Category Archives: CSO/CISO Perspectives

Ransomware and the C-I-A Triad

– In earlier, more innocent (?) times, cyberattacks seemed to be fairly straightforward. You have the data exfiltration attacks, where copies of sensitive personal information and intellectual property are stolen, often without the victims’ knowledge since the original data are left intact.…

Not So Fastly

– The system failure at Fastly on June 8, 2021 portends what may well be the greatest threat to the Internet and all that it supports. In an Associated Press article by Marcio Jose Sanchez on June 9, 2021, with the title “Tuesday’s Internet Outage Was Caused By One Customer Changing A Setting,…

Krebs on Ransomware

– The Krebses—Chris and Brian—are not related, but they have both come out with positions on ransomware. Chris was the former head of DHS’s CISA (Cybersecurity & Infrastructure Security Agency), and Brian is a journalist and much-admired author (by me and many others) of the outstanding…

Don’t Count on Cybersecurity Data

– It is a common theme of mine, but one which bears repeating. We collect and disseminate all manner of data, but not so much of data which count. In an article by mathematician Hannah Fry in the March 29, 2021 edition of The New Yorker, she reviews two new books on data and statistics. The…

Inadequate Cybersecurity

– It is customary to begin an article on cybersecurity with statements about huge increases in threats and attacks and mounting cyberspace losses from fraud, identity theft, ransoms, data exfiltration, blackmail, etc. Few, who confront cyber issues daily, question such assertions, but there are some…