The Heart Of The Matter

Ever experience one of those moments when your heart races? Maybe it was your first kiss or the first time you saw a Porsche 911. Sometimes it’s hard to pinpoint the exact reason your heart is racing. (more…)

From Russia, With Love

Just when you thought it was safe to go back into the voting booth, suspicions emerge anew that Russian hackers are watching from the other side of the screen. (more…)

Beethoven’s Cybersecurity Symphony

The Fifth Symphony is one of Beethoven’s most broadly popular works, with its trademark beginning of attention grabbing followed by a series of foreboding elements that remind us that chaos and (more…)

A Remote Chance For Re-Election

This is not a piece about candidates, or even the 2016 elections or the results thereof. This is not even about politics. (more…)

Hacking The Airport

It’s Thursday afternoon, and the weather is wreaking havoc across the Northeast and Midwest. But you’ve got to get to Cincinnati to take a key client to dinner, to pitch a deal that will make your year and set you on the course to fiscal independence and occupational fame. (more…)

Droning On About Cybersecurity

A couple of months ago, a USAF truck traveling between missile silos in Wyoming dropped a box of explosives along the way. Not sure those were ever recovered. (more…)

Hacking The Weight Off

Most of us could stand to lose a few pounds, and that reality has fueled an entire industry around the latest exercise and fitness gadgets, from watches to fitbands and everything in between. Back in the day, it was heart monitors, but now the world is counting every step and using GPS to track every movement, inspiring friendly competition by data sharing between friends and across platforms. (more…)

How Tweet It Is

Twitter was once a quirky little social media platform that challenged folks to express complete thoughts in 140 characters or less. Maybe you’ve heard of it? It seems to have been deployed as a weapon of misinformation across our political processes, though no social media platform (or user, for that matter) is without some responsibility. (more…)

Hacking Provokes New Perspective

The power we wield in a digital world can sometimes make us feel bulletproof, like our organizations can conquer the world. To some extent this is true. We do more in less time, enjoy global connectivity, and open the world to new information and transformation. And then we get hacked and it all begins to look suspicious. In the IT world, maybe it’s just a cost of doing business, a plumbing issue that has to be resolved or a cleanup on aisle nine. (more…)

The Snarky Fitband

There have been reports of IoT-connected thermostats offering judgmental comments to their owners returning home to the nest a little later than usual. “Home kinda late, don’t you think,” one display read, and “Where do you think you’ve been,” read another. AI should improve the syntax over time, but the comments struck a chord nonetheless. (more…)

Hey Alexa, How Do You Spell Sabotage?

Ever have one of those mind-melding journeys through time and space when it feels like someone is reading your mind, where your every thought manifests itself in unpredictable ways? You have if you use a smartphone, and especially if you engage social media on that smartphone. And it’s not really unpredictable. It’s commercial. (more…)

Exposure Of Digital DNA

The latest revelation about consumer-level DNA mapping — the kind advertised on television that track your origin back to exotic and unexpected continents — is the evolution of a database that exposes both the unsuspecting and the suspicious. Adopted children are reacquainted with birth parents seven decades removed and introduced to sisters that look just like them. (more…)

Light The Candles Of Cybersecurity

As we approach our national birthday, now 242 years in the making, let’s look at the trends and expectations settling out there on the horizon. Threats are up, breaches are increasing in size and scope, ransomware is hitting public and private organizations, and researchers struggle to keep pace with the clever people with bad intentions. Before we eat the cake, we ought to light the way to a more secure future.
(more…)

All That Glitters Is Not Gold Lowell

The City of Atlanta was recently the victim of a ransomware attack. As reported by Wired and others, Atlanta paid over $2.7 million dollars in consulting and legal fees to settle a $52,000 ransom. The malware used was of the SamSam strain, and experts at SecureWorks, the response firm working with the City, (more…)

A Bite Of The Apple

One of Apple’s many selling points, beyond the cool factor and lifestyle connectivity, is the relative security of Apple products, partly because of architecture and partly because their market share of end users remains relatively low. More people, it seems, prefer other hardware and operating systems. The only outlier may be the iPhone, so let’s assume that to be the case — and forgo all the market data that might support it — for the sake of this discussion. (more…)

The Subtle Irony Of Cybersecurity

You are the master of the manor, the king of the castle, and you will deploy the greatest weapons in your vast arsenal to protect your business, your people, and your customers. Back in the day, your would wrap your soldiers in chain mail and the heaviest of protective layers, and you would call it armor. In today’s world of threats and attacks, the armor isn’t always effective.
(more…)

Is It That Time Again Already?

Graduations, weddings, and beach trips. These mark the transition from spring to summer. And, if you live along the Gulf Coast, hurricanes. Before the June page is even visible on our calendars, meteorological disturbances lurk in the increasingly warm waters of the Gulf of Mexico. (more…)

Not As Fast As You Might Think

In a recent Security Week article, Justin Fier holds forth on a topic that is at once both incredible and credible. The topic is data exfiltration, and the perspective the article casts makes it a worthy read. Most consumers and laypeople in the commercial streams of the Internet think data breaches occur with great haste, (more…)

Proven Exploits, Variable Payloads

Markets influence the choices hackers make in designing exploits and payloads. Ransomware is all the rage until cryptocurrencies rocket up the value chart. As those values recede, ransomware returns to the sexy side of the dark business. Newsweek makes the argument, in a recent story, that ransomware attacks draw more media attention. Maybe that’s because the mining of cryptocurrency is a tougher story to explain. (more…)

Fridge With A Mind Of Its Own

Well not exactly. Let’s just say the refrigerator may not always be focused on keeping your lettuce crisp.

In a recent Express post, Harvey Gavin reports that hackers could seize control of your Samsung refrigerator and use it to mine bitcoin. And it’s not just the fridge. (more…)

The Real Deal

In a recent television interview, FBI Director Chris Wray reflected on Russian hacking into the American power grid and other vital infrastructure. The breach occurred in early March, and Wray didn’t mince words, calling the invasion “the real deal.” First the elections and now the grid? Wait. (more…)

Monetizing Uncle Larry’s Politics

Facebook, and social media in general, opened the floodgates of torrential conversation. As has been said of the technology, “The good news is, everybody has a voice. The bad news is everybody has a voice.” For many, Facebook has been slipping into a realm of political rants separated only by friend requests from high school sweethearts and pop-up ads. (more…)

The Dark Side Of Breach Victims

As a part of reconciling interests following a highly publicized breach, victim organizations often apologize with an offer to induce customers to remain or return to the fold. Retailers may reduce prices or offer subscription memberships, while banks may offer credit reporting or monitoring for a year or enhanced rates on accounts. (more…)

Stuxnet: The Gift That Keeps On Giving

Remember that time when the Iranian nuclear program was flummoxed by the speeding up or slowing down of their centrifuges? Though the actors have never been formally identified, the special sauce to that enterprise was Stuxnet, and the secret ingredient of that sauce was counterfeit cryptographic certificates from known companies that greased the skids for the malware. Ars Technica is reporting that the secret ingredients are now commonly available for all of your over-the-counter malware needs, if you know who to call. (more…)

This Is Only A Test

Imagine a scenario in which one of your employees — Madge in accounting, or Skip in sales, for instance — selects an incorrect option from a drop-down menu and opens your network and data to the world. Working with that set of menu options is part of his daily routine, but for some reason the mouse clicks on the “organizational armageddon” option instead of the “test network security” option. (more…)

Got Your Head In The Clouds?

A recent cloud security report, as you might expect, had some good news and some bad. Somewhere in the middle is the news that’s just that: news. The cases you hear the most about, like the ransomware attacks, make up only about 2% of the overall picture, while web applications represent about 75% of the vulnerability. As for cloud storage and cloud services, the report found that public clouds are more than 50% safer than private or onsite storage. A recent article by Security Intelligence summed it up nicely, and we commend that to your reading list. That’s good to know, especially if you are scaling up or outgrowing your current storage arrangement. But it’s not a perfect system. (more…)

The Most Interesting IT Guy In The World

You’ve seen him at conferences, sporting an ascot and a pocket protector and making it look good. He works the vendor pit like he owns the place, collecting cards and envy from everyone he meets, and connecting demand with supply in subtle but glamorous ways. He walks into a seminar like he was walking onto a yacht, his credentials strung unassumingly around his neck like a lift ticket from Davos. The panel surrenders a seat at the table and he holds forth on contemporaneous cyber issues. He is undoubtedly the most interesting IT guy in the world. (more…)

The Cure For What Ails You

History is rife with examples of enterprising salesmen rushing into lucrative markets to fill a void, real or perceived. Contractors and roofers who work the hurricane and tornado circuits, lawyers pitching the massive settlements they’ve secured for their clients, and even gameshow hosts selling reverse mortgages and arthritis balms. Like the Wizard in Oz, when you pull the curtain back, it’s a simple snake oil salesman with a good story. And the cybersecurity world has been a growth industry for those who overpromise but underdeliver. (more…)

And They Said Print Was Dead

You are the King of IT, the ruler of all things digital, and your organization offers you unconditional love and admiration for the many hours you put in. You monitor the network, manage passwords, fortify firewalls, educate the staff, and even help their Cousin Joey find an internship with a small security startup. You are the man and the woman. They sing your praises from the rooftop, and even wrote a song in your honor. (more…)

A Cross To Bare

Ever been on a cross-town bus? Ever sit criss-cross applesauce? Ever sing along to Christopher Cross as he went sailing? Ever cross a line in the sand, or a red line, or just a line you shouldn’t cross? Ever been to a CrossFit gym, where the patrons flip tractor tires and climb ropes to the sky for the fun of it? (more…)

Retailers And Fraud

It’s the classic plot detail from movies and television shows since the 1980s. A credit card is offered to the waitress or clerk and it is refused by the credit card company. The inverse scenario is now playing out, where credit card companies send a text or email to alert you to a suspicious transaction, asking you to respond and authorize the transaction. (more…)

A Complete Meltdown Would Be Quite A Spectre

Please pardon the spelling above, in what is an unapologetic play for SEO. If you haven’t heard about Meltdown or Spectre yet, you will. They are tragic flaws embedded in microchips that have powered most computers and devices for way too long. (more…)

Crash Test Hacking For Dummies

What if you could work really hard and reinvent the internal structure of your organization every two or three days? Okay, that seems unlikely or, at the very least, exhausting. But what if you could establish a system or protocol in your network and data infrastructure that reinvented itself in rapid and (more…)

Cyber Night At The Oscars

It’s been a big movie season, despite the ever-changing role of movie theaters, those large boxes of booming sound and melted butter. With awards season fully underway, it’s time to celebrate the cybersecurity variations of the famous movies and actors, the ones where costume directors get an award for best-placed pocket protector or best use of horn-rimmed eyeglasses in a romantic setting by an actor with an IQ above 125. You know the ones. (more…)

The Plot Thickens

If you got hacked, would it make you feel better or worse if the hacker left his fingerprints at the scene? What if you were a national political party? As it turns out, there is speculation that the hacker who breached the DNC — on behalf of Putin, he contends — left his passport and visa number buried in a file embedded in the code, so that he could later prove he did it and why.

(more…)

We’re With The Government, And We’re Here To Help

In mid-December, Jeanette Manfra, a top cyber official within the Department of Homeland Security, indicated that DHS would “move beyond” offering voluntary assistance to companies experiencing cyber attacks and take steps to become the “world leader in cyber risk assessment.” This is no doubt comforting to many who view government’s role as unique on the cyber landscape, but it seems unclear how such a progression of services might be extended to a broad expanse of companies when existing agencies are seeing their budgets slashed and their staffs decimated. (more…)

Reservation For A Nigerian Prince

Ever gotten one of those emails that lets you know your account has been hacked? Maybe it was your email account, and all of your contacts received a quirky email from you unawares, touting the benefits of a particular enhancement drug or the prospects of a Nigerian fortune. Those are pretty common. But how about something a little less ordinary. (more…)

Today’s Data Brought To You By…

Net Neutrality has been a big topic of late, and that is unlikely to change in the near term. There are probably good arguments on all sides of the debate, but no matter where your opinion shakes out on the spectrum, your business is likely to be affected in some way. (more…)

Santa Claus, Cyber Savant

‘Tis the night before Christmas. You’ve hung the stockings with care and set out the cookies and carrots. Your organization’s year-end results suggest that you’ve been good, but you better not cry, better not pout, and here’s why: you’re hoping for even more growth in 2018 and Santa’s coming to town. (more…)

When the CEO is also the CIO

We’ve dedicated some recent blog real estate to the threats faced by CEOs of big companies and directors of IT departments within larger companies. These threats abound, and ICS works with companies within those spaces to protect networks and data. But sometimes the boardroom table is also the kitchen table. (more…)

Not Enough Caffeine

You finally snag the quiet corner at the coffee shop, you local retreat when you really need to get work done. Something about the ambient noise and the fact that nobody around you works with, near, or for you. Just a collection of pilgrims on the road to revenue, beneficiaries of the gig economy hopped up on espresso and pumpkin spice. Take the guy next to you, the one sporting skinny jeans over Chucky T’s and a faux flannel shirt beneath an emerging beardlet. He’s got the right glasses, an open Moleskine notebook in front of him, and just the right number of stickers on the opened lid of his MacBook Pro. Probably working on a social capital start-up, right? (more…)

Cat Stevens: Cybersecurity Hero

Though he now performs under a different name, Cat Stevens once had his finger on the hippy, singer-songwriter pulse in America. Naturally, this made him something of a cyber savant as well. Naturally. It was his early encouragement of software and firmware updates and the direct correlation between those and network security. And he worked all of this early magic into his lyrics. Specifically one line, which suggested that, “The patches make the goodbyes harder still.” Many assumed he was only referring to the blue jeans of our passing youth, faded blue into the sky. But give that joint a rest and read between the lines.

(more…)

The Future of Cyber- Part Two

During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has some interesting perspectives on the nature of cyber threats going forward. The concept of deterrence, for example is complicated, at least on a national or global scale. “Deterrence requires attribution supported by evidence, further supported by classified information and practices,” Zheng suggests, and governments know that for every action there is a reaction, often deploying the same technology. So global resolution of cyber threat potential seems problematic.

(more…)

No Such Thing As A Free Lunch

As remarkable as adware can be, both from the marketing side and the consumer side, the fact that banner ads and other promotions stem directly from your search habits is really the least of your worries. Imagine if the ads began to deploy code that controlled your computer, changed your default browser, and tracked your search habits for a Chinese marketing firm? (more…)

Introverted Social Media

Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)

Is That Toaster Listening To Us?

In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)

Who’s Watching The Watchers?

It’s been a strange month or two in the world, and that’s not simply a political statement. There is a very real sense that somebody’s watching, all of us, all the time, and that we should take that for granted. Increasingly, it seems, that voyeurism extends beyond our digital footprint and into our everyday physical spaces. While novelists and science fiction authors have been seizing on the approach of these days for decades, the Luddites are always the last to know. But, you might ask, who is watching the watchers? Apparently, that would be Wikileaks. (more…)

A Thousand-Year Flood

hurricaneColumbia, SC is a sleepy little town by most accounts, except when the Gamecocks win at home. The state capitol of South Carolina, Columbia has a vibrant business community and service-sector economy. Until about a week ago, it’s distance from the ocean insulated it from the seasonal hurricane fray. But that was last week. (more…)

I’m probably already in your network, and you don’t even know it

networkaccessCan I get in your network? You betcha I can. As a matter of fact, there’s a good chance I’m already there. Now, here’s the really fun part: you let me in. (more…)

ISO 9001 2015Technology Industry InnovatorsVeteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor