Home Podcasts Videos Guest Posts Q&A My Take Bio Contact



PODCAST: The coming spike in ‘GPS jamming’ and ‘GPS spoofing’

If you’re like me, you’ve become obsessed with using GPS to find your way around town. Personally, I’d peg the accuracy of my GPS usage, locally and while on business travel, at roughly 85 percent, which is pretty darn good.

GPS isn’t infallible, of course. Just ask the woman in Port Jervis, New York who, on Nov. 5, blindly obeyed GPS, and drove her car down a muddy bank into the Neversink River. She’s not alone. GPS-myopic drivers have steered vehicles into bodies of water, up staircases, into buildings, onto golf courses and even off cliffs.

Relacted article: How Russia’s election meddling relates to power grid hacks

But here’s something to consider: could a GPS hack have factored into any of these mishaps? I learned about the two primary forms of GPS attacks — GPS jamming and GPS spoofing — from speaking with Vlad Gostomelsky, a security researcher at Spirent Communications.

Precise time, location

Gostomelsky explained how GPS is a worldwide network used for positioning and timing. A number of satellites encircling earth send timing signals to each individual receiving device, like your smartphone. Your iPhone or Android device uses these signals to calculate your precise location at a precise time.

“GPS is really important because we use it to get an exact time for financial transactions and for  server logs,” Gostomelsky says. “And it’s used extensively for navigation both for car GPSs and for smart vehicles.” …more

PODCAST: Why ‘machine learning’ is perfectly suited to mitigating network breaches

By Byron V. Acohido

The essence of  “machine learning” is that ML is perfectly suited to extracting value from large sets of data.

Thus, whether you realize it or not, ML has come to intersect with just about every aspect of daily living. ML today is used pervasively to profile our online behaviors. When we search for something on Google, make a purchase on Amazon, stream a movie from Netflix, post to Facebook, or Tweet, all of that data is stored and analyzed. And now ML advances are being applied to vehicle and driver data to rapidly steer us (pun intended) towards everyday dependence on driverless vehicles.

But there is another arena where one would expect ML to be making a much larger impact than it has to date: cybersecurity.

Related article: 2018 – Year of the CISO

Consider this: the typical corporate IT system is a sprawling amoeba generating large sets of data, minute-by-minute, day-by-day, from dozens of disparate systems. Hidden in this tumult of network logs are the fingerprints of threat actors actively stealing and disrupting – or getting into position to do so. …more

PODCAST: The quest for relevant, actionable threat intelligence

By Byron V. Acohido

In the war on cyber crime, access to rich stores of threat intelligence has never really been the problem.

Quasi-government entities, like the United States Computer Emergency and Readiness Team (US-CERT,) and industry sharing groups, like the Information Sharing and Analysis Centers (ISACS,) supply a rich baseline of threat data.

Related video: Why the NIST framework is vital to baseline security

Meanwhile, cybersecurity companies like FireEye, Symantec, CrowdStrike, Palo Alto Networks, Dell SecureWorks, Kaspersky Lab and countless others routinely share some of their hard won intel publicly, for the greater good, while keeping some intel close — for primary use by their paying customers.

In 2013 a couple of buddies working as security analysts at organization deep within the U.S. military complex got frustrated by their inability to truly leverage the deluge of threat intel in an efficient way. So the two analysts, Ryan Trost and Wayne Chiang, launched ThreatQuotient. …more

PODCAST: ‘Homomorphic encryption’ emerges as the Holy Grail of cloud computing

By Byron V. Acohido

I recently learned that there is an acute limitation to otherwise empowering cloud storage and processing services, such as Amazon EC2, Google Cloud and Microsoft Azure. It has to do with the circumstances under which business data gets transported to, and stored in, cloud storage facilities.

Some context: Organizations today do a terrific job encrypting data kept in storage (data at rest) and also encrypting data as it is being transported to and from cloud storage facilities (data in transit.) However, to actually do a simple search, or otherwise access and massage this data when it is stored up in the cloud, both the query and the stored data must be decrypted. And herein lies the security shortfall.

Related article: Encryption …more

PODCAST: Why ‘defense in depth’ isn’t enough — how ‘SOAR’ will help

By Byron V. Acohido

‘Defense in depth’ and ‘layered defenses’ just aren’t cutting it anymore.

We’ve arrived at a point where many companies have invested substantial fortunes on overlapping tiers of cybersecurity technologies. Discreet systems, such as firewalls, anti-malware  suites and sandbox detonators are smarter and more sophisticated than ever before.

Yet network breaches continue to proliferate. Enterprises are finding it more difficult than ever to actually translate the cumulative intelligence at their fingerprints into action that curtails network breaches. There are just too many discreet security systems continually pumping out too much disparate data; security analysts just can’t make sense of it all.

Acohido and Corcoran

To address this shortfall, a new technology stack, dubbed SOAR, …more

MY TAKE: How Russia’s election meddling relates to industrial control hacks

By Byron  V. Acohido

While America’s attention has been  riveted on stunning disclosures of how Russia meddled in the U.S. presidential elections, the significance of a parallel, equally important development, may have gotten lost. Don’t look now folks, but the world’s superpowers are steadily marshaling forces to engage in an all-out cyber war.

History may yet prove that Russia’s manipulation of elections in America and elsewhere is, in fact, connected to the steady escalation of attacks on industrial control systems. And it’s not just Russia. Evidence has surfaced that China, USA, Israel and North Korea have also been maneuvering to take full advantage of the profoundly vulnerable state of so-called “OT” systems.

Quick context here: Gartner a few years ago coined the buzzphrase “operational technology,…more

PODCAST: Will 2018 be the year of the CISO?

By Byron V. Acohido

Could we be entering the Golden Age of CISOs, chief information security officers? Perhaps.

CISOs at some big financial services firms have begun elbowing their way into the C-suite’s upper most tier, reporting to the board of directors and/or the CEO and/or the audit committee, John Dixon, principal at Denim Group, told me in a lively discussion we had at Black Hat 2017 in Las Vegas.

Related article: Implications of the Deloitte breach

Dixon spends much of his time advising clients how to build software applications that are as secure as they ought to be. To do this well, he must immerse himself in the rising trends and myriad nuances continually shaping and reshaping the cybersecurity landscape.