Where Is My Cybersecurity Rosetta Stone?

This week’s theme for National Cyber Security Awareness Month is “Cyber from the Break Room to the Board Room.” Communication, like anything else worth getting better at, takes practice. Sometimes it takes planning to know what we want to say and how we want to say it. We also need to anticipate who our audience is…

Six Steps For Cybercrime Survival

While recently cleaning my grandfather’s attic, I came across an old Federal Civil Defense Administration brochure titled “Six Steps to Survival – If an enemy attacked today would you know what to do?”  In our modern times, many of us are being attacked on a daily basis by cybercriminals. As such, do you know what…

Hackers Hunt for Healthcare Records

What’s the difference between data theft from a bank account versus a healthcare record? For starters, think of theft from a bank account as the equivalent of a single withdrawal; one and done. Sooner than later it’s discovered, a new account number is issued and, as a hacker, you’re effectively cut off. When it comes…

Ransomware Rules for Payment: Do Extortionists Have the Advantage?

When an entire health system fell prey to cybercriminals and medical records were locked up by a ransomware attack in early February, there seemed no choice but to pay the sum demanded in order to avoid the impact on patient care: $17,000 in 40 Bitcoin.   And in that single moment, one hospital became the obligatory…

Does DDoS Takedowns Really Change Extortion Rules of Engagement?

The proliferation of account takeovers, DDoS attacks,  ransomware and outright cyber extortion targeting individuals and institutions is not only disrupting the hack attack landscape, but also raising questions around our rules of engagement. How are we supposed to deal with all of this knowing the bad guys aren’t playing by the same rules that we…

Does EMV Make Online eCommerce Transactions Safer?

Ok, let’s get this quickly out of the way: EMV, the non-swipe chip-embedded credit cards are sturdy barriers against (in-person) credit card fraud.  However, when it comes to card-not-present eCommerce transactions (e.g. online ecommerce) where EMV is not a factor and where cybersecurity threats continue to proliferate, shouldn’t the customer experience be as secure and…

Digital Universe CyberSecurity Student Defenders in Action

After writing my blog about Students – Be the Next Defenders of the Digital Universe I received several inquiries about what RSA’s Anti-fraud Command Center does and how Purdue University works with that team.  Since this week’s national cyber security awareness month theme is Building the Next Generation of Cyber Professionals  it is perfect timing…

Students – Be the Next Digital Universe Defender

It is that wonderful time of the year when our kids go back to school and new university students ponder if they enrolled into the right major.  My nephew has changed his major three times so far – just last year! OK University students – let me give you a basic economics lesson – supply…

We’re not gonna take it!

After listening to the White House Summit on Cybersecurity and Consumer Protection last Friday, I went out to dinner with some friends in the security industry and we jokingly discussed “if the cybersecurity industry had a theme song what should it be?”  We all agreed that Twisted Sister’s “We’re not gonna take it” would be…

2015 Year of Cybersecurity Consilience?

Art Coviello just sent out his annual end of year letter with the following 2015 predictions: 1.Nation-state cyber-attacks will continue to evolve and accelerate but damage will be increasingly borne by private sector 2. Privacy debate will mature 3. Retail is an ongoing target and Personal Health Information (PHI) is next 4. The Internet Identity…