of 2013

A recent study by Deloitte, titled Blurring the lines: 2013 TMT global security study, shows that 59% of Technology, Media, […]

Full Details

Why criminals care about health records

Some have emailed me asking why criminals would even care about Personal Health Information (PHI).  Sure, it’s private information but what […]

Full Details

Ignorance of the breach is no excuse

The EU Information Commissioner’s Office (ICO) has stated with its recent fine for Sony of £250,000 that lack of knowledge […]

Full Details

Presidential cybersecurity order on information sharing and cooperation

President Obama signed an executive order on February 12, 2013, that requires federal agencies to share information on cyber threats […]

Full Details

U.S. Department of Energy suffers data breach

Two weeks ago hackers took control of 14 servers and 20 workstations at the U.S. Department of Energy (DOE), obtaining […]

Full Details

HIPAA Omnibus increases data breach response requirements

The Department of Health and Human Services (HHS) released the HIPAA Omnibus rule on January 17, 2013, designed to give […]

Full Details

Canadian Hack Back

Back in November, I blogged about the hack back initiative here in the United States.  Well, similar debates are taking […]

Full Details

Dexter malware threatens data breaches on point of sale equipment

Security researchers have identified a new malware called Dexter that specifically targets Point of Sale (POS) systems such as cash […]

Full Details

Hospitals are the highest risk for data breaches

Recent research shows that hospitals are the highest risk for data breaches.  The third annual benchmark study on patient privacy […]

Full Details

Organizations are failing at early breach detection

A recent finding by Gartner titled “Using SIEM for Targeted Attack Detection” is that 85% of breaches go undetected.  Those […]

Full Details

Data breach notification: Are you meeting customer’s expectations?

Government regulation, including the well-known HIPAA and GLBA, are quite clear on the notification requirements for businesses suffering a data […]

Full Details

Hack back: The latest ethical consideration in cyberspace

Like paparazzi on celebrities, hackers pound on our organizational doors almost every second of the day.  It makes us want […]

Full Details

Using eDiscovery data mapping to prevent data breaches

Data breaches are occurring more frequently and companies are searching for a way to help prevent the breach by understanding […]

Full Details

Immunize your Business

At the upcoming Information Security Summit, I will be presenting on the topic, “Eradicate the Bots in the Belfry.”  Bots […]

Full Details

Concerning Data Breach News for Small Businesses

A recent survey of small business owners showed that while 77 percent believe that security is important for their company’s […]

Full Details

Cybersecurity plans and legislation

Last month, Senator John D. Rockefeller IV, Chairman of the U.S. Senate Committee on Commerce, Science and Transportation, sent the […]

Full Details

The Latest Cyber Attacks Against US Banks

Did you know that computers often become infected with virus-like programs called “bots” causing “denial of service” incidents on websites? […]

Full Details

Windows Password Reset

Many people have asked me how to reset their Windows password so I decided to write this blog about it.  […]

Full Details

Blind Security: A case of site intimidation

Every once in a while, a website will try to convince you to change your security settings.  I was looking […]

Full Details

The value of your vulnerabilities

A few months ago I discussed the sale of zero-day exploits. The Zero-day exploit trade is a new market; increasingly […]

Full Details

Independence Day

As we think of today, our Independence Day, consider also the information security and cyber security professionals who guard our […]

Full Details

Buying or Selling? An Investigation into Craigslist Scams

It seems no matter where you turn; someone is waiting to rip you off.   Our inboxes drown in spam and […]

Full Details
Data Classification

Achieving the Benefits of Data Classification on a Budget

Data classification is a term that is not usually associated with the small business.  It tends to invoke thoughts of […]

Full Details

No Place for Privacy

While many people think that a person’s social media posts, photos, and conversations are protected as private information, especially if […]

Full Details

Social Engineering and Social Media

Social engineering is the art of manipulating people into giving up confidential information. The types of information social engineers seek varies, […]

Full Details

Developing a Security Oriented Corporate Culture

  Managing the security of an organization can be quite confusing. It can seem like an uphill battle when basic […]

Full Details

Public Cloud Security Primer

Public clouds have been greatly promoted as an approach for organizations to reduce information technology (IT) costs and increase technology […]

Full Details

Monetizing vulnerabilities

The phrase “Knowledge is power” has never before become so clear and scary.  The knowledge that is kept secret can […]

Full Details

A Certified Lack of Confidence: The Threat of Rogue Certificate Authorities

For more than a decade, computer-generated digital certificates have made it possible to authenticate the identity of computer systems, data, […]

Full Details

Risk Homeostasis and its impact on risk reduction

Gerald Wilde had a theory called risk homeostasis.  This theory hypothesizes that people have a level of acceptable risk.  When […]

Full Details

Is Your TV a Security Risk? IoT May be the Next Threat

The latest televisions and Blu-Ray players come equipped with more than HD video and audio.  Internet access and a host of […]

Full Details

Effective Data Retention

Organizations are accumulating data at a pace that would cause a hoarder to blush.  Just like that old bicycle seat […]

Full Details

ISO 27000 Compliance

ISO 27000 is a set of security standards that organizations can implement to provide an industry-recognized minimum level of security.  […]

Full Details

Defending Against DDoS (Distributed Denial-of-Service)

The site is down!  These are haunting words for most businesses, and today’s topic: the DDoS (Distributed Denial-of-Service) attack. This […]

Full Details

Protecting against data breaches and security incidents with cyber insurance

Data breaches and security incidents are a significant risk for organizations and some are using cyber insurance to transfer the […]

Full Details

Data Breach Prevention Guide

Losing data can be tremendously devastating to a company. It could compromise security, information, and jobs. Today, we will look […]

Full Details

Paranoid, Skeptical, Cheater Wanted for Security Position: Compensation Commensurate with Experience

As you laugh at my title, anticipating several paragraphs of satire, think about what I’ve just said because I’m serious…to […]

Full Details

Security and Compliance Synergies with DLP, SIEM, and IAM

The use of SIEM, DLP, and IAM can significantly enhance the capabilities of information security departments. SIEM allows a company to […]

Full Details

Security Focus at the Corporate Board Level

Imagine a boardroom a generation ago.  Smoke fills the air, and sidebar discussions thrive while the board members wait for […]

Full Details

Six Phishing Tactics you Should Recognize

Scams exist.  That is a simple truth.  There are honest people, and then there are others who try to cheat.  […]

Full Details

RAT Hacking Evidence fresh from the source

Previously, we have discussed the dangers of hacking and measures to take against an attack in the LulzSec blogs.  Now […]

Full Details

iPad Enterprise Security

“Thinner. Lighter. Faster. Facetime. ” That is the catchphrase from the Apple page dedicated to the iPad. While Apple is […]

Full Details

LulzSec Hacking of Sony

Thank you for staying tuned into our third case study and final installment of our four-part series on the Lulz […]

Full Details

LulzSec Hacking of PBS

As promised, here is the first case study regarding the events surrounding the Lulzsec group. If you are reading that […]

Full Details

LulzSec Security Awareness Tipping Point

Bob set down the phone with a sigh. After six hours, five phone calls, countless emails, and two meetings, it […]

Full Details

The Social Networking Security Threat

Social Networking is a godsend and concern, a help and a hindrance, an amazing feat and a terrible nuisance. While […]

Full Details

Security Awareness Training Tips for Detecting Malicious Software

We have worked hard to educate users of the need for computer hygiene, using anti-spyware, multiple browsers, data backups, and […]

Full Details

Mitigating the Threat of Corporate Espionage

Corporate espionage is not just a plot for action movies; it is a real threat to small and large businesses.  […]

Full Details

Leveraging Vulnerability Scoring in Prioritizing Remediation

The average organization has numerous types of equipment from different vendors. Along with the equipment, businesses also utilize multiple software […]

Full Details

Achieving High Availability with Change Management

Change management is a key information security component of maintaining high availability systems. Change management involves requesting, approving, validating, and […]

Full Details

Guidelines for Username and Password Risk Management

Hackers often bypass some of the best security technologies by exploiting one of the oldest tricks in the book, your […]

Full Details

Physical Security for Data in Transit

Briefcase chained to his wrist, the officer cautiously looks for anything out of the ordinary as he makes his way […]

Full Details

Fail Secure – The Correct Way to Crash

Do you think there is a right way to crash?  A system crash sounds like a bad thing all around, […]

Full Details

Cisco Access Controls and Security

Many organizations use Cisco devices to interconnect, protect, filter, and manage networks so it is important to understand ways to […]

Full Details

Understanding Data Loss Prevention (DLP)

Data Loss Prevention (DLP) is one of those terms that is often mentioned but less often defined. The term can […]

Full Details

Critical security considerations for server virtualization

Virtualization is an excellent way to make better use of existing IT resources but utilizing them for multiple tasks.  It […]

Full Details
Pyramid Scheme

Pyramid Schemes: Building lies on hopes and dreams

There are many new threats on the Internet, but that doesn’t mean criminals don’t try the tried and true methods […]

Full Details

Despite the name, money mules are not good

Despite the name, money mules are not good.  Money mules are people who are duped into laundering money for criminal […]

Full Details
Computer Forensic MAC Times

MAC times in computer forensics

I was explaining some computer forensics topics to a customer the other day and I was asked what MAC times […]

Full Details

Virtualization for Competitive Advantage | Cleveland State University

I will be joining Pei-Ying Lin at Cleveland State University today to present on Virtualization for Competitive Advantage.  Virtualization can […]

Full Details

Gas Station Terrorists

The Patriot Act allows the government to classify unruly activity by passengers on airlines as acts of terrorism. Some individuals […]

Full Details

Security Spending and ROI

I read an article by Bruce Schneier called Security ROI in CSO magazine. Here is an excerpt from it: “Assume […]

Full Details

Kinetic Recall – Where did this knowledge come from?

Have you ever completely forgotten how to do something until you just started? As a cybersecurity professional, I find that […]

Full Details

Beware of the Irresistible Offer Phishing Scam

Phishing schemes abound, but many use some form of the irresistible offer.  In this type of phishing, this dream of […]

Full Details

Fraud Alert: Oscar’s Exotic Fish

Last month my fish tank sprung a leak. I have a 775-gallon bow-front aquarium so it made quite a mess. […]

Full Details

New Phishing Messages Target Churches

Phishing has finally gotten more interesting.  I am tired of the Nigerian phishing schemes that continually enter into my mailbox.  […]

Full Details

Should Cybersecurity be a Global Strategy?

Should cybersecurity be a global strategy?  This is an interesting question because cultures, environments, and regulatory environments differ around the world, […]

Full Details

Cybersecurity Benchmarking

Cybersecurity benchmarking is an excellent way to make improvements in cybersecurity practices.  Benchmarking is an activity that compares a business’s […]

Full Details

Bigger isn’t better in security: Flaws in the Great Firewall of China

As you likely know, China filters Internet traffic coming into their country.  There is some content that they do not […]

Full Details

Backtrack Cybersecurity Toolkit

I used to recommend Auditor for security testing through Linux.  Auditor was similar to Knoppix, the bootable “live” version of […]

Full Details

inaudible Ringtones – The security of sound

I came across an interesting article the other day.  It was on a new set of cell phone ringtones that […]

Full Details

Cryptography Study Guide

Bruce Schneier has created a block cypher cryptanalysis study guide that you can download for free from his web site. […]

Full Details

Antirootkit Rootkit

Rootkits, if you are not familiar with them, are programs that, when on a machine, place themselves in between the […]

Full Details

Spelling SPAM filter

Much of the SPAM I get uses misspelled words. This is probably so that the messages can pass through Bayesian […]

Full Details

Down with the SPAM King

Alan Ralsky, the “SPAM King” and one of the largest spammers in the world, was jailed by the Department of […]

Full Details

Server 2003 on a Pentium Pro

A while back I received a few old servers to use in my classroom.  The oldest one was a Pentium […]

Full Details
Computer Crime

Computer Crime

Today I presented on computer crime to my entire Associate Degree program.  I think I did a better job of […]

Full Details
Pen Testing

Penetration Testing: A proactive approach to secure computing

Kent State University is hosting me today to talk about penetration testing and what it can do for your company […]

Full Details

Techniques for Motivating Secure Behaviors

The problem of motivating employees to do the right thing in security is an increasingly hard one.  Many companies have […]

Full Details

Driving Forces of Cybersecurity Management

Driving forces are the elements in an industry that cause major changes in an industry’s structure and competitive environment.  Driving […]

Full Details

Japan a Leader in Robotics Development

According to the Japanese patent office, the number of applications worldwide for robot technologies between 1990 and 1999 by Japanese […]

Full Details
Patch Management

Vulnerabilities and Patches

Late in the summer, Microsoft released the second service pack for Windows XP. This service pack primarily included security fixes. […]

Full Details
Copyright Protection

Copyright Protection and Infringement Technologies ebook

Copyrights exist to protect creative works. This protection is given so that authors of these works can continue to create […]

Full Details
FTP

FTP server configuration in Windows 2000 and Windows XP

File Transfer Protocol (FTP) is an easy way to share files.  For those of you with Windows 2000 or Windows […]

Full Details

Essential Features of a Virtual Operating Systems (VOS)

A Virtual Operating System (VOS) is a multiprocessing operating system designed for critical online computing. VOS combines power, flexibility, and […]

Full Details

Is Carnivore getting to the meat of the problem or gorging itself on information?

An editorial in eWeek covered the congressional hearings regarding a new tool developed by the FBI called the “Carnivore surveillance […]

Full Details

Information Security Motivation

Information security seems like more of a human problem than a technological one.  Certainly, we spend a lot of time […]

Full Details

The Mp3 Controversy

What used to be just an audio compression format has become the heart of an enormous controversy. The Mp3 format […]

Full Details