The SolarWinds cyber compromise makes Cyber Tactics’ columnist John McClurg reflect and rethink about nation-state adversaries, insider threats, spearphising, AI-machine-powered learning, crimeware-as-a-service and much more. Here, he takes a look at what risks persist within organizations and potential consequences.
Threat actors who phish see themselves as businesspeople, even if that business is illegal. They’re always seeking ways to maximize their profits, and with phishing, they know they can do that by better tailoring the email lure to resonate with the intended recipient.
A recent ISC² Cybersecurity Workforce Study placed the resource gap worldwide at 4.07 million professionals. The challenges we face when grappling with that gap are myriad and are exacerbated by the security paradigm to which we may have historically pledged allegiance.
Last month, in this column, we advanced a discussion of the hermeneutics involved in the interpretations we make daily and of our growing propensity to commit Group Attribution Error.
Hermeneutics, a hodge-podge of psychology, sociology, anthropology and philosophy — with a dose of linguistics thrown in for good measure — examines the variables around which we construct and impute meaning to our world. This process is more colloquially known as interpretation theory.
Flashback to 2004 and the genesis of National Cybersecurity Awareness Month (NCSAM), an initiative created to raise awareness in the U.S. around the importance of cybersecurity. Founded by the National Cyber Security Division within the Department of Homeland Security and the nonprofit National Cyber Security Alliance, NCSAM has taken place each October, since its mid-aughts inception, in efforts to ensure all Americans have knowledge of the resources and tools they need to be safer and more secure online.
Sun Tzu famously said, “all warfare is based on deception.” He could hardly have anticipated how his words would ultimately be substantiated—particularly in the tactics of today’s cybercriminals.
The path to securing the remote workforce should be seamless and experienced as a hassle-free balance between safety and a quality user-experience. It is pivotal to implement appropriate security practices, as inadequate measures can lead to unmanaged risks and the endangerment of corporate systems, data and employees.
The best UES solution is one that buttresses its capabilities by simplifying administration, increasing visibility and control, reducing costs and eliminating unnecesary friction all while providing a higher value of security, productivity and user experience.
As China forges its role as one of the great world powers, it relies upon a blast furnace of espionage operations to acquire foreign technologies and intellectual property, better position itself against competing international powers and control its own image both at home and abroad.
RSS
