The Network Security Trident – Going Beyond Compliance

First and foremost, I am not a big fan of “compliance.”  I say that with some reluctance because there are certainly some positive aspects of the notion.  The PCI/DSS standard provides an effective and comprehensive framework that organizations can use to help shape...

Password Management and Physical Authentication

There is no longer any validity to the belief that you can “set-and-forget” anything, especially usernames and passwords.  When the New York Times broke the story of a Russian crime syndicate that collected 1.2 billion username and password combination by...

FBI and Secret Service Investigating Bank Cyberattacks

It was only earlier this week news surfaced that JPMorgan customers were being targeted in a broad e-mail phishing campaign. The campaign attempted (to an unknown degree of success) to collect credentials for that bank and also infect PCs with a virus for stealing...