Vulnerability management woes continue, but there is hope

Posted on March 28th, 2019 by Responsible Cyber

I remember giving a presentation when I first started working in cybersecurity in 2003 (note: It was called information security back then). I talked about the importance of good security hygiene, focusing on deploying secure system configurations, managing access controls, and performing regular vulnerability scans.  When it came to the Q&A portion of my presentation, […]

Read More

Upcoming Speaking Engagements – Schneier on Security

Posted on March 24th, 2019 by Responsible Cyber

Blog > Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m teaching a live online class called “Spotlight on Cloud: The Future of Internet Security with Bruce Schneier” on O’Reilly’s learning platform, Thursday, April 4, at 10:00 AM PT/1:00 PM ET. The list is maintained on this […]

Read More

Inside Incident Response: 6 Key Tips to Keep in Mind

Posted on March 24th, 2019 by Responsible Cyber

Experts share the prime window for detecting intruders, when to contact law enforcement, and what they wish they did differently after a breach. 1 of 7 (Image: Jcomp � stock.adobe.com) Most data breaches we see in the headlines are the biggest – but a security incident doesn’t need to be of Equifax proportions to bring […]

Read More

Preserving the privacy of large data sets: Lessons learned from the Australian census

Posted on March 14th, 2019 by Responsible Cyber

Who needs hackers when the government puts sensitive information about every person in the country online and invites the internet to look at it? That’s what happened last year in Australia, and it sends a warning message of what not to do during the upcoming U.S. Census 2020. The Australian Bureau of Statistics published data […]

Read More

Review: Bitglass manages the mobility monster

Posted on March 14th, 2019 by Responsible Cyber

It’s no secret that most businesses and organizations work better when they embrace mobility. The old formula of having droves of suited workers sitting at their desks from nine to five every day, typing away with desktop computers or even older technology simply doesn’t hold up in today’s always on, always connected world. Modern workers […]

Read More

Digital Convergence’s Impact on OT Security

Posted on March 13th, 2019 by Responsible Cyber

There’s an old expression that says, “when it rains it pours.” This has never been more true than the current impact of digital transformation on security teams charged with protecting IT and OT networks. Today’s CSOs and CISOs find themselves at a crossroads in the transition of their role within an organization. They not only […]

Read More

Microsoft Debuts Azure Sentinel SIEM, Threat Experts Service

Posted on March 1st, 2019 by Responsible Cyber

New services, which are both available in preview, arrive at a time when two major trends are converging on security. Microsoft today debuted two new security services: Azure Sentinel, a cloud-native security information and event management (SIEM) system, and Microsoft Threat Experts, a service through which security operations teams can leverage expertise from Microsoft’s experts. […]

Read More

DDoS explained: How distributed denial of service attacks are evolving

Posted on February 20th, 2019 by Responsible Cyber

What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s […]

Read More

Virus attack! Hackers unleash social media worm after bug report ignored

Posted on February 20th, 2019 by Responsible Cyber

by Danny Bradbury What happens when you report a vulnerability to a website and it completely ignores your request, in spite of running a bug bounty program that’s supposed to pay for disclosures? Some hackers might just walk away, but a group of app developers in Russia chose another approach. They used the vulnerability to […]

Read More

Enterprises need to embrace top-down cybersecurity management

Posted on February 19th, 2019 by Responsible Cyber

When I first entered the cybersecurity market in 2003, I’d already been working in the IT industry for about 16 years in storage, networking, and telecommunications previously. By the early 2000s, all three sectors had moved on from bits and bytes to focusing on how each technology could help organizations meet their business goals. Oh […]

Read More