Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: Cybercrime

Beating Around the Proverbial Cybersecurity Bush

– If I’ve said it once, I’ve said it a thousand times … until we put real teeth into cybersecurity enforcement and insist upon serious personal legal consequences for those at the top, we won’t see improvement. We’ve beaten around the bush for far too long. How many more breaches,…

NASDAQ Hack and the Failure of InfoSec

– The front cover page of the July 21-27, 2014 issue of Bloomberg Businessweek magazine screams out “THE NASDAQ HACK.” The headline refers to the lead article by Michael Riley with the title “How Russian Hackers Stole the Nasdaq: It was easier than you think.” The article describes, in great…

The “Patch and Pray” Approach to Cybersecurity

– On the front page of The New York Times of August 6, 2014, Nicole Perlroth and David Gelles published an article “Russian Hackers Steal Passwords of Billion Users: Data Still Vulnerable – 420,000 Sites, Big and Small, Were Targets, Firm Says.” Usually I wait a week to two or even a month or…

Snowden’s Unknown Cache

– While it was not entirely unexpected, it did come as a shock to read that the National Security Agency (NSA) may never know the full extent of the information that Booz Allan contractor Edward Snowden stole. In a front page article in The New York Times of December 15, 2013, with the title…

Confirmation of NSA IAM Deficiencies

– I read an article by Neil McAllister in The Register of August 30, 2013 confirming many of the suppositions that I made in my July 1, 2013 BlogInfoSec column “NSA: IAM … What IAM?” The article “NSA: NOBODY could stop Snowden—he was a SYSADMIN: Virtually unfettered access blew…