Home Podcasts Videos Guest Posts Q&A My Take Bio Contact



PODCAST: The case for rethinking security — starting with smarter management of privileged access logons

By Byron V. Acohido

Two cybersecurity trend lines have moved unremittingly up the same curve over the past two decades — and that’s not a good thing.

Year-in and year-out, organizations have steadily increased spending to defend their networks — and they continue to do so, with no end in sight. Research firm MarketsandMarkets estimates that the global cybersecurity market size will grow from $137.85 billion in 2017 to $231.94 billion by 2022, a compound annual growth rate of 11.0%.

Related podcast: Much stronger security can come from simple ‘Identity Access Management’ improvements

At the same time, the damage and disruption caused by malicious hackers has also continued to rise, with no end in sight. One recent measure of this comes from a survey of senior officials at 120 large enterprises, conducted by research firm Forrester and sponsored by Centrify, a leading supplier of identity and access management (IAM) technologies.


C-level executives disclosed to Forrester that two thirds of their companies had been breached multiple times –  a startling five times on average over the past two years. What’s more, respondents indicated these break-ins occurred evenly all across the network, at endpoints, servers, data bases and in software-as-a-service systems. …more

Q&A: Meet insurance underwriters newest obsession — vulnerability assessments

By Byron V. Acohido

From very early on, cyber criminals have been smart enough to focus their attention on vulnerabilities – the endless coding weak points arising from our increasing dependence on complex software and software-run systems.

Finally, the good guys are doing the same. One security vendor I recently spoke to — Risk Based Security – is among the innovative vendors involved in helping companies identify, assess and patch vulnerabilities.

Related article: Insurance giant Zurich partners with Deloitte cybersecurity

Obviously, a comprehensive understanding of the vulnerabilities your organization is exposed to, at any given time, is a vital layer of defense. What’s really interesting is that the insurance industry has come to recognize this, and has begun using vulnerability assessments as a key measure for qualifying companies looking to offset cyber risk via a cyber insurance policy.

Jake Kouns, CISO at Risk Based Security, walked me through the context of this emerging trend. Here are excerpts of our conversation, edited for clarity and length. For a deeper drill down, please listen to the accompanying podcast. …more

PODCAST: The coming spike in ‘GPS jamming’ and ‘GPS spoofing’

By Byron V. Acohido

If you’re like me, you’ve become obsessed with using GPS to find your way around town. Personally, I’d peg the accuracy of my GPS usage, locally and while on business travel, at roughly 85 percent, which is pretty darn good.

GPS isn’t infallible, of course. Just ask the woman in Port Jervis, New York who, on Nov. 5, blindly obeyed GPS, and drove her car down a muddy bank into the Neversink River. She’s not alone. GPS-myopic drivers have steered vehicles into bodies of water, up staircases, into buildings, onto golf courses and even off cliffs.

Relacted article: How Russia’s election meddling relates to power grid hacks

But here’s something to consider: could a GPS hack have factored into any of these mishaps? I learned about the two primary forms of GPS attacks — GPS jamming and GPS spoofing — from speaking with Vlad Gostomelsky, a security researcher at Spirent Communications.

Precise time, location

Gostomelsky explained how GPS is a worldwide network used for positioning and timing. A number of satellites encircling earth send timing signals to each individual receiving device, like your smartphone. Your iPhone or Android device uses these signals to calculate your precise location at a precise time.

“GPS is really important because we use it to get an exact time for financial transactions and for  server logs,” Gostomelsky says. “And it’s used extensively for navigation both for car GPSs and for smart vehicles.” …more

PODCAST: Why ‘machine learning’ is perfectly suited to mitigating network breaches

By Byron V. Acohido

The essence of  “machine learning” is that ML is perfectly suited to extracting value from large sets of data.

Thus, whether you realize it or not, ML has come to intersect with just about every aspect of daily living. ML today is used pervasively to profile our online behaviors. When we search for something on Google, make a purchase on Amazon, stream a movie from Netflix, post to Facebook, or Tweet, all of that data is stored and analyzed. And now ML advances are being applied to vehicle and driver data to rapidly steer us (pun intended) towards everyday dependence on driverless vehicles.

But there is another arena where one would expect ML to be making a much larger impact than it has to date: cybersecurity.

Related article: 2018 – Year of the CISO

Consider this: the typical corporate IT system is a sprawling amoeba generating large sets of data, minute-by-minute, day-by-day, from dozens of disparate systems. Hidden in this tumult of network logs are the fingerprints of threat actors actively stealing and disrupting – or getting into position to do so. …more

PODCAST: The quest for relevant, actionable threat intelligence

By Byron V. Acohido

In the war on cyber crime, access to rich stores of threat intelligence has never really been the problem.

Quasi-government entities, like the United States Computer Emergency and Readiness Team (US-CERT,) and industry sharing groups, like the Information Sharing and Analysis Centers (ISACS,) supply a rich baseline of threat data.

Related video: Why the NIST framework is vital to baseline security

Meanwhile, cybersecurity companies like FireEye, Symantec, CrowdStrike, Palo Alto Networks, Dell SecureWorks, Kaspersky Lab and countless others routinely share some of their hard won intel publicly, for the greater good, while keeping some intel close — for primary use by their paying customers.

In 2013 a couple of buddies working as security analysts at organization deep within the U.S. military complex got frustrated by their inability to truly leverage the deluge of threat intel in an efficient way. So the two analysts, Ryan Trost and Wayne Chiang, launched ThreatQuotient. …more

PODCAST: ‘Homomorphic encryption’ emerges as the Holy Grail of cloud computing

By Byron V. Acohido

I recently learned that there is an acute limitation to otherwise empowering cloud storage and processing services, such as Amazon EC2, Google Cloud and Microsoft Azure. It has to do with the circumstances under which business data gets transported to, and stored in, cloud storage facilities.

Some context: Organizations today do a terrific job encrypting data kept in storage (data at rest) and also encrypting data as it is being transported to and from cloud storage facilities (data in transit.) However, to actually do a simple search, or otherwise access and massage this data when it is stored up in the cloud, both the query and the stored data must be decrypted. And herein lies the security shortfall.

Related article: Encryption …more

PODCAST: Why ‘defense in depth’ isn’t enough — how ‘SOAR’ will help

By Byron V. Acohido

‘Defense in depth’ and ‘layered defenses’ just aren’t cutting it anymore.

We’ve arrived at a point where many companies have invested substantial fortunes on overlapping tiers of cybersecurity technologies. Discreet systems, such as firewalls, anti-malware  suites and sandbox detonators are smarter and more sophisticated than ever before.

Yet network breaches continue to proliferate. Enterprises are finding it more difficult than ever to actually translate the cumulative intelligence at their fingerprints into action that curtails network breaches. There are just too many discreet security systems continually pumping out too much disparate data; security analysts just can’t make sense of it all.

Acohido and Corcoran

To address this shortfall, a new technology stack, dubbed SOAR, …more