By Shannon Perry One of the simplest steps to bolstering cybersecurity is employing caution and complexity vis-à-vis passwords. Good passwords cannot be found in the dictionary; good passwords do not consist of only letters or only numbers; good passwords do not get shared with friends and family. ...
By George Romas Why does security have to be so onerous? Is this password secure enough: Mxyzptlk? Wait, that might be vulnerable to a comic book dictionary attack (bonus points for Superman fans), so let’s add some numbers and special characters: M4xyZ!ptL#K. Not bad, but suppose policy requires ...
By Albert Fruz Organizations are giving more priority to development of information security policies, as protecting their assets is one of the prominent things that needs to be considered. Lack of clarity in InfoSec policies can lead to catastrophic damages which cannot be recovered. So an organiza...
By Bob Gourley Editor’s note: I’ve referenced before my participation on the board of Centripetal Networks, and their ability to deliver large scale commercial solutions of MITRE’s IBIP are an area I am particularly proud of. – bg Over the last several years The MITRE Corporation has pub...
By Bob Gourley Widely known security practitioner Dave Schackleford is presenting a webinar on Thursday 15 may at 2pm Eastern that should be of high interest to any enterprise technologist seeking to understand the dynamics of the modern data breach. The following is from the invitation: You’re a ...
By Bob Gourley We have previously written about Hexis Cyber Solutions (see evaluation here). With this post we provide more context on the approach taken in the Hexis HawkEye-G solution. The simple way to think of the HawkEye-G approach is: Detect Engage Remove Detect: When malware makes is i...
By Bob Gourley At this link and embedded below is a video from Samsung which captures the new features of Samsung’s well engineered approach to enhancing mobile security. Look for my cameo appearance at 11:55 where say something I believe, but which must be totally obvious to you good readers. Th...
With this post we initiate coverage of CSG Invotas. CSG Invotas is a new division of CSG International which focuses on providing security automation and orchestration solutions to both public and private sector clients. Developed after years of working to automate security solutions for the federal...