BLOG

[blogs from cybersecurity professionals]

How I Learned to Stop Worrying About GDPR
Reg Harnish

Tick-tock. There’s about one month left before the European Union’s General Data Protection Regulation (GDPR) goes into effect. The GDPR is among the most pressing privacy issues facing global organizations and it’s easy to see why. The Internet is [mostly] free for one reason – you’re the product and your private data is the currency. …

Read More

Threat Misdirection: What the Titanic Can Teach Us About Cybersecurity
GreyCastle Security

“I cannot imagine any condition which would cause a ship to founder. I cannot conceive of any vital disaster happening to this vessel. Modern shipbuilding has gone beyond that.” – Captain Edward Smith, Commander of Titanic RMS Titanic was a passenger liner designed to be the “last word” in luxury ship travel. In addition to …

Read More

Cybercriminals Don’t Go on Spring Break
Daniel Gibson

Pencils down: it’s spring break. Your students, faculty, and staff are likely hitting the beach and taking some well-deserved time off from the rigors of academia. Cybercriminals, on the other hand, still have their noses to the grindstone. They’re working hard to infiltrate your campus. Are you working hard to stop them? While your students …

Read More

I Was Caged! A confession from a mad, cybersecurity geek
Chad Walter

Yup, it’s true and I can’t believe it! A proud, perfectly clean record, held for a solid year…

Read More

The Two Wolves
Gary Braglia

A young security professional approached me the other day, looking troubled. “I’m having difficulty,” he said, “explaining to our clients the unique challenges of implementing cybersecurity plans and practices, especially in organizations that don’t currently have a culture of security – and then, once we introduce these security controls, how to get employees to comply.” “Ahh yes.  …

Read More

Packing with PII!?!?
Gary Braglia

I’d like to share with you a brief yet harrowing tale about an interesting finding –  not technically a breach, but certainly disconcerting – discovered by a couple of security fellas as part of a penetration testing engagement for a client.  That is, looking for exploitable vulnerabilities within (in this case) the client’s wireless and internal networks with the goal of obtaining administrative …

Read More