Communication, culture and information security

Since my earliest days working in Silicon Valley, I have been involved in computer security incident response management. And so it was with great pleasure that I accepted a keynote speaking opportunity at the upcoming annual meeting of the Forum of Incident Response and Security Teams (FIRST) during 28 June-3 July 2009 in nearby Kyoto, […]

Electricity Industry looking for cyberthreats

The electric power utility industry is planning to start looking for cyberthreats against the power grid, and especially components that would wind up being the cornerstone of the Smart Grid project. According to the article, officials at the North American Electric Reliability Corporation (NERC) are planning to start a pilot investigation of cybersecurity risks to […]

The botnet peril

For as many times as we have heard that e-commerce is at risk due to the actions of sophisticated cyber-criminals, it is astounding how little has been done to protect against wholesale attacks against users and, more importantly, against the major retailers who are more and more dependent upon commercial trade over the Internet. It […]

Secure web site certificate vulnerability

In December 2008, a group of computer security researchers attending a security conference in Berlin gave a practical demonstration of a serious security vulnerability related to the public key infrastructure (PKI) that allows for secure web browsing used for online banking, e-commerce and other sensitive transactions. In short, they were able to show the possibility […]

Millennials: the new workplace threat

Younger employees are taking their own technology and mobile devices into the workplace, confounding attempts to protect internal networks, reports Information Week.  The so-called Millennial generation, Under-28s who are increasingly connected to others using social networking software, are basing their choice of employer partly on how accommodating the company is to personal technology preferences, according […]

Emerging cyber threats for 2009

In October 2008, the Georgia Tech Information Security Center hosted its annual summit on emerging security threats for the coming year. After its conclusion, the conference issued a summary report entitled Emerging Cyber Threats Report for 2009, which catalogs a variety of threats that the conference participants felt would be important in the coming year. […]