Home Podcasts Videos Guest Posts Q&A News This Week Bio Contact

ROUNDTABLE: The implications of Deloitte data breach, especially following hacks of Equifax, SEC

By Byron V. Acohido

The astonishing rash of disclosures of data breaches at top-tier organizations continues. Big Four accounting firm Deloitte has joined Equifax and the U.S. Securities and Exchange Commission in going public about a catastrophic loss of sensitive data.

Ironically, Deloitte a few years ago branched from its core auditing and tax services to high-end cybersecurity consulting. PricewaterhouseCoopers, another member of the Big Four club, did much the same thing.

There is no …more

PODCAST: The case for making ‘application security’ a top priority

By Byron V. Acohido

Convenience has its price. The truism rears its head often in cybersecurity, particularly as web applications delivered via the internet cloud have come to pervade digital commerce.

Nearly all businesses and government organizations now offer services—such as online payments—through web applications. And the staggering amount of data flowing through such applications presents golden opportunities for hackers.

The enterprise application market was valued at about $150 billion in 2015, and it’s anticipated to grow 7.6 percent a year from 2016 …more

PODCAST: Startup FFRI unveils high-flying approach to detecting leading-edge malware

By Byron V. Acohido

Over the past 10 years or so, machine learning has come to dominate our digital lives.

Commercial entities crunch mountains of data, leveraging “intelligent” mathematical algorithms at a furious pace. Much of this is done as part of the massively profitable endeavor of shaping consumer preferences and behaviors—to a degree unimagined by the best-and-brightest sci-fi authors of just 70 or 80 years ago.

So it’s about time the cybersecurity industry has joined the party. Indeed, a cottage industry is thriving composed of information security companies …more

GUEST ESSAY: Why Trump’s cybersecurity executive order is a step in the right direction

By Alberto Yépez, managing director of Trident Capital Cybersecurity

Last May, the White House issued a cybersecurity executive order (EO)—the Trump administration’s first major action on cyber policy. It has attracted naysayers. The fact is, however, that the president has finally plugged a huge hole by putting in place a guiding strategy for our nation’s cyber defense.

And his suggestions are solid.

Related article: Trump’s cybersecurity order calls for work force development

The order charges the government …more

Equifax hack sheds light on ripe attack vector: open-source protocols used in business networks

A major takeaway from the Equifax debacle that hasn’t gotten enough attention is this: The massive data theft happened because of a vulnerability in an open-source component, which the credit bureau failed to lock down.

Remember Heartbleed and Shellshock, the two massive security flaws discovered in open-source internet protocols back in 2014? The waves of network attacks that preyed on those flaws showed how open-source protocols—which over the years have become …more

PODCAST: Cyphort helps companies translate an ocean of network logs into actionable intelligence

By Byron V. Acohido

More companies are deploying cyber defenses to alert employees when possible threats to data and networks are detected. That’s a good thing.

What’s not so good is that these tools and components can raise alarms so often, a company’s tech team is in a constant state of high alert.

I had the chance to speak with Cyphort Senior Director Mounir Hadad about his company’s solution to all that noise, which they …more

PODCAST: How Darklight marshals threat feeds, delivers useful intel to enterprises and MSSPs

By Byron V. Acohido

The ongoing warfare between small and midsize companies defending their networks against relentless hackers just isn’t a fair fight, says John Shearer, CEO of DarkLight.

All too many SMBs are clueless and/or lack resources dedicated to continually defending their networks against determined, innovative intruders.

Meanwhile, the attackers are “extremely organized, and they’re sharing their knowledge. They’re actually acting in an organized way to attack the small businesses. And the small businesses, unfortunately, are …more