Recent Posts

Just how effective are Russian political social media ops?

There has been a lot of discussion (and hand wringing) over what seem to be concerted Russian “influence operations” aimed at US politics. Our Russian…

Continue Reading

Juice Jacking – meh!

Lately, I have been seeing a number of posts and articles warning us all not to use publicly available USB charging points due to the…

Continue Reading

Resource: AWS Security RampUp Guide

It seems like Amazon Web Services (AWS) is on every employer’s most wanted skills list. As more organizations make the decision to replace or augment…

Continue Reading

Snail mail hacking

Some of the most effective hacks don’t require the attacker to touch your computer. This article from Flashpoint provides some insight into how criminals are…

Continue Reading

The NYPD (and the rest of us) need some new barricades

Not all security barricades are made of wood. Some are made of bits. According to the New York Post, the New York Police Department ran…

Continue Reading

Deepfakes – Welcome to the post truth society

I recently watched the New York Times’ Weekly episode “Deepfakes – Believe at Your Own Risk” and while I have been concerned about the implications…

Continue Reading

Security awareness materials you can use – “Why we fall for cons”

One of my favorite parts of my job as a CSO is building security awareness amongst my colleagues. I really believe that the time put…

Continue Reading

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

An unsung cybersecurity hero

Here is some excellent reporting from ProPublica about an unsung cybersecurity hero. Michael Gillespie has helped thousands of people recover their files after they were…

Continue Reading

US DoJ guidance on responding to and reporting cyber incidents

When thinking about how to respond to cyber security incidents, you need to think about how your organization will engage with law enforcement – and…

Continue Reading