Russia, the DNC, Cyberwar and the Attribution Problem
Posted on: 11 Dec 2016
Was Russia responsible for hacking the DNC and John Podesta, and releasing their communications as part of a concerted effort to impact the US electoral result and get their favored candidate…
Hands Across the Water – DOJ Permits US Judges to Authorize Foreign Searches
Posted on: 02 Dec 2016
One problem with modern computer or computer related crime: it’s international in scope. But governments are limited by their borders, their authority, and their sovereignty. A proposed change to the federal rules of…
Backdoor Politics 2017
Posted on: 22 Nov 2016
One of the most hotly contested issues in information security is whether the government should encourage the ubiquitous use of strong encryption to protect data both at rest and in…
IoT Security – I Know What Will Help – Get Congress Involved
Posted on: 18 Nov 2016
The U.S. House Energy and Commerce Committee held hearings on November 16, 2016 on security of Internet of Things in the wake of the massive distributed denial of service (DDoS)…
Failure to Secure – No Harm, No Foul?
Posted on: 15 Nov 2016
If a tree falls in the forest and there is nobody there to hear it, does it make a sound?? If a company has a data security event exposing sensitive…
Brexit’s Potential Impact on Information Security
Posted on: 27 Jun 2016
One of the lessons of crisis management is that you don’t make predictions during a crisis. Not to say that the recent UK vote to leave the EU (“Brexit”) is…
Virginia Court Kills Privacy
Posted on: 23 Jun 2016
A federal court in Virginia on June 23 may have put the final stake in the heart of constitutionally protected privacy rights online. The case itself was simple enough –…
Inside(r) Job
Posted on: 18 Aug 2015
In 1981, R. Foster Winans was a reporter for the Wall Street Journal, writing the “Heard it on the Street” column. As a diligent reporter, he would find out information…
Encryption as Protection? Maybe Not
Posted on: 13 Aug 2015
A recent espionage prosecution in West Palm Beach, Florida demonstrates that encryption may not be the panacea that organizations think it is. So rather than relying on encryption alone, companies…
Stagefright and Security Fright
Posted on: 29 Jul 2015
A new vulnerability in the Android OS points out not only problems with hardware and software generally, but with our bug bounty and patch management system for mass-market consumer products…