Everybody’s Home, But Nobody’s Knocking

As we roll into the holiday season, with Black Friday behind us and stockings soon to be hung from the chimney with care, all eyes are on retail. Santa works hard year-round, but the elves make most of their big-money between Thanksgiving and New Year’s. Customers are hard won, and marketing dollars are stretched as far as they will go.

Even if you are not in the retail business, your organization only grows if you are able to attract and retain the customers. To keep customers, you have to earn their trust with each and every transaction, each and everyday. Once the trust is been violated, the road may no longer rise up to meet you. Just ask the friendly folks at Equifax.

In reporting their recent earnings and projecting for the next quarter, Equifax indicated that the economic impact of the recent breach may exceed $75 million. Among the more difficult tasks will be earning the trust of their customers. They also gave no indication that this will be the end of the revenue drain posed by the breach. The interim CEO described the process as a “Journey.” Have you got the right tools?

A Map And A Compass

Maybe your organization is bigger than a quick fax. Maybe it’s not. And maybe insurance would cover some of your exposure. Then again maybe not. This is just the tip of the iceberg of the questions you should be asking.

That’s the great thing about ICS. Not only do we have the right answers, we have the right questions. Why don’t you call today? See what I just did there?

No File Left Behind

When you’re hiking the Appalachian Trail, it’s important to leave no trace. LNT has become a maxim of sorts among those who engage the outdoors, but over the last several months, the implications for cybersecurity have emerged. Or not. Maybe they haven’t emerged, and that’s the problem. (more…)

What Happened?

Remember the presidential election of 2016? With new books out and some cable talk shows unable to let it go, chances are pretty good you do. And you probably remember the little hack at the heart of much of the controversy, so let’s focus on that, without placing blame or extrapolating any political fodder in the process. Just the facts and what they mean for your cybersecurity posture. (more…)

When the CEO is also the CIO

We’ve dedicated some recent blog real estate to the threats faced by CEOs of big companies and directors of IT departments within larger companies. These threats abound, and ICS works with companies within those spaces to protect networks and data. But sometimes the boardroom table is also the kitchen table. (more…)

From Oslo With Love

Let’s say you’re in the widget business. You studied widgets in college, made Lego widgets as a child, even named your dog Widget. If there’s anything you know a thing or two about, it’s widgets. And you’ve built a great business building widgets. Those in the know call you the Widget King. You’ve put three kids through college on widgets and even bought yourself a little widget bungalow on a coastal island somewhere. You are the man, or the woman! (more…)

Not Enough Caffeine

You finally snag the quiet corner at the coffee shop, you local retreat when you really need to get work done. Something about the ambient noise and the fact that nobody around you works with, near, or for you. Just a collection of pilgrims on the road to revenue, beneficiaries of the gig economy hopped up on espresso and pumpkin spice. Take the guy next to you, the one sporting skinny jeans over Chucky T’s and a faux flannel shirt beneath an emerging beardlet. He’s got the right glasses, an open Moleskine notebook in front of him, and just the right number of stickers on the opened lid of his MacBook Pro. Probably working on a social capital start-up, right? (more…)

Nobel Prizes And Cybersecurity

What can well-intentioned Swedes tell us about improving global cybersecurity? Quite a bit, probably, but specifically we should consider the recent award of the Nobel Prize in Economics to Richard Thaler, a professor at The University of Chicago. Thaler’s work in human behavior led to a bestseller titled “Nudge,” a book about helping people make better decisions. Among his findings was the reality that people didn’t voluntarily enroll in 401Ks until their employers made those decisions for them, essentially nudging the employees to be more proactive about the financial health. Once the companies made enrollment essentially mandatory, employees understood the benefit. (more…)

Dirty Deeds Done Dirt Cheap

There are two types of electrical power. The first is AC, or alternating current. It’s what comes out of the plug in the wall. The second is DC, which is stored and distributed by batteries. The combination of the two would be, well, shocking, and it might even generate classic hits like “Back in Black” and “Hell’s Bells.” But those are not the relevant stories about ACDC these days. (more…)

The Connector

It’s called the connector. The section of highway where I-75 and I-85 join together to pass through the booming metropolis of Atlanta. It is almost always congested, and it carries a lot of information, not unlike the building that used to rise above the north end of the massive swath of concrete. That’s where the Equifax building used to be, and might still be. (more…)

The Safari of Cybersecurity


Sitting on a shady porch overlooking the river and savanna of Samburo in Northern Kenya. To the left, several elephants lounge in the water. To the right, baboons gather along the riverbank and the safety of the trees beyond. In the middle, just across the river from the shady porch, a leopard stretches lazily to shake off a midday nap and surveys the evening’s offerings at what might be considered his food court. Dissatisfied with the current menu, the leopard retires to the shade of the saltbush and acacia tree to give the chefs at the circle of life cafe a chance to prepare a fresh offering.
(more…)

Cousin Eddie And Hurricane Names

Clark Griswald’s cousin meant well, but every time he pulled the RV into the driveway, chaos ensued. All Clark seemed to get out of the visits was a pair of white patent leather loafers. Ain’t family grand, especially when you’re on vacation.

(more…)

Justice

Politico and others report that the Department of Justice has indicted a Chinese national accused of selling malware to hack a number of American and European companies. The general sense is that Yu Pingan and friends conspired to create the Sakula malware used effectively in the OPM breach and others. (more…)

The Semantics Of Passwords

One of the hallmarks of successful cybersecurity is an organization’s ability to protect its assets while making them fully available to staff. The right people accessing the right data and moving the human ball forward. That’s the stuff dreams are made of. A key ingredient to that stuff is a mechanism that encourages and requires robust passwords at the consumer level. Not the general consumer, of course, but the staff who consumes your data in order to help your business thrive.

(more…)

Beyond The Political

Politics is one of those topics best avoided among polite company, and this post in no way espouses particular views or partisan sentiments. It is difficult to talk about federal efforts to enhance cybersecurity without drawing attention to national politics, but that is what we hope to do. (more…)

Riding Along On Easy Street

Your organization is a well-oiled machine. It’s nimble, responsive, and ready to follow in any direction you lead. Or lean. In many ways, it’s like a Segway. You don’t want to get too far ahead of it, and if you stay behind it, the machine will simply stand still. You have to confidently lean in the direction you want it to go, and you have to trust it to respond accordingly. When you reach that level of synergy, you and your Segway — your organization — become one.

(more…)

The Swede Smell Of Cyber

Checking into the hotel in Stockholm, visiting Scandinavia with the family, I couldn’t help notice the local papers. On the cover, above the fold, was the face of a man frustrated with a recent turn of events. Even though I couldn’t read the words — I don’t know Swedish — I could tell the man was a politician. It was that kind of picture. Given the current state of American politics, it was almost refreshing to see another country swimming in scandal. Imagine my surprise, though, when I discovered the punchline. There were no prostitutes or drunken junkets. There was only cyber. But it was just as messy.

(more…)

Cat Stevens: Cybersecurity Hero

Though he now performs under a different name, Cat Stevens once had his finger on the hippy, singer-songwriter pulse in America. Naturally, this made him something of a cyber savant as well. Naturally. It was his early encouragement of software and firmware updates and the direct correlation between those and network security. And he worked all of this early magic into his lyrics. Specifically one line, which suggested that, “The patches make the goodbyes harder still.” Many assumed he was only referring to the blue jeans of our passing youth, faded blue into the sky. But give that joint a rest and read between the lines.

(more…)

You Have The Power, Mostly

Just when you thought it was safe to go back in the water, Russian hacking resurfaces in waters beyond the political. Sure, it was devastating when we realized that Russia had wormed its way into our electoral and democratic process, but that was apparently just the beginning of the story. (more…)

The Future of Cyber- Part Two

During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has some interesting perspectives on the nature of cyber threats going forward. The concept of deterrence, for example is complicated, at least on a national or global scale. “Deterrence requires attribution supported by evidence, further supported by classified information and practices,” Zheng suggests, and governments know that for every action there is a reaction, often deploying the same technology. So global resolution of cyber threat potential seems problematic.

(more…)

The Future of Cyber- Part One

During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has also worked as a senate staffer on the Homeland Security Committee, in the Computer Associates software engineering process, and, most recently, on cyber moonshots at DARPA. So her perspective on cyber reflects and informs those of consumers, governments, and leading edge developers. (more…)

Marsha Marsha Marsha!

You would think it would’ve been Jan Brady who wreaked havoc on the world this summer, trying anything to get the attention that always goes to Marsha. But, alas, it was Cindy, a tropical storm that stormed off the gulf coast like a teenager scorned, leaving a trail of devastation that even Gladys couldn’t fix. Homes were destroyed, businesses damaged, and lives lost, reminding us of the serious punch that Mother Nature can pack when she wants to. If you’re reading this, you’re among the lucky.

(more…)

The Smaller They Are, The Harder They Fall

While the media streams constantly with news of big-name breaches that threaten the global economy to the core, an even more significant story grows on the outer banks of public awareness. Sure, the big banks and retailers have lots of data to steal, but they also have the resources to protect their networks. The same is not always true of smaller enterprises. Perhaps in recognition of this, ransomware attacks on small businesses are increasing in greater numbers than their Goliath counterparts, according to Small Business Trends.

(more…)

No Such Thing As A Free Lunch

As remarkable as adware can be, both from the marketing side and the consumer side, the fact that banner ads and other promotions stem directly from your search habits is really the least of your worries. Imagine if the ads began to deploy code that controlled your computer, changed your default browser, and tracked your search habits for a Chinese marketing firm? (more…)

It’s A Family Affair

If you grew up in a large family, you know the sensation. Lots of aunts and uncles and thousands of cousins you saw on a limited basis, like every other year or so at a family reunion somewhere. Some of those kids were really weird, and they seem to come by it pretty naturally, since Uncle Fred and Aunt Eunice popped out of the RV with a gin and tonic in one hand and a fistful of political conspiracy theories in the other. Who knew Tolstoy was the second gun on the grassy knoll?

(more…)

Hacking Up Your Tex-Mex

Some breaches are just tough to stomach, and earlier this year that was especially true at Chipotle Mexican Grill stores across the country. Drawing details from a recent story on The Verge, every state in the Chipotle Nation, it seems, was affected by a credit card POS breach that garnered the hackers sensitive account information. No word yet on whether they wanted black beans or pinto beans with that data.

(more…)

Camp Songs For IT Professionals

It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.

(more…)

The Business Side Of Cyberthreats

The Wall Street Journal is not a publication prone to hyperbole, so a recent headline in the May 18th Business & Finance section screamed for attention. “Cyberthreats Breed Deep Unease” was the title of the article. The media would have us believe that all the really bad things seem to happen to multinationals or political parties. Nothing could be farther from the truth.

(more…)

When Cybersecurity Is Mainstream

Let’s face it. Most IT Departments feel undervalued or ignored. Like lawyers, you try to avoid them at cocktail parties until you need one. At least that’s the way it was in the old days, like back in 2015 or so. With the ever-advancing wave of cyberthreats and our reluctance to reduce the epic size of our digital footprints, cybersecurity is entering the mainstream in new and surprising ways. Consider a long but thorough examination of the current state of cybersecurity in, of all places, The New Yorker. Known more for it’s insights into western philosophy and the Upper Easy Side, even The New Yorker has recognized the growing ubiquitousness of cyberthreats. Have you?

(more…)

Hacking Ain’t What it Used to Be

Do you remember 1986? The first class was inducted into the Rock and Roll Hall of Fame, the Challenger Space Shuttle disaster rocked our world, and Top Gun was the highest grossing film of the year. That year also brought us the Computer Fraud and Abuse Act (CFAA), a law that many have suggested hasn’t kept up with the rapid pace of technological innovation. After all, ARPANET was in its infancy in 1983, and the World Wide Web wouldn’t become a consumer reality until around 1990. Protecting isolated computers is a wildly different thing from keeping networked devices secure in the IOT world. (more…)

The Imperfect Storm

There’s a storm brewing, potential chaos lurking in the wings. And I’m not talking about politics. Though, if we’re being honest, there’s a storm brewing there, too. We can argue cause and effect, but the world is changing in palpable ways, probably more rapidly than we imagine. (more…)

When The Chips Are Down

Ever had that feeling that someone is watching you, like the door is ajar and folks just passing by the office can see everything on your desk? Have you felt that way for the last seven years? If so, you’re not alone, especially if your computers use Intel chips with vPro technology. According to a recent Ars Technica report, Intel has only recently provided a patch to a backdoor in your network that has been open since the year Facebook was launched. Think about that.

(more…)

Arraigned On The Planes Of Spain

Back when Julie Andrews was in her theatrical prime, there was more than just The Sound of Music in the hills. In My Fair Lady, she repeated “the rains in Spain stay mainly on the plains” in an effort to lose her cockney accent. One could argue that Eliza Doolittle was trying to escape her past and enjoy the liberty associated with a new identity, a new language, a new sense of freedom. The same might be said of Peter Yuryevich Levashov, a Russian hacker whose fingerprints are said to be found on such exploits as the Russian intrusion into our 2016 elections. (more…)

Not What You Think It Is

Some things are exactly what you expect. A ballpene hammer, for example, is difficult to mistake for anything else. But if someone hammers your online presence, littering comment and review boxes with inaccurate characterizations of your business, the picture seen by your customers and prospects is very different from what you might imagine. (more…)

Introverted Social Media

Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)

Is That Toaster Listening To Us?

In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)

Who’s Baking Your Cookies?

So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)

Who’s Watching The Watchers?

It’s been a strange month or two in the world, and that’s not simply a political statement. There is a very real sense that somebody’s watching, all of us, all the time, and that we should take that for granted. Increasingly, it seems, that voyeurism extends beyond our digital footprint and into our everyday physical spaces. While novelists and science fiction authors have been seizing on the approach of these days for decades, the Luddites are always the last to know. But, you might ask, who is watching the watchers? Apparently, that would be Wikileaks. (more…)

Now You See It, Now You Don’t

Hacker trying to hack into phoneStand against the wall. That’s the common advice given to tourists when they start to make calls on their smartphones in foreign lands. It’s not the roaming charges you have to look out for any longer. It’s now the roaming thieves who want to steal your phone in broad daylight and compound the pain by phishing your account information to unlock, wipe, and resell the phone. By standing against the wall, you limit the access and cover your blind side. Sadly, the stories are anything but rare. (more…)

Bundle Up To Avoid The Cold

Forest covered in snowWith every passing week, it seems, cyberthreats and hacks inundate the news cycle and bring home the absolute insecurity that most of us experience (or should) when we take even the smallest of baby steps with our digital footprints. Of late, it’s the Russians who seem to take center stage, hacking our politics and manipulating our elections. Though we could debate the extent of the success, nobody seems to doubt the intent any longer. If those chilly diplomatic breezes seem to intimate a second cold war, will cyber be the weapon of choice? Is it already?

(more…)

A Cyberhand On Your Wallet

Hacking reaching for walletYou’re an entrepreneur building a good business, perhaps, or a senior executive leading an organization with both impact and momentum.
Either way, you’re building value through your network and data and making a good faith effort to protect those valuable assets. You’ve got an IT staff, maybe, or a CTO that knows your infrastructure like the back of his hand. You know the value that your network and data add to your balance sheet, even if they’re not explicitly listed there. But sometimes a little clarity is helpful.

(more…)

Ransomware Is Not Randomware

Ransom ExchangeAfter being hit three times in the last year, a luxury hotel in Austria is tired of paying a ransom to get its data back. The Romantik Seehotel, according to Motherboard, recently paid about $1,600 in Bitcoin to regain access to its computers and data. At the heart of the issue was their inability to create the magnetic key cards that have become all but ubiquitous in today’s hotel experience. Again, the third time seems to be the charm, because the hotel owners have reported that they will be converting the security system back to old school locks and keys as a result of this third ransomware event. (more…)

A Secret History of Bad Relationships

Have you ever been THAT guy, the one who is only trying to be honest when everybody turns to him to point out the flaws in the system? You’re the one who remembers the office party everybody else wants to forget, down to the details that are all but lost to the ages. You’re there to remind Chuck in Sales & Marketing that numbers are down and click-throughs and conversions are sure to follow, even when Chuck didn’t ask. What? It’s the truth. You’re just putting it out there. Now imagine you simply harbored all this information and people sought you out and analyzed your memories. (more…)

Bold New World

Cybersecurity is approaching oxygen and water on the list of things we need to survive in this crazy world of ours. The threats are very real, whether deployed by governments around the globe or 400-pound hackers in their bed or the window booth at the corner coffee shop. The technology we create to make our lives easier now requires extraordinary vigilance, but it’s not the machines we should fear, as science fiction writers originally thought. The biggest threats seem to be the humans manipulating the good technology for bad purposes, and we can never completely isolate ourselves from them. Or can we? (more…)

Wait, Is It Monday Already?

 

Cyber MondayCyber Monday. The masterful creation of marketing professionals, designed to tap your wallet before the turkey and dressing settle in your tummy. Think of the sheer volume of sensitive consumer information that wafted through the ether on that day, searching out bargains and tantalizing hackers. Imagine the millions of people walking through a big mall with their purses and wallets wide open and you begin to get the picture. But who doesn’t love a deal? And in today’s digital, global, Internet-of-Things, consumption-driven economy, who are we to argue with the ease with which we transact? Apparently 2016 set a new record for cyber-grab. Go team! (more…)

Blue Skies and Fireflies

Businessman using his tablet phone on airplane. Business travel and communication concept.If you have flown lately, you might have noticed a new wrinkle in the use of cell phones in flight. In addition to limiting use to airplane mode on those devices so equipped, the crew currently prohibits the use of or charging of any Samsung Note 7 device at any point while aboard the plane. CNET offers a brief explanation here for why that message has been added to the mix with making sure your tables and seats are in the upright and locked position. (more…)

Bond. Cyber Bond.

cyber bondsCapitalism is a wonderful thing. Free markets have helped humans identify and meet demands by supplying the products and services that envelop an economy. It is also worth noting that necessity is often called the mother of invention, and cybersecurity is not removed from the influence of this type of thinking. (more…)

At the Crossroads

crossroadsRobert Johnson is believed to have sold his soul to the devil at a crossroads in Clarksdale, Mississippi. Legend has it the devil offered Johnson in trade a well-tuned guitar and a peculiar gift for singing the blues. His songs have been made famous by Muddy Waters, Eric Clapton, and The Rolling Stones, among others. Despite this oft-intoned gift, Johnson suffered an early departure from this world, though one shudders at the thought of such talent descending eternally southward into fire and brimstone, a musical fate we’d more readily assign to boy bands and pre-pubescent pop stars. (more…)

Organizational Climate Change

CrisisPlanning is part of business, and the emerging changes in our physical world certainly play into that. Unexpected rains and flooding seem to strike different regions of the country with increasing frequency, and the usual threats like hurricanes and tornadoes haven’t completely resigned the stage. (more…)

BREXIT and The Unbearable Lightness of Leaving

UK flagYour organization is an island of traditional values and modern technology. Your staff speaks a language that is unique to the industry and has a shop culture that has evolved from the first day you opened for business. You’ve conquered the universe, winning large contracts and making connections that have ushered in waves of revenue and progress. You’ve forged alliances with others in our global economy that strengthen both parties. You’ve faced unruly vendors and cut ties when necessary, and you’ve battled the mighty when compelled to do so, especially when industry momentum was threatened. (more…)

I’m with the Government, and I’m Here to Hold a Hearing

dcWe hear a lot about homeland security, both the pursuit and the official government department. The TSA is probably the latter’s most visible, and often most toxic, representative, especially when you see the little old lady victimized by the random full body search. The work they do is important, but a lot of it never sees the light of day. That can be good or bad. On a slow day, though, you can witness the machinations that propel our homeland into great security, because a recent Senate Homeland Security Committee meeting was recorded and is viewable here. Granted, it’s a couple hours of your life you’ll never get back, but whatever inflates your balloon. (more…)

Technology Industry InnovatorsVeteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor