An Impassioned Perspective

As someone who speaks at many conferences and hears (and gives) many keynotes, I was struck by the extraordinary passion and commitment in Art Coviello’s keynote at RSA Conference US last week. His call to action certainly echoed his keynotes of the past several conferences, in his conviction that we – all of us –…

Rogue Refrigerators and Critical Infrastructure

Several weeks ago, Proofpoint announced that their investigation of a major cyber-attack launched in late December 2013 uncovered the use of more than 100,000 malware-infected consumer devices as the source of malicious email. The devices included “home-networking routers, connected multi-media centers, televisions and at least one refrigerator”. As the Proofpoint announcement noted, this appears to…

RSA Rises to the Challenge of APTs

Recent news around APT attacks have underscored the critical importance of improving our techniques for rapidly detecting, analyzing and responding to APTs. To foster research in this area, Los Alamos National Lab (LANL) recently released an anonymized dataset of DNS activity collected from their internal servers over a two months window (February and March 2013), overlaid with traffic from 20 simulated APT attacks during the month of March. LANL also issued a public challenge to the cybersecurity community to “develop techniques for detecting malicious externaldomains given the DNS logs for a site and to identify potentially infected hosts in the process.”

Architecting an Anti-Fragile Smart Grid

In the ramp-up to the European Smart Grid project that I’ve mentioned in a number of earlier blogs, I often find myself paying particular attention to the security implications of energy-related events in the daily news. Because the massive power outages in the United States during the recent “Polar Vortex” occurred during my recent visit there (fortunately not affected by the outages!), I found myself thinking about the implications of those outages for Smart Grid, particularly in terms of resiliency, robustness and anti-fragility.

Applying Systems Thinking To Security and Safety

One of the invited papers at the ACSAC conference in New Orleans last week was by Dr. Nancy Leveson on “Applying Systems Thinking to Security and Safety”. I had arrived in New Orleans very late the night before and wasn’t sure I’d be up for an 8:30 presentation. But I’ve been interested in systems theory…

Balancing Security and Privacy: Embracing an Advanced Cyber Defense Strategy

In his recent keynote at RSA Conference Europe 2013,  Art Coviello, RSA Executive Chairman, painted a sobering picture of the challenges confronting cybersecurity professionals. We face a continued increase in the sophistication and rate of cyberattacks. Attack surfaces are expanding, due to the explosion of apps, digital content, mobile devices and virtualized infrastructure.  And legacy…

Hastily Defined Netwoks and Planning for Disaster

I gave the closing presentation recently at the Judgement Day 8 cybersecurity conference in Bratislava, Slovakia. It was an interesting forum, with presentations earlier in the day by folks from F-Secure, Checkpoint, IBM, McAfee, HP and Cisco. Of these, the presentation by Michal Remper (Cisco) was particularly interesting, a discussion of the “Hastily Defined Networks” that Cisco has provided in a number of crisis situations, including in the aftermath of Hurricane Katrina. At the end of his presentation, Michal summarized a few lessons from the Cisco experiences in cases such as this. Although he didn’t put it quite this way, one of the key lessons was that however hastily the emergency network has to be provided, it is vitally important to have it well thought through and well-defined before the emergency occurs. In fact, the lesson I came away with was that what’s needed is Not-so-hastily defined networks. But is that really possible? Are there disasters that we simply can’t plan for and that will always require the flexibility to create hastily-defined responses?

The Danger of Denial

I was very surprised recently, in a conversation I had with someone I used to work with, to hear him remark that he didn’t think there is any such thing as stealthy, targeted attacks. His comment was something like “those warnings about APTs, targeted attacks, whatever you want to call them, is just a distraction…

By the Shores of Balaton: Speaking of (Security) Transformation

MC has been doing a lot of exploration of the transformations in information technology and security over the past few months. As I discussed in several blogs , this was a major theme at EMCworld 2013. It is a major topic in the EMC Forums that are being held world-wide, such as the EMC Forum in Frankfurt at which I spoke recently. We’ve also been discussing it in a number of blogs, such as the recent one by Jeff Carpenter on biometrics and the on-going series by Steve Todd on the evolution of IT.