Category Archives: Information Security News

“All for One and One for All”

– … So chanted the Three Musketeers. One of my main issues with cybersecurity risk management is that organizations seek to secure their own systems, data and networks, hoping that attackers will move on and attack more vulnerable victims. I have heard this notion explicitly stated by senior…

Schneider Targeted Yet Again

– In an April 30, 2019 article by Danny Palmer with the title “Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn,” available at https://www.zdnet.com/article/cybersecurity-the-key-lessons-of-the-triton-malware-cyberattack-you-need-to-learn/ the reporter describes…

Global Cybersecurity Agreement?

– First off, I strongly believe that, in order to make any headway at all with respect to creating a more trustworthy and secure Internet, there must be global sponsorship of efforts to improve cybersecurity, generally-accepted cybersecurity policy and standards, and international institutions to…

Educate Lawmakers on Securing the Critical Infrastructure

– I drafted the retrospective column “Securing the Critical Infrastructure—Two Lost Decades” before the “breaking news” column “Oh, BTW, The Russians Cyberattacked the U.S. Critical Infrastructure,” which was posted on April 24, 2018. The former was in response to the US-CERT alerts…

Oh, BTW, The Russians Cyberattacked the U.S. Critical Infrastructure

– While we have been distracted by the dalliances of an errant president, the exfiltration from Facebook of personal information belonging to a gazillion users, and the use of those data to influence elections, the U.S. encountered an existential threat, which was given relatively short shrift by…