Zooming [In]Security

With the COVID-19 Pandemic (remember the COVID-19 Pandemic?) workers were forced to find other means of communicating — including Zoom meetings. While there were a spate of high-profile security issues with respect to Zoom, including open and shared meetings, Zoombombing, sharing data with Facebook, and deliberately routing communications through China and the like, the principal…

Details

No Good Deed… Apple 2FA Case Dismissed by California Federal Court

A few years ago, Apple began pushing “two-factor” authentication on its users.  Through an update in the Operating System, they began to require those who wanted to download and install software to, in addition to providing a password, use a separate out-of-band authentication mechanism. While such 2FA systems are not perfect, and those which rely…

Details

Managing Risk in the Era of Pandemic

Cyber Security is NOT about cybersecurity. It’s not about compliance with regulations. At the end of the day, cyber security is about identifying and managing risks. Risks associated with the use and misuse of technology. Risks associated with failing to protect data. Risks associated with doing too little. And risks associated with doing too much.…

Details

DR/BCP – TL:DR – Preparing for the Wrong Disaster is Better than Not Preparing At All

In the wake of the SARS CoViD-19 pandemic, news organizations have been interviewing so-called “preppers” – survivalists who have been preparing for some natural or man-made disaster by hoarding shelf-stabilized food, guns, underground bunkers, water, and backup electricity. The preppers are taking a victory lap essentially saying, “we told you so.” Not quite. You see,…

Details