Richard Stiennon

Chief Research Analyst

IT-Harvest


NSF Cybersecurity Ideas Lab: Some Ideas Worth Considering

Posted on: 03 Aug 2014

This past February I participated in an amazing three day innovation and ideation lab pulled together by Farnam Jahanian, Assistant Director, Directorate for Computer and Information Science and Engineering, National Science Foundation (NSF), with a lot of help from an organizing committee drawn from some of the most intelligent technology people around. The task at…

General (Ret.) Keith Alexander Pivoting to the Enterprise

Posted on: 31 Jul 2014

According to a report in Foreign Policy, former NSA head Keith Alexander has ideas. Ideas he wants to patent and turn into a business.  Admittedly, Alexander has had exposure to countering network borne attacks. In particular, he was in charge of the team at NSA that detected the presence of the Agent.btz worm on the…

TrapX Researchers Discover Attack Embedded in Logistics Devices

Posted on: 16 Jul 2014

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Hand held bar code scanners and RFID chips have changed logistics dramatically in recent years. From manufacturing to every stage…

Wall Street Is Worried About Tom Clancy Scenario

Posted on: 09 Jul 2014

The Securities Industry and Financial Markets Association (SIFMA), an industry trade group for banks securities firms and asset managers, is worried about catastrophic attacks against their members, Bloomberg reported today. Bloomberg reports on an internal document they have seen, stating: “The document sketches an unusually frank and pessimistic view by the industry of its readiness for…

Is there Another NSA Leaker? Updated

Posted on: 03 Jul 2014

This morning a partial analysis of the NSA’s XKEYSCORE code was published in Germany. Jacob Applebaum, an evangelist for the The Onion Project (TOR), was one of the authors. The report details specific rules written for one of the NSA’s data collection tools, XKEYSCORE, which collects the IP addresses of TOR bridges, and users of…

PayPal Apparently Enforcing Non-existent Laws

Posted on: 01 Jul 2014

According to one of the founders of ProtonMail, a secure email startup, PayPal had suspended their account. A PayPal representative reportedly questioned the legality of an encrypted email solution. ProtonMail is hosted in Switzerland specifically to provide assurances to users that there is no legal jurisdiction for the US to interfere with it, as it…

Are Former Government Cyber Experts Worth Their Consulting Fees?

Posted on: 30 Jun 2014

Congressman Alan Grayson made waves last week when he sent letters to the Securities Industry and Financial Markets Association(SIFMA), the Consumer Bankers Association, and the Financial Services Roundtable assailing former head of the NSA, Keith Alexander. In each letter Grayson cited a Bloomberg article that revealed that Alexander’s new consulting firm was commanding hefty fees…

Various Email Security Solutions Post Snowden

Posted on: 25 Jun 2014

As predicted (by me) email encryption solutions are proliferating rapidly. All it took was a threat actor to appear on the scene. The first time I met Mark Rasch we shared a stage a Detroit event in the ‘90s. He made a comment that stuck with me. “If email was easy to intercept we would…

NATO Should Stand Down From Apocalyptic Cyber Fears

Posted on: 20 Jun 2014

Tallinn 2007 was indeed a wake up call for NATO.  The massive amounts of distributed denial of service (DDoS) attacks against websites, communications, and even Estonian Parliament members’ fax machines, arising from Russian intimidation caused a lot of soul searching and ignited efforts to formulate cyber policies in many nations. But the threat of cyber attack…

CloudFlare Acquires CryptoSeal

Posted on: 18 Jun 2014

ClouldFlare, the CDN like DDoS defense and security service, announced the acquisition of CryptoSeal, a personal VPN service, this morning. Ryan Lackey, CryptoSeal’s founder told securitycurrent that his class of 2011 Y Combinator backed venture had already been leveraging CloudFlare’s infrastructure. A quick conversation with CloudFlare’s CEO, Mathew Prince, revealed that this acquisition is as…