Skip to main content

ICAM and Zero Trust

Zero Trust remains one of the key buzzwords in cybersecurity, and virtually every article, briefing, or marketing slick about zero trust talks about the importance of implementing multi-factor authentication (MFA). Single factor passwords have been asserted to be “broken” for years, with documented proof that attackers are able to successfully hack passwords regardless of complexity, length, and change frequency.

Continue reading

Cyberattacks causing many small companies to go out of business!

During the present-day digital transformation, cybercrime is becoming the number one form of criminal activity. “43% of online attacks are aimed at small businesses” and many aren’t prepared to defend themselves during these attacks! It is recommended that small business owners look into privacy programs to help support and protect vital information.

Continue reading

What is Cybersecurity?

The world relies on technology more than ever before. As a result, digital data creation has surged. Today, businesses and governments store a great deal of that data on computers and transmit it across networks to other computers. Devices and their underlying systems have vulnerabilities that, when exploited, undermine the health and objectives of an organization. 

Continue reading

Trust and Federation

Federation has worked well on social media – users link their accounts together and use a single username and password to access. Federation has also worked for government employees - their Personal Identity Verification (PIV) cards are accepted for many cross-agency uses. But even after significant investment of federation to support citizen interactions with the government, federated citizen credentials are still out of reach.        

Continue reading

Computer Motherboard

Developments In 5G

With 5G comes a host of new innovation: Greater precision and improved reaction times in drones and autonomous vehicles, new wearable tech with additional features, advances and greater adoption of Internet of Things (IoT) devices and smart city developments, and remote healthcare. 5G also ushers in a new age of smart warfighter.

Continue reading

Parallels between Zero Trust and the Fight Against Corona Virus

It is not uncommon for cyber professionals to have a difficult time conveying to people unfamiliar with cybersecurity the ways in which to consider protection of their data. There are many similarities between cyber approaches to addressing cyber vulnerabilities and attacks that are similar to those that our nation is using to combat the corona pandemic. One such similarity between cybersecurity and public health is the approach being taken to develop multiple vaccines in parallel knowing that few will be successful.

Continue reading

Cyber Crime

Costs of Privacy Breaches and Cyber Incidents to SMBs

According to a study conducted by Ponemon Institute in 2017, 61% of SMBs stated that their companies have experienced a cyber attack in the past 12 months, and 54% of SMBs reported that they had privacy breaches involving customers, target customers and employee information. This should be a sobering wake up call for SMB owners to start investing in cybersecurity. Moreover, the costs, due to cyberattacks, incurred on SMBs are often high and have lasting future impacts.

Continue reading

Identity

NIST Special Publication 800-63B Digital Identity Guidelines

NIST Special Publication 800-63B Digital Identity Guidelines, Authentication and Lifecycle Management includes choices of authenticators that may be used at various Authenticator Assurance Levels (AALs) for use by the US Federal Government.  Authenticators are used to authenticate a user to a resource’s access control mechanism.  Examples of authenticators include credit cards with chips, US Federal Government Personal Identity Verification (PIV) cards and DoD Common Access Cards (CACs). 

Continue reading

Spectre and Meltdown

Spectre and Meltdown are attacks on computing systems that exploit characteristics inherent to most modern computer processors. Specifically, Meltdown is recognized to affect Intel and ARM processors, while Spectre is known to affect Intel, AMD and ARM processors.

Continue reading

Computer Motherboard

The Return of ROCA

The Return of Coppersmith’s Attack (ROCA) is a recently discovered vulnerability in a cryptographic library used in some Infineon Technologies AG chips. It enables an attacker to practicably determine an RSA private key given an RSA public key. Quantum computers, while still in their infancy, will one day be capable of finding private keys like those used in RSA and other asymmetric cryptographic algorithms.

Continue reading

Secret Link