Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

For consumers


Mobile security advances to stopping device exploits — not just detecting malicious apps

By Byron V. Acohido

The most profound threat to corporate networks isn’t the latest, greatest malware. It’s carbon-based life forms.

Humans tend to be gullible and impatient. With our affiliations and preferences put in play by search engines and social media, we’re perfect patsies for social engineering. And because we are slaves to convenience, we have a propensity for taking shortcuts when it comes to designing, configuring and using digital systems.

Related article: Is your mobile device spying on you?

This hasn’t worked terribly well for defending modern business networks from cyberattacks. And now we are on the verge of making matters dramatically worse as smartphones and IoT  devices proliferate.

I recently had a chance to discuss this state of affairs with J.T. Keating, vice president of product strategy at Zimperium, a Dallas-based supplier of mobile device security systems. Launched in 2010 by a Samsung consultant who saw the handwriting on the wall, Zimperium has grown to 140 employees and attracted $60 million in venture capital from Warburg Pincus, SoftBank, Samsung, Telstra and Sierra Ventures.

The company is seeking to frame and address mobile security much differently than the traditional approach to endpoint security. “When you have billions of mobile devices that aren’t well protected, and the users are primarily responsible for controlling them, it makes for very ripe targeting,” Keating told me.

For a full drill down, please listen to the accompanying podcast. Here are excerpts edited for clarity and length.

LW: What’s most worrisome about mobile security?

Keating: If you’re a consumer, you should really care about malicious apps. The vast majority of the mobile malware we see is designed for fraud. A perfect example of one going around right now is called Bankbot. A user will …more

With passwords here to stay, a ‘Zero Trust’ approach to authentication makes eminent sense

By Byron V. Acohido

When I first started writing about technology for USA Today in 2000, reporters were required to use what at the time was a cutting-edge 2-factor authentication device to securely log into the newspaper’s editing and publishing network.

Related article: The case for rethinking security

It was an RSA SecurID token. I attached it to my key chain, and activated it to issue a one-time 6-digit code, each time I needed to log in to file a story.

Today that same functionality has been vastly improved. One-time security codes routinely get pushed to smartphones to affect a second factor of authentication in a wide array of scenarios. An approach referred to the “Zero Trust” model, takes it a few steps further.

Increasingly, behavior monitoring and machine learning are being brought to bear to assess details of each separate login to each service. This enables companies to make decisions as to whether any specific access request is routine – or suspicious.

Companies can tune such systems to automatically take a range of actions, from requiring a second-factor of authentication, to permitting only very limited access or even blocking access altogether. And they are able to do this at scale, in real time, while watching effectiveness improve as the machine learning algorithms crunch more and more data.

Last Watchdog asked Andy Smith, vice president of product marketing at Centrify, a leading supplier of identity and access management (IAM) technologies, to supply context for the Zero Trust model. One big takeaway was this: the Zero Trust model has come along in perfect timing to support stronger authentication requirements happening on the fly as part of digital transformation.

For a full drill down, please listen to the accompanying podcast. Here are excerpts of our conversation edited for clarity and length.

LW: Keeping track of identities and controlling access has always been a big challenge. Now the challenge is escalating, getting more complex. …more

Last Watchdog’s coverage of cybersecurity and privacy earns 4th Top Blog award

By Byron V. Acohido

Our daily mission here at Last Watchdog is to keep the public usefully informed about emerging cybersecurity and privacy exposures.

Related article: The road to a Pulitzer

Though we don’t spend any time seeking it out, one measure of our success is peer recognition. So I’m happy to let our audience know that Last Watchdog has been recognized for the fourth time in recent months as a trusted source of useful intelligence.

Threat Stack, a Boston-based security startup that helps companies stay protected in the cloud, and publisher of the informative Threat Stack Blog, has just included LastWatchdog.com on its lists of 50 Essential Cloud Security Blogs for IT Professionals and Cloud Enthusiasts.

Earlier, Watchdog Reviews selected LastWatchdog.com as …more

Why the ‘golden age’ of cyber espionage is upon us

By Byron V. Acohido

Researchers at Cisco’s Talos intelligence unit have now expressed high confidence that the Russian government is behind VPNFilter, a malware strain designed to usurp control of small office and home routers and network access control devices.

If you doubt VPNFilter’s capacity to fuel cyber chaos on a global scale, please peruse the FBI’s recently issued alert about this very nasty piece of leading-edge malware.

Related article: Obsolescence creeping into legacy security systems

VPNFilter is precisely the kind of cyber weaponry nation state-backed military and intelligence operatives routinely deploy to knock down critical infrastructure, interfere with elections and spy on each other.

One of the top analysts on the daily use of malware across the planet is Dr. Kenneth Geers, senior research scientist, at Comodo Cybersecurity. His main duties at Comodo revolve around monitoring and analyzing malware spikes as they unfold on a daily basis, and correlating cyber attacks to global news and political events.

Geers recently walked me through the cyber attack trends and patterns he’s currently monitoring. Bottom line: cyber espionage is on the cusp of a golden age; and the only way to deter this is for the private sector to do a much better job of defending home and business networks.

Why so? Because vulnerable networks supply the communications channels and processing power made so easily accessible to cyber criminals and combatants.

For a full drill down on my fascinating chat with Geers, please listen to the accompanying podcast.  Here are excerpts edited for clarity and length. …more

Will GDPR usher in a new paradigm for how companies treat consumers’ online privacy?

By Byron V. Acohido

Back in 2001, Eric Schmidt, then Google’s CEO, described the search giant’s privacy policy as “getting right up to the creepy line and not crossing it.

Well, Europe has now demarcated the creepy line – and it is well in favor of its individual citizens. The General Data Protection Regulation, or GDPR, elevates the privacy rights of individuals and imposes steep cash penalties for companies that cross the creepy line – now defined in specific detail.

Related article: Zuckerberg’s mea culpa reveals reprehensible privacy practices

Europe’s revised online privacy regulations took effect last Friday. European businesses are bracing for disruption – and U.S. companies won’t be immune to the blowback. There are more than 4,000 U.S. companies doing business in Europe, including many small and midsize businesses. All of them, from Google, Facebook and Microsoft, down to mom-and-pop wholesalers and service providers, now must comply with Europe’s new rules for respecting an individual’s online privacy.

The EU is expected to levy GDPR fines totaling more than $6 billion in the next 12 months, an estimate put out by insurance giant Marsh & McLennan. As these penalties get dished out, senior management will become very uncomfortable; they’ll be forced to assume greater responsibility for cybersecurity and privacy, and not just leave it up to the IT department.

This is all unfolding as companies globally are racing to embrace digital transformation – the leveraging of cloud services, mobile computing and the Internet of Things to boost innovation and profitability. In such a heady business environment, a regulatory hammer was necessary to give companies pause to consider the deeper implications of poorly defending their networks and taking a cavalier attitude toward sensitive personal data. …more

Preempt stakes out turf as supplier of ‘Continuous Adaptive Risk and Trust Assessment’ technology

By Byron V. Acohido

Defending modern business networks continues to rise in complexity seemingly minute by minute. Perimeter defenses are woefully inadequate, and traditional tactics, like blacklisting and malware detection, are proving to be increasingly ineffective.

Protecting business networks today requires a framework of defenses. Leading tech research firm Gartner has even contrived a new buzz phrase for the required approach: “Continuous Adaptive Risk and Trust Assessment,” or CARTA.

Related article: The threat of ‘shadow admins’

I had the chance to visit recently with Ajit Sancheti, co-founder and CEO of a startup called Preempt, which has positioned itself in the vanguard of CARTA system suppliers. For a full drill down on our conversation please listen to the accompanying podcast. Here are excerpts edited for clarity and length:

LW: You’ve described Preempt as taking an identity-centric approach to security and threat prevention. Please explain.

Sancheti: Identity is the new perimeter. Think about how we now have a mix of enterprise networks being on cloud, non-cloud in enterprise data centers, and cloud hybrids. The only entity you can control is the user. If you can figure out the risk profile of users at a given time and continue to build on those profiles over time, then based on their identity, their behavior, and the importance of the asset they are trying to access, then you can actually take real-time security actions to ensure that the person who’s getting the access is who they say they are.

LW: Can you frame the problem of threat actors using legit Windows tools to wreak havoc? …more

How ‘identity governance’ addresses new attack vectors opened by ‘digital transformation’

By Byron V. Acohido

Mark McClain and Kevin Cunningham didn’t rest for very long on their laurels, back in late 2003, after they had completed the sale of Waveset Technologies to Sun Microsystems. Waveset at the time was an early innovator in the then-nascent identity and access management (IAM) field.

The longtime business partners immediately stepped up planning for their next venture, SailPoint Technologies, which they launched in 2005 to pioneer a sub segment of IAM, now referred to as identity governance. Today SailPoint has 800-plus employees and growing global sales.

Related article: What the Uber hack tells us about DevOps exposures

The company is coming off a successful initial public offering last November in which it raised $240 million. SailPoint’s share price has climbed from the mid-teens to the mid-twenties since its IPO.

I had the chance to visit with McClain, SailPoint’s CEO – Cunningham serves as chief strategy officer—at RSA Conference 2018. We had an invigorating discussion about how “digital transformation” has intensified the urgency for organizations to comprehensively address network security, and how identity governance is an important piece of that puzzle. For a full drill down, please listen to the accompanying podcast. Here are excerpts edited for clarity and space:

LW: Your focus is on helping companies do much better at a fundamental security best practice.

McClain: Exactly. Within the big realm of security, we’re within the realm of identity, which is getting a lot of airtime these days.  And within identity, our focus is on what’s called identity governance . . . The company has been around for a while now. We work in almost every industry vertical and focus on mid-sized enterprises with 2,000 to 3,000 employees all the way to the largest global enterprises in the world. …more