5 Threat Management Challenges and Opportunities

As we look back on a succession of headlines about data breaches and security lapses at some of the world’s […]

Full Details

Doing Business in a Data-Driven World

The modern company thrives on data, yet some are also drowning in it.  The data that we find so precious […]

Full Details

Legal and Ethical Obligations in Cybersecurity

I recently presented at the Duke Law EDRM on Cybersecurity and Law Firm Understanding Legal and Ethical Obligations.  Some questions […]

Full Details

Data Protection Challenges in Preserving Company Value

Data is the building block of the modern business. It is essential for daily operations and ongoing commercial operations, but more […]

Full Details

The Framework for the Future: Cybersecurity and Automation in 2030

It is healthy to take a step back from the technological changes of today to strategize on how the technology […]

Full Details

The State of Cybercrime

Companies experienced a deluge of cyberattacks in 2017 and the first part of 2018 has proven no different.  In 2016, […]

Full Details

Effective Ransomware Prevention and Response

Our companies and data are under an increasing assault from ransomware.  Its scale and scope have only grown as profits […]

Full Details

Mobile Cybersecurity Tips for the Holidays

Katie Niemi and Eric Vanderburg While being diligent with your online shopping is important and necessary, there are a few […]

Full Details

The lonely castle: Insights into the evolution of cybersecurity defense

This technological era is one that changes rapidly and so do defense strategies.  In the ancient world, combat strategies might […]

Full Details

Reducing Wildfires with IoT, ML, and Drones

The wildfire that ripped through California in early October caused tremendous damage and the loss of over 30 lives.  So […]

Full Details
Linux Ransomware

Ransomware threatens Linux servers, especially web servers

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and […]

Full Details

The Journey to Cybersecurity Success: Interview with Xerox CISO, Alissa Johnson

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  […]

Full Details
Privacy is not dead

Privacy is not dead

An acquaintance from a younger generation said to me one day, “Don’t you know that privacy is dead?” I was […]

Full Details

Karmen ransomware makes it easy to launch attacks

A new ransomware do-it-yourself kit called Karmen is making it easy for wannabe cybercriminals to launch ransomware attacks. Security researchers […]

Full Details

Important considerations for your business and GDPR

The General Data Protection Regulation (GDPR) is the latest in a host of rules designed to protect privacy.  It is […]

Full Details

Smart printers require smart security

For decades, the printer has been the intermediary between the digital and physical worlds.  Through it, our creations become tangible […]

Full Details

Ransomware extortionists not as trustworthy as they’d have you believe

There are a variety of different ransomware variants that encrypt your data with no intention of ever decrypting it. There […]

Full Details

Cybersecurity career landscape and industry trends

I recently did an interview with Karen Marcus for Careers in Cybersecurity on education, career development, and cybersecurity career success.  […]

Full Details

Spora ransomware could become a major player

Spora is a relatively new ransomware, but there are signs which indicate that it could become a major player in […]

Full Details

How to create a BYOD policy that keeps your business data secure

Bring your own device (BYOD) policies are commonplace in many organizations today. Employees bring in their personal cell phones, laptops, […]

Full Details

The top 10 ransomware attack vectors

Ransomware is infecting the computers of unsuspecting victims at an astronomical rate. The various methods that cybercriminals use to take […]

Full Details

Safeguarding against the insider threat

The insider is still one of the most vulnerable elements of cybersecurity.  Insiders are those who are authorized to work […]

Full Details

How ransomware extortionists hide their tracks

Cybercriminals extorted about one billion dollars from ransomware victims last year, according to the FBI. And nearly all of those […]

Full Details

Resume Ransomware: GoldenEye targets hiring managers, recruiters and HR

People charged with filling career positions at their companies need to be on the lookout for ransomware, especially GoldenEye ransomware. […]

Full Details

PopcornTime offers victims a choice: Pay the ransom or infect your friends

PopcornTime is a newly-discovered form or ransomware that is still in the development stages but operates off a disturbing principle: […]

Full Details

Ransomware distributor gets hacked: A look behind the curtain

Two email accounts of a ransomware distributor were recently compromised. The analysis of these accounts gives an interesting “behind the […]

Full Details

Protecting against APTs with Machine learning

Machine learning is a science that uses existing data on a subject to train a computer how to identify related […]

Full Details

Cloud 2.0 – Built on security refinements from cloud technologies

In the world of technology, paradigms shift quickly.  Not long ago, we focused organizational security efforts on the perimeter of […]

Full Details

Breaking Free: A list of ransomware decryption tools and keys

Security software companies and research organizations are collaborating to break the encryption codes of ransomware variants and free those who […]

Full Details

Warning: Some ransomware attacks are just a diversion

Ransomware computer viruses are becoming more sophisticated—and so are the attacks that make use of ransomware. In some cases, ransomware […]

Full Details

Ransomware Incident Response: 7 steps to success

Ransomware infections are becoming increasingly commonplace, and companies that put a plan together before an incident are much more effective […]

Full Details

Mamba ransomware takes a bigger bite out of your data

As if encrypting your individual files was not enough, a recently discovered ransomware called Mamba encrypts your entire hard drive. […]

Full Details

Crucial Elements of an Incident Response Plan

The news is crowded with reports from noteworthy companies of cyber-attacks.  Last year was the year of the data breach […]

Full Details

5 steps to a winning incident response team

People are the core of any incident response effort.  You must have the right people to provide the right response.  […]

Full Details

Pokemon Go ransomware virus is out to catch’em all

A Pokemon Go themed ransomware virus has appeared on Windows computers, tablets, and phones. The ransomware is the latest in […]

Full Details

Securing Hybrid IT the Right Way

The average company today is a hybrid collection of traditional on-premise and cloud-based IT solutions.  On-premise solutions may include identity […]

Full Details

Will Hacktivists Turn to Ransomware?

The US presidential election is upon us and some political activists are out in the streets, and in convention halls. […]

Full Details

Adding Ransomware to Security Radars

Ransomware is the quickest way to turn your valuable data into garbage.  Ransomware is a form of malicious software that […]

Full Details

The human brain vs. computers in the identity challenge

The concept of identity is core to the protection of data.  Data and other computing resources exist to be used […]

Full Details

Top security initiatives for 2016

2016 is going to be a big year for security. News of data breaches and the major technological innovations of […]

Full Details

Cloudsizing: Finding the right fit for your cloud

The maturation of the cloud is fascinating as it continues to adapt, providing more opportunities for companies and consumers to […]

Full Details

Protecting consumer data in the Internet of Things

The Internet community grows larger everyday as more and more devices are attached to it. These devices increasingly include not […]

Full Details

Windows 10 Privacy Concerns and Enhancements

Microsoft officially launched its successor to Windows 8.1, Windows 10, on July 29, 2015, and millions have already downloaded this […]

Full Details

A breach is found. Now whom do I tell?

In 2014, the Identity Theft Resource Center (ITRC) tracked 783 data breaches with 85,611,528 confirmed records exposed. This year appears even more […]

Full Details

Point/counterpoint: Breach response and information sharing

Some breaches require notification such as those involving patient data or customer information, but sharing is optional. Of course, notification […]

Full Details

Investigating the negative SEO threat

I was talking to Mark Schaefer and he said that SEO content today is about insight rather than quality.  This […]

Full Details

Cybersecurity’s common cold

New and creative security threats may grab headlines, but smart security practitioners know that many attackers still rely on the […]

Full Details

Is your culture interfering with data security?

With the ease and prevalence of global expansion, security leaders must understand how to implement security across a global organization […]

Full Details

The 5 W’s of data identification and inventory

I always figured that you would need to know what you have in order to protect it. However, I have […]

Full Details

How to Promote Cybersecurity without using Fear

We’ve seen quite a variety of online threats recently. A simple email containing a convincing subject line can compromise a […]

Full Details

Cloud security empowerment

The cloud has received a lot of negative press from security professionals and, I have to admit, we’ve come off […]

Full Details

Cybersecurity and the boy who cried wolf

It seems like security practitioners are still saying the same things they said ten years ago. Use complex passwords. Change […]

Full Details

Cybersecurity debriefs are core to continuous improvement

Do you conduct debriefing sessions after completing a cybersecurity project? Quite often, our minds are moving on to the next […]

Full Details

The five stages of cybersecurity maturity

As an organization becomes more conscious and engaged in protecting information, it progresses along a path of security maturity. I […]

Full Details

Cybersecurity Investigation, Prosecution, and Prevention

Join the Cleveland Metropolitan Bar Association Business, Banking & Corporate Counsel Section on Thursday, December 11, 2014, for a panel […]

Full Details

Is staying safe online possible?

I was asked a question on Twitter today. The question was, “Is staying safe online possible?” This is a great […]

Full Details

Latest Botnet Defense Techniques

A botnet or zombie army is a group of computers – with their owners unaware of it – that is […]

Full Details

Cyber Security and your Information

I appeared on the Sound of Ideas program on National Public Radio channel 90.3, WCPN on November 3.  In the […]

Full Details

Multifactor authentication via mobile app

I was talking with a client about multifactor authentication and they wanted a demo of what that looked like so […]

Full Details

Presidential cybersecurity order on information sharing and cooperation

President Obama signed an executive order on February 12, 2013, that requires federal agencies to share information on cyber threats […]

Full Details

The Essential Link between Awareness and Security Policies

Information security policies and security awareness go hand in hand. Frankly, a policy is worthless if it sits on someone’s desk. […]

Full Details

Are cybersecurity policies valuable or just stacks of paper?

Security policies and security awareness go hand in hand.  Frankly, a policy is worthless if it sits in someone’s desk.  […]

Full Details

New Phishing Messages Target Churches

Phishing has finally gotten more interesting.  I am tired of the Nigerian phishing schemes that continually enter into my mailbox.  […]

Full Details

The Motivation Mix: Different Strategies for Fostering Positive Security

For cybersecurity teams to achieve their goal of securing information and systems, they must motivate their staff.  Motivation is what […]

Full Details

Driving Forces of Cybersecurity Management

Driving forces are the elements in an industry that cause major changes in an industry’s structure and competitive environment.  Driving […]

Full Details