Want to improve risk management? Do the basics
Managing security takes time and focus, but “reasonable” efforts will yield significant results, a cybersecurity panel said Wednesday at Boston College.
Taylor Armerding | 10 Mar | Read more
Stories by Taylor Armerding
Bots: Biggest player on the cybercrime block
Bot fraud cost an estimated $31 billion in the US last year, dwarfing the estimated $1 billion lost to ransomware and DDoS attacks.
Taylor Armerding | 09 Mar | Read more
Comey: Strong encryption “shatters” privacy-security bargain
FBI director James Comey told a cybersecurity conference that “absolute privacy” has never been part of the nation’s privacy-security bargain. Ubiquitous strong encryption, he said, “shatters that bargain.”
Taylor Armerding | 09 Mar | Read more
Will a cyber crisis add to chaos of Trump’s first 100 days?
Forrester Research predicted last fall that the new president would confront a “cyber crisis” within the first 100 days. Experts say that’s an easy call – depending on how you define a crisis.
Taylor Armerding | 28 Feb | Read more
FDA 'guides' the way to medical device security
The FDA’s “guidance” documents on medical device security are non-binding. But advocates say they will still have plenty of legal force – especially when it comes to things like insurance or civil suits for damages from insecure devices.
Taylor Armerding | 22 Feb | Read more
To pay or not to pay: Too many victims say yes to ransomware
Ransomware’s success rate is so alarming that it is the subject of an all-day “summit” at this week’s RSA conference. Ironically, experts say defending against it is not terribly difficult, and how to do it is widely publicized – it’s just that not many organizations follow the free advice.
Taylor Armerding | 15 Feb | Read more
Can the FTC save the IoT?
Enormous amounts of effort, time and money haven’t made much of a dent in the insecurity of the Internet of Things. So, what about making more use of the old-fashioned lawsuit? The Federal Trade Commission is having some impact with it.
Taylor Armerding | 09 Feb | Read more
Obama’s cybersecurity legacy: Good intentions, good efforts, limited results
President Obama declared early in his presidency that cybersecurity was a priority. Most experts agree he delivered a significant effort. But they also agree that the effort didn’t deliver better security.
Taylor Armerding | 31 Jan | Read more
FBI v. Apple: One year later, it hasn’t settled much
At the one-year anniversary of the battle between the FBI and tech giant Apple over unlocking an iPhone, surveillance and privacy rules have not really changed. But they could this coming year, and the debate over that is as intense as ever.
Taylor Armerding | 30 Jan | Read more
Passwords: A long goodbye
There is no debate about the reality that passwords are a “fundamentally broken” method of authentication. But it is still expected to take time – likely years – for the replacement model to become mainstream.
Taylor Armerding | 18 Jan | Read more
Can government really fix the IoT mess?
The Internet of Things is an ever-expanding attack surface. And a growing number of experts note that the market has failed to address that problem. They are now saying it will take government intervention.
Taylor Armerding | 06 Jan | Read more
Medical data: Accessible and irresistible for cyber criminals
Health care data may not fetch the highest price on every Dark Web marketplace. But it remains one of the most popular targets for cyber criminals, in part because it is easy to get and retains its value. You can’t change a Social Security number the way you can a credit card account.
Taylor Armerding | 20 Dec | Read more
The IoT: Gateway for enterprise hackers
The Internet of Things keeps growing – and so do the threats. At a webinar this week, a panel warned enterprises that it is crucial to be able to see radio-enabled devices on the network, or they could be blind to the risks they pose.
Taylor Armerding | 09 Dec | Read more
Ransomware as a Service fuels explosive growth
Ransomware as a Service has made the entry into the world of cyber crime cheap and easy. Meanwhile, people and organizations still aren’t protecting themselves. No wonder it is exploding.
Taylor Armerding | 05 Dec | Read more
Feds provide legal loophole to hacking IoT devices
For the next two years, “good-faith” security researchers will be allowed to hack into the software of most Internet of Things devices without risk of violating copyright laws. Whether that will lead to more cooperation or confrontation remains to be seen.
Taylor Armerding | 29 Nov | Read more