Security: It’s Not the Speed that Kills

My friend Randy Marchany tweeted a link to an article “Millennials Value Speed Over Security, Says Survey”  that started me thinking about the apparent conflict between speed and security.  If you google “Agile software development,” you will see a Wikipedia page, which extensively covers the topic. “Agile software development is a set of principles for software development in…

Details

It’s the Data, Stupid

I was looking at Facebook the other day (yes, I know – a security guy that uses Facebook – just wait until you have grandkids and a scary message appeared at the top of the page. It was the 39 year anniversary of my employment at Columbia University. I have been working in IT for 39…

Details

“The Internet of Cows”

Glenn Fink, a security researcher at Pacific Northwest Labs, did a presentation called the “Internet of Cows” at a recent IEEE conference where he showed how dairy farming has become an automated, internet accessible business process. He took the discussion one step further by saying that cows make great human surrogates in the privacy debates surrounding IoT. He…

Details

Behavioral Authentication: Your New Best Friend

Who knows you better than your smart phone? Your family? Maybe. Your colleagues? Perhaps. Your dog? Almost certainly—but that could change very soon. For many of us, our phones and other devices—smart watches, tablets, laptops—are privy to our deepest secrets. Our devices may know, via the alarm we set, when we get up in the…

Details

Impacts of Tennessee’s Revision to Data Breach Notification

David M. Brown reported on April 1, 2016 in Data Breach Notification Laws that the State of Tennessee has passed and received the Governor’s signature on revisions to its breach notification requirements. This law goes into effect on July 1, 2016 and could have significant impacts to Tennessee businesses and others, especially if other states follow…

Details

The Cybersecurity Convergence

People love to predict the next must-have digital device, from personal drones to augmented-reality contact lenses. But what if the next big device isn’t one single technology? What if it’s a convergence of technologies? How will we then secure our networks and data? A look at the history of the digital universe shows us that,…

Details

Security is Not a Thing

This seems to be the time of year that everyone is holding a security conference.  I will be attending eight from January through the end of April (and speaking at four of them.) The interesting thing about most of these meetings is that they are usually sponsored by vendors, who believe that their product or…

Details