“Underground-uate” Studies in Cybercrime

Summer is slowly coming to an end and that means students are preparing for a new set of courses as they head back to school. That is, if they are going to a traditional college or university. The school of cybercrime offers a very different set of courses – and Biology and Algebra aren’t prerequisites…

Students – Be the Next Digital Universe Defender

It is that wonderful time of the year when our kids go back to school and new university students ponder if they enrolled into the right major.  My nephew has changed his major three times so far – just last year! OK University students – let me give you a basic economics lesson – supply…

IT Compliance: All About That Base (Standard)

When it comes to IT risk management approaches, few things spark more debate than the use of standards. To explore this is to ponder another alphabetic quagmire of acronyms, categories, and random numeric designations. So which is the best? Is there even such a thing as “best”? If not, how do you choose otherwise? Or…

Spotting an Attacker’s “Tell” through Data Analysis

People have been talking about using Big Data for security for a long time now. Most of the ideas have been at a very high level, with few concrete tangible use cases – especially when dealing with today’s nation state attacker or hacktivist. However, there are some real use cases where using the latest tools…

E1: Enter the Maestro – Introducing Marty Bishop

The elevator opened on the 54th floor and Marty Bishop emerged into the bustling corporate environment of MagnaCorp yawning.  Dressed in his well worn jeans and a nondescript plain black Calvin Klein T-shirt, he deftly slid sideways between two suit encrusted sales associates jabbering about some new product release.  He balanced his trusty traveling coffee…

Securing eCommerce Transactions without Losing Customers Part 4 – Mobile Strategy

Through this series we have looked at reducing fraud chargebacks via risk-based authentication for account holders, behavioral analytics and 3D Secure. In this final post we will look at mobile strategy. There is no shortage of statistics reflecting the tremendous growth in mobile commerce. In fact according to Criteo, 29% of US eCommerce transactions are…

Summer’s Over: Spies go Back to School – Part I

As college and university students prepare to begin another school year, we see them as future entrepreneurs, computer scientists, engineers, politicians and civic leaders.  To add a twist, some of these students will also be our future digital hacktivists and cyber criminals. Take for example Carnegie Mellon sophomore Morgan Culbertson who was recently linked with…

Securing eCommerce Transactions without Losing Customers Part 3 – 3D Secure

Part 1 of this series covered using risk-based authentication for account holders while Part 2 dove into behavioral analytics to reduce fraud chargebacks. In this post we will look at the strategic use of 3D Secure. 3D Secure is a protocol developed by Visa, MasterCard and Europay and designed to reduce fraud in the online…

Cascading Risk: Lloyd’s “Blackout Report”

(image from Lloyd’s “Business Blackout” report) In early July, Lloyds published “Business Blackout: The insurance implications of an cyber attack on the US power grid,” a study of the financial impact of a hypothetical electric grid failure scenario in the US. Developed jointly with the University of Cambridge Center for Risk Studies, it is an…

The Results are In…RSA Archer Won a Stevie Award

We’re very excited to share some great news – RSA Archer won a 2015 People’s Choice Stevie Award for Favorite New Product in the Software – Governance/Risk category. As you may know, the Stevies are premier awards as part of the American Business Awards – essentially the equivalent of the film industry’s Academy Awards.  This…