The Network Security Trident – Going Beyond Compliance

First and foremost, I am not a big fan of “compliance.”  I say that with some reluctance because there are certainly some positive aspects of the notion.  The PCI/DSS standard provides an effective and comprehensive framework that organizations can use to help shape...

Security Expert Says Sony Wasn’t Hacked By North Korea

“Their capabilities are just not that great,” said Tom Chapman, director of cyber operations at Edgewave, a San Diego-based security firm, in an interview earlier this week. Chapman is a former U.S. Navy cyber-warfare commander. “Of the hacks we know...

Password Management and Physical Authentication

There is no longer any validity to the belief that you can “set-and-forget” anything, especially usernames and passwords.  When the New York Times broke the story of a Russian crime syndicate that collected 1.2 billion username and password combination by...

FBI and Secret Service Investigating Bank Cyberattacks

It was only earlier this week news surfaced that JPMorgan customers were being targeted in a broad e-mail phishing campaign. The campaign attempted (to an unknown degree of success) to collect credentials for that bank and also infect PCs with a virus for stealing...