Vice President for Cybersecurity
Malice Vs Greed Most discussion about security in the supply chain has been focused on detecting tampering, or preventing backdoors or sneaky things being inserted into components and software. There’s another aspect emerging and will dwarf the tampering: devices that are counterfeited for profit indirectly causing security problems. Counterfeit devices are ones that either by…
Read More
User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. That’s the “do I like it” or the test-drive part of the selection. But the “how well does it work” part is lab testing. I’m…
Read More
What Makes For Really Good Security Predictions Each year Trend Micro releases its annual Security Predictions Report. Good security predictions are very difficult to develop, and companies and consumers need to be selective about the security advice they take. What makes a good security prediction? Four key aspects: 1. It is the prime directive that…
Read More
Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things (IoT) and operational technology (OT), there’s increased security focused on…
Read More
Most analysis is that the cybersecurity skills gap or shortage is getting worse. ESG reported in CSOOnline that 2018 had the highest levels, at 51%, where organizations “claimed their organization had a problematic shortage of cybersecurity skills.” It’s a complex problem, but I believe with non-complex solutions. The Problems (and the Solutions) HR &…
Read More
It’s a common mistake in enterprises to copy-paste security solutions from a peer. Strategies can be recycled, but sadly with even very similar businesses almost always have radically different IT and security requirements. I recall one hospital that looked at a nearly identical peer hospital that was only a few miles away. Much of the…
Read More
Trend Micro recently conducted a global survey of IT and security decision makers. When asked about the top consequence to IoT security, many would have expected it to be data loss. However, the top consequence named with 52% of respondents was “Loss of Customer Trust.” IoT has a physical component that is unusual in the…
Read More
with contributing author, William J. Malik, CISA | VP, Infrastructure Strategies The date for General Data Protection Regulation (GDPR) compliance is just weeks away, yet many organizations, especially those outside Europe, remain unprepared. It turns out that the experiences from other privacy compliance regulations are less helpful than assumed, but the best lessons learned may be…
Read More
Technology is the beating heart of any modern hospital. Advances in cloud, IoT and digital IT systems have helped healthcare organizations (HCOs) greatly improve the quality of care offered to patients. Electronic health records are the backbone of an increasingly complex patient care network. But it has also exposed them to even greater risks of…
Read More
First things first: these are essentially two distinct topics although at RSAC all things are possible, and who knows, next year could have 40 percent of the show floor made up of GDPR microsegmentation startups differentiated by their greentech, AI, SDN and blockchain. So here’s some advice on what to look for at…
Read More
