Everybody’s Home, But Nobody’s Knocking
As we roll into the holiday season, with Black Friday behind us and stockings soon to be hung from the chimney with care, all eyes are on retail. Santa works hard year-round, but the elves make most of their big-money between Thanksgiving and New Year’s. Customers are hard won, and marketing dollars are stretched as far as they will go.
Even if you are not in the retail business, your organization only grows if you are able to attract and retain the customers. To keep customers, you have to earn their trust with each and every transaction, each and everyday. Once the trust is been violated, the road may no longer rise up to meet you. Just ask the friendly folks at Equifax.
In reporting their recent earnings and projecting for the next quarter, Equifax indicated that the economic impact of the recent breach may exceed $75 million. Among the more difficult tasks will be earning the trust of their customers. They also gave no indication that this will be the end of the revenue drain posed by the breach. The interim CEO described the process as a “Journey.” Have you got the right tools?
A Map And A Compass
Maybe your organization is bigger than a quick fax. Maybe it’s not. And maybe insurance would cover some of your exposure. Then again maybe not. This is just the tip of the iceberg of the questions you should be asking.
That’s the great thing about ICS. Not only do we have the right answers, we have the right questions. Why don’t you call today? See what I just did there?
No File Left Behind
When you’re hiking the Appalachian Trail, it’s important to leave no trace. LNT has become a maxim of sorts among those who engage the outdoors, but over the last several months, the implications for cybersecurity have emerged. Or not. Maybe they haven’t emerged, and that’s the problem. (more…)
Remember the presidential election of 2016? With new books out and some cable talk shows unable to let it go, chances are pretty good you do. And you probably remember the little hack at the heart of much of the controversy, so let’s focus on that, without placing blame or extrapolating any political fodder in the process. Just the facts and what they mean for your cybersecurity posture. (more…)
When the CEO is also the CIO
We’ve dedicated some recent blog real estate to the threats faced by CEOs of big companies and directors of IT departments within larger companies. These threats abound, and ICS works with companies within those spaces to protect networks and data. But sometimes the boardroom table is also the kitchen table. (more…)
From Oslo With Love
Let’s say you’re in the widget business. You studied widgets in college, made Lego widgets as a child, even named your dog Widget. If there’s anything you know a thing or two about, it’s widgets. And you’ve built a great business building widgets. Those in the know call you the Widget King. You’ve put three kids through college on widgets and even bought yourself a little widget bungalow on a coastal island somewhere. You are the man, or the woman! (more…)
Nobel Prizes And Cybersecurity
What can well-intentioned Swedes tell us about improving global cybersecurity? Quite a bit, probably, but specifically we should consider the recent award of the Nobel Prize in Economics to Richard Thaler, a professor at The University of Chicago. Thaler’s work in human behavior led to a bestseller titled “Nudge,” a book about helping people make better decisions. Among his findings was the reality that people didn’t voluntarily enroll in 401Ks until their employers made those decisions for them, essentially nudging the employees to be more proactive about the financial health. Once the companies made enrollment essentially mandatory, employees understood the benefit. (more…)
Dirty Deeds Done Dirt Cheap
There are two types of electrical power. The first is AC, or alternating current. It’s what comes out of the plug in the wall. The second is DC, which is stored and distributed by batteries. The combination of the two would be, well, shocking, and it might even generate classic hits like “Back in Black” and “Hell’s Bells.” But those are not the relevant stories about ACDC these days. (more…)
It’s called the connector. The section of highway where I-75 and I-85 join together to pass through the booming metropolis of Atlanta. It is almost always congested, and it carries a lot of information, not unlike the building that used to rise above the north end of the massive swath of concrete. That’s where the Equifax building used to be, and might still be. (more…)
The Safari of Cybersecurity
Sitting on a shady porch overlooking the river and savanna of Samburo in Northern Kenya. To the left, several elephants lounge in the water. To the right, baboons gather along the riverbank and the safety of the trees beyond. In the middle, just across the river from the shady porch, a leopard stretches lazily to shake off a midday nap and surveys the evening’s offerings at what might be considered his food court. Dissatisfied with the current menu, the leopard retires to the shade of the saltbush and acacia tree to give the chefs at the circle of life cafe a chance to prepare a fresh offering.
Cousin Eddie And Hurricane Names
The Semantics Of Passwords
Beyond The Political
Politics is one of those topics best avoided among polite company, and this post in no way espouses particular views or partisan sentiments. It is difficult to talk about federal efforts to enhance cybersecurity without drawing attention to national politics, but that is what we hope to do. (more…)
Riding Along On Easy Street
The Swede Smell Of Cyber
Cat Stevens: Cybersecurity Hero
You Have The Power, Mostly
Just when you thought it was safe to go back in the water, Russian hacking resurfaces in waters beyond the political. Sure, it was devastating when we realized that Russia had wormed its way into our electoral and democratic process, but that was apparently just the beginning of the story. (more…)
The Future of Cyber- Part Two
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has some interesting perspectives on the nature of cyber threats going forward. The concept of deterrence, for example is complicated, at least on a national or global scale. “Deterrence requires attribution supported by evidence, further supported by classified information and practices,” Zheng suggests, and governments know that for every action there is a reaction, often deploying the same technology. So global resolution of cyber threat potential seems problematic.
The Future of Cyber- Part One
During a recent talk at The Chautauqua Institution, Denise Zheng held forth on the nature of cyber conflict: past, present, and future. A Senior Fellow and the Director of Technology Policy at the Center for Strategic and International Studies, Zheng has also worked as a senate staffer on the Homeland Security Committee, in the Computer Associates software engineering process, and, most recently, on cyber moonshots at DARPA. So her perspective on cyber reflects and informs those of consumers, governments, and leading edge developers. (more…)
Marsha Marsha Marsha!
The Smaller They Are, The Harder They Fall
No Such Thing As A Free Lunch
It’s A Family Affair
Hacking Up Your Tex-Mex
Camp Songs For IT Professionals
It’s summertime, and the livin’ is easy. Fish are jumpin’, and the cotton is high. If you’re lucky, the old memories from summer camp return to the fore, as nostalgia delivers you from the daily stress of network security and constant threats.
The Business Side Of Cyberthreats
When Cybersecurity Is Mainstream
Hacking Ain’t What it Used to Be
Do you remember 1986? The first class was inducted into the Rock and Roll Hall of Fame, the Challenger Space Shuttle disaster rocked our world, and Top Gun was the highest grossing film of the year. That year also brought us the Computer Fraud and Abuse Act (CFAA), a law that many have suggested hasn’t kept up with the rapid pace of technological innovation. After all, ARPANET was in its infancy in 1983, and the World Wide Web wouldn’t become a consumer reality until around 1990. Protecting isolated computers is a wildly different thing from keeping networked devices secure in the IOT world. (more…)
The Imperfect Storm
There’s a storm brewing, potential chaos lurking in the wings. And I’m not talking about politics. Though, if we’re being honest, there’s a storm brewing there, too. We can argue cause and effect, but the world is changing in palpable ways, probably more rapidly than we imagine. (more…)
When The Chips Are Down
Arraigned On The Planes Of Spain
Back when Julie Andrews was in her theatrical prime, there was more than just The Sound of Music in the hills. In My Fair Lady, she repeated “the rains in Spain stay mainly on the plains” in an effort to lose her cockney accent. One could argue that Eliza Doolittle was trying to escape her past and enjoy the liberty associated with a new identity, a new language, a new sense of freedom. The same might be said of Peter Yuryevich Levashov, a Russian hacker whose fingerprints are said to be found on such exploits as the Russian intrusion into our 2016 elections. (more…)
Not What You Think It Is
Some things are exactly what you expect. A ballpene hammer, for example, is difficult to mistake for anything else. But if someone hammers your online presence, littering comment and review boxes with inaccurate characterizations of your business, the picture seen by your customers and prospects is very different from what you might imagine. (more…)
Is That Toaster Listening To Us?
In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)
Who’s Baking Your Cookies?
So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)
Now You See It, Now You Don’t
Stand against the wall. That’s the common advice given to tourists when they start to make calls on their smartphones in foreign lands. It’s not the roaming charges you have to look out for any longer. It’s now the roaming thieves who want to steal your phone in broad daylight and compound the pain by phishing your account information to unlock, wipe, and resell the phone. By standing against the wall, you limit the access and cover your blind side. Sadly, the stories are anything but rare. (more…)
The Internet of Misfit Toys
Inherent to the narrative about the Internet of Things has been the assumption that greater efficiencies would save consumers time and money. It stands to reason that if your toaster talks to your watch, it would know that about 15 minutes after waking up, you would want your toast to pop up and be plated. Further, it goes without saying that your life would be dramatically improved if your thermostats were in on the conversation, so that the kitchen and breakfast room could begin to warm at about the same time as the toast. (more…)
A Good Defense is the Best Offense
Let’s say you’re the DNC and you’re really upset about the recent hacking perpetrated by the Russians. Or, we could imagine you’re the US Government, and you’re feeling vulnerable and diplomatic and vengeful, all at the same time. A recent NY Times article expands on the President’s feelings along these lines, and the frustration he feels at having a mighty cyber arsenal at his disposal when revenge only makes matters worse.
And In Other News
While the world has been watching the American political circus over the past several years, a recurring question put forth by all parties has been, “Can this or that person be trusted with the nuclear codes?” This is an important question, no doubt, but one that overshadows an even more significant question. Granted, the President is the single gatekeeper to the national arsenal, but enemies foreign and domestic seem to be making their own keys to nuclear infrastructure these days. (more…)
REM and the Lyrical State of Cybersecurity
Way back when, in a world before the Internet, when information moved by postal truck and mere facsimile, there strode upon the earth an alternative rock band whose words were even more prescient now than when they first uttered them. And while REM exited stage left, their pronouncement that “It’s the end of the world as we know it” enjoys fresh relevance with each wave of technological advance. (more…)
A closer look at recent chaotic events surrounding the DDoS attacks on Dyn DNS reveals some frightening things about our rapidly growing dependence on the Internet. A recent NY Times article does a great job of explicating the events in layman’s terms, including the warning, “And the threats will continue long after Election Day for a nation that increasingly keeps its data in the cloud and has oftentimes kept its head in the sand.” (more…)
Blue Skies and Fireflies
If you have flown lately, you might have noticed a new wrinkle in the use of cell phones in flight. In addition to limiting use to airplane mode on those devices so equipped, the crew currently prohibits the use of or charging of any Samsung Note 7 device at any point while aboard the plane. CNET offers a brief explanation here for why that message has been added to the mix with making sure your tables and seats are in the upright and locked position. (more…)
A Made-for-TV Reality
Cable News is Not Enough
This election cycle will go down in history as one of the strangest in American history. Both candidates face low favorability numbers and they remain statistically close in most of the polls. This is widely known to anyone who watches cable news programs, mainly because those networks tend to recycle the news over and over again, day after day, and week after week. No reason to blame the networks, though, because that’s the business model. And, quite frankly, there is only so much human activity that is newsworthy, though they seem to always push those boundaries as well. (more…)
Get Your Head in the Game
Remember the old days, when military pilots wore wool-lined leather helmets and big, clunky headsets? Probably not, since those practices tapered off after World War Two. By the time fighter pilots came into your field of vision, it was probably Tom Cruise singing “You’ve lost that loving feeling” while Goose couldn’t eject from the backseat. It didn’t end well for Goose, but you have to remember ICEMAN and MAVERICK in bold print on the helmets as the frosty colleagues pulled together to fight off the Russians and save the day. In addition to the monogram, the helmets had been upgraded to include oxygen masks and room for the really cool aviator sunglasses. Negative, Ghost Rider, the pattern is full. (more…)
Jackware In The Box
Fans of this blog — and let’s be honest, who isn’t a fan? — will recall a recent post that detailed the carjacking of a Jeep Cherokee from several miles away. It was an effort to demonstrate the security vulnerability of cars equipped with wireless access points and other IoT equipment. And it worked. Cars were recalled, security issues were addressed, and we now have an additional lens through which to view rapidly advancing car technology. But what if the car is advancing beyond us, the drivers? (more…)
Open Says A Me
Passwords are the first line of defense for critical network infrastructure. Building an organizational expectation for strong password use in no longer seen as an option. It is now a requirement. If you can get your staff to deploy 8-12 characters randomly selected from all varieties available, that’s $uPer GrE@+. (more…)
At the Crossroads
Robert Johnson is believed to have sold his soul to the devil at a crossroads in Clarksdale, Mississippi. Legend has it the devil offered Johnson in trade a well-tuned guitar and a peculiar gift for singing the blues. His songs have been made famous by Muddy Waters, Eric Clapton, and The Rolling Stones, among others. Despite this oft-intoned gift, Johnson suffered an early departure from this world, though one shudders at the thought of such talent descending eternally southward into fire and brimstone, a musical fate we’d more readily assign to boy bands and pre-pubescent pop stars. (more…)
Politics as Unusual
Regardless of your political affiliation or your favorite — or least unfavorite — candidate, the 2016 election cycle has been anything but predictable. If this were a circus, it would be a very good one. Instead, though, it is the pinnacle of the democratic mechanism by which we choose our leadership. That is a sobering reality that could make you reach for the bottle. (more…)
The Ubiquity of Remote Access
Forget about the Internet of Things. Yeah, like that’s possible. But set that aside for the moment. Another stark reality of our new global economy and digital footpath is the flourishing of remote access. Road Warriors access their office PCs from business travel hotels from Scranton to Sacramento while small businesses choose NAS over cloud services, reaping the many benefits of local data control and network accessibility but facing the daunting reality of localized vulnerabilities. (more…)
Crazy Cousin Guccifer
Every family’s got at least one, a crazy uncle or distant cousin who adopts a scorched earth perspective when exiting the reservation or joining the circus or moving to Iowa to invest in an earthworm farm. You don’t hear much from them for a while, but the names and stories get opened up at family weddings and funerals, reunions marked by distant sadness and curiosity. Guccifer, aka Marcel Lazar, is a Romanian hacker who may seem new to the family, but his name should sound familiar very soon if not already. (more…)
It’s Graduation Season
The waypoints on our life journeys are marked by ceremony. Weddings, funerals, births and Baptisms, and, from time to time, graduations. High school and college seem to be the major events, but the zealous have introduced kindergarten, grade school, middle school, and traffic school to the mix. So congratulations to those who wiped the points off their driving record with 8 hours of vehicular remediation, Your future is, indeed, bright. (more…)