Blockchain Meets Cybersecurity

Author(s):

Zehra Ali, ,

Blockchain abstract, blue chain links

Where Blockchain Meets Cybersecurity Blockchain technology is a powerful public ledger that records every “block” of data as it moves across many computers. Businesses of all types and sizes have to deal with a lot of information on a daily basis. Data is usually an extremely valuable asset for their operations. But keeping it safe … Read more

Microsegmentation and a Zero-Trust Network

Author(s):

Caleb Townsend, Staff Writer, United States Cybersecurity Magazine

Server room, Microsegmentation in a zero-trust system

We are currently in an unfortunate situation where universally, every business model predicates itself around connectivity. In fact, to be on the edge of innovation is to connect, to everything, before anyone else connects. With each new development, security suffers immediately. The incredulity that is always met with a new Facebook data breach is going … Read more

From the Fall 2018 Issue

40% Of Breaches are Related to Credit Card Data: Is Payment Software Secure?

Author(s):

Kelvin O. Medina, Principal Security Consultant, Trustwave

credit-card-data-security-86491586

Forty percent of the data breaches for 2017 were reported as involving credit card data, according to the 2018 Trustwave Global Security Report.1 The data breaches analyzed used attacks such as phishing/social engineering, malicious insiders, and misconfigurations. This is illustrated below in Figure 1: Methods of Compromise2. Those numbers likely do not include hundreds of … Read more

From the Fall 2018 Issue

Zero Days and Zero Trust: Microsegmentation and Security in a World of Many

Author(s):

Jack Koons, Chief Cybersecurity Strategist, Unisys Corp

koons-article-header

In a world where the business model is racing to connect everything, security is failing to keep pace. This sets up a dynamic tension within the organization between the network/infrastructure teams and the security teams. We are placing the current crop of CIO, CISO, and CTOs in an almost untenable position, and levying unrealistic requirements … Read more

From the Fall 2018 Issue

The Paradox of Infosec and the Dropping of a Socket

Author(s):

Gina Yacone, Director of Sales, Braintrace

Data-Breach-Paradox-header

On Sept. 19, 1980, near the small town of Damascus, Arkansas, someone dropped a socket, and it caused a breach. In terms of breaches, it was nuclear! Paradoxical as it may seem, the story of the 1980’s Damascus Titan II explosion showcases how a simple error parallels that of a significant breach of a company’s … Read more

From the Fall 2018 Issue

Modern Data Security: Worse Than you Think

Author(s):

Dr. Edward Amoroso, CEO, TAG Cyber

Amoroso-article-header

Imagine that under some bizarre set of circumstances, a local high school football team is forced to compete against the New England Patriots. Imagine further that the victory stakes for these teenagers are enormous, perhaps even life or death. Let’s complete this nightmare situation with an understanding that the NFL team will not let up … Read more

From the Fall 2018 Issue

SCANNERS and CONSULTANTS and PEN TESTS Oh My!

Author(s):

Caroline Wong, VP of Security Strategy, Cobalt

Caroline-Wong-article-header

In a world with so many AppSec solutions, it can be tricky to decipher your options. For software security testing alone, there are several different options and hundreds of tools to choose from. This article looks at three of the main security testing options available: scanners, consultants, and Pen Testing as a Service. 1. Scanners … Read more

From the Summer 2018 Issue

Value Chain Maps for Open Source Ecosystems

Author(s):

Chris Corriere, Senior DevOps Advocate, SJ Technologies

Open Source Concept-BigStock

We can’t make it from scratch anymore In his TED Talk, “How I built a toaster – from scratch”1, designer Thomas Thwaites demonstrates how our global society stands on the shoulders of giants. Thomas attempted to reverse-engineer a toaster so he could build one from scratch. However, the simplest toaster he could find had over … Read more

From the Summer 2018 Issue

TEOTWAWKI: The Impending Cryptopocalypse

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

AF-TEOTWAWKI-header

In 1889, the New York publisher John Wiley & Sons published an obscure scientific piece by Daniel S. Troy titled The Cosmic Law of Thermal Repulsion: An Essay Suggested by the Projection of a Comet’s Tail. On page 60 of this text, Troy suggests that if the forces of “thermal repulsion” or “gravitational attraction” were … Read more

From the Summer 2018 Issue

Moving Target Defense with Polymorphic Applications

Author(s):

Danny Gershman, Senior Director, Infrastructure Operations , SecurityScorecard, Inc.

Danny Gershman Moving Target Defense

While the internet has existed for several decades, it’s only in recent years that security has become a popular concern. Cybersecurity tools and products now are a multi-billion dollar industry. Security engineers and executives continue to mitigate risk by trying to accurately quantify where their organizations might be vulnerable. Measuring security risk is hard. Typically, … Read more