Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

For consumers

 

MY TAKE: New tech standards, like ‘Matter’ and ‘BIMI,’ point the way to secure interoperability

By Byron V. Acohido

The IQ of our smart homes is about to level-up.

Hundreds of different types of smart devices designed to automate tasks and route control to our smart phones and wearable devices have arrived on store shelves, just in time for the holiday shopping season.

Related: Extending digital trust globally

Some of these latest, greatest digital wonders will function well together, thanks to the new Matter smart home devices standard, which was introduced one year ago.

However, there’s still a long way to go to achieve deep interoperability of interconnected services in a way that preserves privacy and is very secure. Matter is a bellwether, part of a fresh slate of technical standards and protocols taking shape that will help to ingrain digital trust and pave the way for massively-interconnected, highly-interoperable digital services.

I recently discussed the current state of tech standards with DigiCert’s  Mike Nelson, Global Vice President of Digital Trust and, Dean Coclin, Senior Director of Trust Services, at DigiCert Trust Summit 2023. We drilled down on Matter as well as another new standard,  BIMI, which stands for “brand indicators for message?identification.” BIMI essentially is a carrot-on-a-stick mechanism designed to incentivize e-mail marketers to proactively engage in suppressing email spoofing. Here are my takeaways:

Matter picks up steam

Frustration with smart home devices should be much reduced in 2024. That’s because gadgets that bear the Matter logo are more readily available than ever.  Matter-compliant thermostats, pet cams, vacuum cleaners, kitchen appliances, TVs and security systems can no

GUEST ESSAY: The many channels law enforcement pursues to mitigate cyber threats

By Demetrice Rogers

Throughout 2023, we’ve witnessed numerous significant cyber incidents. One of the largest this year was the MOVEit breach, which impacted various state motor vehicle organizations and exposed driver’s license information for nearly 9.5 million individuals.

Related: The Golden Age of cyber espionage

We have also seen ransomware outbreaks at MGM and Caesar’s Casino, causing losses in the millions of dollars and targeted assaults on the healthcare sector, affecting over 11 million patients.

These attacks are leading to a record number of personally identifiable information posted on the Dark Web, a portion of the internet that is hidden and provides anonymity to its users. Many individuals are curious about the strategies employed by law enforcement agencies to monitor and respond to these threats.

Threat intel sharing

Law enforcement agencies depend on multiple channels to aid their efforts against cyber threats. The primary source is the affected organization or individual. Cybersecurity experts determine the required support level when a cyberattack is reported to a local law enforcement agency. Larger-scale attacks may involve collaboration with various federal agencies for

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

By Kevin Gonzalez

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes.

Related: Dasera launches new Snowflake platform

For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs). However, security teams have challenges with Splunk’s steeply rising costs. And now, early adopters of security data lakes like Snowflake are saving more than two-thirds of what they were paying for their Splunk license.

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. The Cisco acquisition shall exacerbate these challenges and speed up the adoption of security data lakes.

While it’s great to see data lakes gaining so much momentum, many security teams struggle to take advantage of them. Ripping and replacing Splunk overnight is unrealistic. Enterprise security teams need a path to incrementally migrate to a modern data lake with minimal

GUEST ESSAY: A primer on best practices for automating supply chain cybersecurity

By Zac Amos

Supply chain security grows more crucial daily as cybercriminals attempt to disrupt distribution and transportation. In response, industry professionals must automate their cybersecurity tools to stay ahead.

Why so? The 2020 SolarWinds cybersecurity incident — which industry experts call the supply chain attack of the decade — was an incredibly high-profile breach affecting massive corporations. While it may seem like an outlier, it reveals an alarming trend.

Professionals on the incident response team believe cybersecurity hasn’t improved and no one has learned from the situation. They point out how supply chains rely on software yet lack the security tools to protect them.

Simply put, cyberattacks are on the rise. Data breaches exposed over 37 billion records in 2020 alone — a 141% jump

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

By Erin Kapcynski

Editor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information from Google and dozens of privacy-breaching websites. Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.)

For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. Acohido to share his ideas about the current cyber threat landscape, the biggest threats for businesses today, the role of AI and machine learning in cyberattacks and cyberdefence, and the most effective methods for companies to protect themselves.

Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security. He previously chronicled the emergence of cybercrime while covering Microsoft for USA TODAY. His news analysis columns, podcasts, and videos are crafted to foster a useful understanding of complex privacy and cybersecurity developments for

GUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?

By Nikoline Arns

Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades.

Related: MSFT CEO calls for regulating facial recognition tech

Tesla’s visionary insights from 1900 hinted at the potential, and today, we bask in the glow of interconnected networks supporting our digital lives. Yet, as we embrace this wave of connectivity, we often overlook the pressing need for protection.

Since 1984, when Japan’s pioneering 1G network blanketed the nation, we’ve been swept up in the excitement of progress. But let’s pause and consider—how often do we truly contemplate safeguarding ourselves from the very forces that fuel our interconnected world?

Link to identities

Over the past decade, mobile data traffic has surged an astonishing 4,000-fold, while an additional 400 million users have joined the digital realm over the past 15 years. As we venture into the era of 5G and witness the rise of private networks, the surge of electromagnetic charge is

ROUNDTABLE: CISA’s prominent role sharing threat intel could get choked off this weekend

By Byron V. Acohido

Once again, politicians are playing political football, threatening a fourth partial government shutdown in a decade.

Related: Biden’s cybersecurity strategy

As this political theater runs its course one of the many things at risk is national security, particularly on the cyber warfare front.

Given the divergent paths of the U.S. Senate and the U.S. House of representatives, federal agencies could see funding largely choked off on Sunday, resulting in the furloughing of hundreds of thousands of federal workers.

A wide range of federal government services, once more, would slow to a crawl —  everything from economic data releases to nutrition benefits for poor children. And the Cybersecurity and Infrastructure Security Agency (CISA) may be forced to send home some 80 percent of its workforce, drastically shrinking its capabilities as a catalyst for public-private sharing of fresh