Victor Wheatman

Advisor

Smaarts, Inc.


What CISOs Must Know About Fighting Identity Theft

Posted on: 05 Oct 2014

High-level strategies for defending against attacks to steal identities are twofold: solutions on the back end, and what consumers and business partners can do to protect themselves. Almost daily, we hear about security breaches with millions of personal data records compromised, requiring companies to notify those affected, and to provide free credit and identity theft…

Blending Two Cultures: Management Perspectives on Converging Physical and Information Security

Posted on: 27 Jan 2014

Hey, here’s a good idea: let’s have the part of facilities management that deals with the physical security of the office park, the factory, and the government facility work with the folks that handle IT Security. Let’s put those folks together in a room, see where there’s overlap, eliminate duplication of effort and maybe even…

Scared of SCADA? Maybe It’s Cultural. Read a Children’s Book

Posted on: 14 Jan 2014

There is growing concern over the security of SCADA (supervisory control and data acquisition systems), one of the Internet of Things topics discussed at the Amphion Forum conference recently held in San Francisco. Once upon a time, SCADA systems were based on proprietary operating systems, proprietary protocols and limited connectivity.  Now, many of the controls…

How You Should Be Thinking About the Information Security Budget

Posted on: 25 Nov 2013

So, how did you do this year with your security budget requests?  And how does the plan look for next year?  With information security representing a competitive arms race with the bad guys, you want enough funding to insure you are practicing commercially reasonable security, and to support mission critical business strategies. Many organizations don’t…

Does the NSA Use Quantum Computing to Break Things?

Posted on: 20 Nov 2013

In the continuing stream of revelations about reported NSA hacking to protect national interests comes more news. Data moving between data centers operated by the world’s largest Internet email companies allegedly was intercepted and collected for analysis because the encryption protections on the data was bypassed. The prevailing theories about how the NSA apparently did this…

YAC/YAM, Log Management, SIEM and Big Data Security Intelligence

Posted on: 06 Nov 2013

Maybe it’s just me, but many market analysts tend to be skeptical about the latest shiny new thing promising the “complete solution” in security and other technology initiatives. Skepticism is fueled by the constant stream of overlapping tools, enhancements and nuanced products promising to do something “more;” but with functionality that ultimately may become features in…

Skeptical of Biometrics? Have a Backup Plan

Posted on: 22 Oct 2013

So whoopie-do, the new iPhone has a fingerprint reader to unlock the phone as a market differentiator,  and to open new authentication applications and developer opportunities – assuming Apple opens up the appropriate APIs.  This is based on the technology  Apple bought last year when it acquired AuthenTec which has encryption technology, fingerprint sensors and…

Securing the Internet of Things

Posted on: 22 Oct 2013

A European judge recently blocked a security researcher’s paper describing how to bypass a car’s immobilizer theft-protection system. The Next Generation of airline control systems is designed to efficiently improve air travel, but the new system reportedly uses no encryption on its communications links, and is also missing authentication mechanisms meaning false signals could be…