Cutting the Cord…

Over the last twenty years, wireless has gone from a novelty to a necessity. Providing a wireless network is what encourages worker mobility as well as mobility of thought. But the challenges the wireless network present are daunting. Implementing security properly is paramount when designing and implementing a wireless LAN (WLAN). An organization needs to determine how to address Guest and BYOD postures while keeping known devices and users segregated from the rest of population.

Details

Cybersecurity in Post-WannaCry Era: Proceed with Caution

The back-to-back WannaCry and Adylkuzz outbreaks in mid-May mark a turning point on the cybersecurity landscape. Both attacks had far-reaching global ramifications—spreading chaos throughout all types of organizations—big and small.  But it looks like we got lucky.

For all of the disruption they caused, these attacks were surprisingly amateurish. Just think of the devastation a more developed attack could cause. But make no mistake—these attacks serve as a warning. Organizations need to heed the lessons learned and adjust their cybersecurity strategies accordingly.  

Details

Phishing Attacks Part 2: How to Protect Yourself Against an Attack

Phishing attacks are among the growing threats gaining popularity and creating havoc in the Internet world. In the previous blog, Phishing Attacks Part 1: Major History Moments to Learn From, 5 major attacks in history were detailed. As these type of attacks increase in diversity and complexity, it becomes increasingly important to minimize the chances of becoming a victim of a phishing attack.

Details

5 Risks Hospitals Face

Hospitals and the overall healthcare sector are experiencing a major digital evolution that is pushing them to change their traditional ways of information management. To close the gap with their needs and changing IT infrastructure agility, security, compliance, and performance, many organizations are probing for benefits of cloud. The traction of on-demand cloud services along with cloud security have swiftly changed the healthcare sector mindset from “why move to the cloud?” to “what and how should we move to cloud?”

Details

Machine Learning – Threat Detection Game Changer

In a past life I use to be part of a team that developed Video Games. Besides the storyboarding and coding that was part of the process, we also had to accommodate the idea that any user might try to ‘break’ the game in one way or another. We built in fail safes of all sorts to make sure that the game would always run as expected with a predicted outcome. Part of this process was to try and anticipate what type of nefarious action the player would make.

Details

WannaCry – Keep Calm and Remember the Basics

The globe was recently hit by a massive ransomware campaign that stretched across 150 countries and infected tens of thousands of systems. The Russian Interior Ministry was affected, certain NHS hospitals were turning patients away and a few manufactures had to cease operations. Needless to say, this was a really big deal. Companies were left scrambling on Friday afternoon in attempts to make sure they weren’t the latest victim of the WannaCryptor 2.0, also known as WannaCry, malware from wreaking havoc in their network. This is the second iteration of this malware and it uses exploits previously found within leaked NSA hacking tools (ETERNALBLUE) that takes advantage of a bug within Windows SMBv1 protocol.

Details

Brain Power: Using The Neuromorphic Data Microscope for Cybersecurity Analysis

Digital computers and human brains have different strengths and weaknesses. If you give me a long list of arthimetic problems to solve, at some point I’ll slip up. “How did I get the wrong answer on that division problem? Oh yeah, I thought there was a 3 in the tens place of the dividend when it’s actually a 6. I’ve just been staring at all of these numbers for so long that I’m starting to get tired!” But CAPTCHAs are easy for me to use, and they somehow impede malicious web bots that try to break through authentication barriers.

Details

Identity Management and Network Access Control

We hear about a new major security breach almost every week. Some of them rely on weak keys to do so. In the famous TJ Maxx breach, it is believed the hackers exploited a weak pre-shared key for Wifi. Had they been using WPA2-802.1x the key would have been infinitely stronger. This means the hackers would need to be in the same location for a longer period time and potentially dissuading them from continuing the hack. Even if they stuck around, it would have been obvious to staff that a car was lurking around for too long. Identity management would have helped to enable 802.1x and Radius, which generates unique keys and regenerates them in shorter intervals.

Details

Why Your Last-Generation Firewall Is No Match for IoT Threats

The Internet of Things (IoT) is sometimes called the Internet of Threats, and for good reason. IoT devices, employee- and customer-owned, are proliferating exponentially across the enterprise, with Gartner expecting to see 25 billion Internet-connected things in use by 2020. IoT devices are also notoriously difficult to secure, creating an attractive target for attackers looking…

Details

What You Must Know About Machine Learning Malware Analysis

We are in the post-signature era of antimalware software. Attackers are driven by the profit motive, and are also driven by a lust for power. About a decade ago, malware researchers determined that the amount of malicious files in the computing collective doubled every two years. Now, in a manner similar to Moore’s Law, the rate of malware growth is probably exponentially greater. Malware deployers aren’t only script kiddies who buy executables and crypters in the Dark Web. They’re also national militaries… Stuxnet anyone?

Details

Cloud Computing in Everyday Life

I recently received an email from my Auto Manufacturer containing a report about my car’s ‘health’. I initially thought it was just a typical service email, or maybe it was some covert email to try and sell me a new car, product, or other offering from a local dealer. As a matter of fact, it…

Details

Rethinking Defense-in-Depth: Where’s its Place in IoT World?

The idea of defense-in-depth has been around for nearly two decades. While it provided effective protection in the past, the recent spate of high-profile breaches and nation-state attacks proves defense-in-depth alone is no match for today’s threat environment. Defense-in-depth, the layering on of security controls to ensure that attacks breaching one layer will be caught…

Details

Can your Network Infrastructure handle the next 5 years?

I remember when I drove my new, fast, car off of the dealer’s lot and although it feels like yesterday, it’s no longer new or fast. It continues to break down and doesn’t support my growing family. Just like how cars have an optimal life span, so does your network infrastructure. It may have been ‘State of the Art Technology’ at the time of installation, but will it be able to handle everything you throw at it now? 

Details