Category Archives: Cybercrime

Are Cybersecurity Intelligence and Security Metrics Statistically Significant?

– It is customary to begin an article on cybersecurity with some statement about the exponential growth of threats, attacks, vulnerabilities, etc. I’m no different. It seems like a reasonable, generally accepted thing to do. So, I was somewhat surprised when someone pushed back on such a statement…

Taking the Fifth …

– “The Fifth Domain” is a recent book by Richard A. Clarke and Robert K. Knake. It is about cybersecurity and how it has become the fifth military domain following land, sea, air and space. Except that it isn’t really, n’est-ce pas? While intellectually one can imagine a fifth domain, it’s…

Are Ransom Payments Supporting Terrorists?

– Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers. I find it curious that these insurance companies seem to be willing to pay…

Schneider Targeted Yet Again

– In an April 30, 2019 article by Danny Palmer with the title “Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn,” available at https://www.zdnet.com/article/cybersecurity-the-key-lessons-of-the-triton-malware-cyberattack-you-need-to-learn/ the reporter describes…

Is Encryption Evil or Just Not Worth It?

– This is a strange question for an InfoSec professional to pose, don’t you think? But it’s not so far-fetched as it may seem. Take, for example, the common assertion that most cyberattacks are at the application layer level. Whenever this is the case, then hijacked customer accounts, say, allow…