A selection of this week’s more interesting vulnerability disclosures and cyber security news. An article that prompts many questions regarding use of PII in a passive way, misses one obvious question: Why was Wi-Fi enabled on 5.9 million devices while in transit? When you next get a moment, just check what, and why you need Wi-Fi and other communications features enabled all the time.
As of today, security is a hot topic for not just IT industry but almost everyone. From personal mail accounts to data encryption, everyone has something valuable to protect. When we ‘protect’ something, we build a physical and/or virtual system that hinders any unauthorized viewers and users.
Many of you will remember the 25th of May 2018 as the day GDPR became legally enforceable. That week, our emails were bombarded with updates to privacy policies or requests for us to ‘opt-in’ to having our data processed. Funnily enough, many of these were unnecessary and, in some cases, missed the point entirely.
Internet security, in general, is a challenge that we have been dealing with for decades. It is a regular topic of discussion and concern, but a relatively new segment of internet security is getting the lion’s share of attention—internet of things (IoT). So why is internet of things security… a thing?
Detection of change is easy… There, I said it. Anyone can do it. One thousand monkeys with keyboards can pound out scripts to detect change. What is not so easy, what the monkeys can’t do, is reconcile change. Even worse, it’s usually the monkeys who make the changes that bring everything crashing down around your knees. It’s the reconciliation of change that most organizations have the most trouble with. What was the change? When was it made? Who made it? Was it authorized?
The explosion of unstructured content is undeniable, and this growth is being fueled by businesses. The files that keep the wheels of business turning — documents, spreadsheets, images, PDFs — double in volume every 1-2 years. As unstructured content becomes more integral to business gets done, its value grows too. As it goes with anything of value, it becomes highly coveted, even to the point that others try to steal it. So what is a business to do?
The concept of emotional intelligence was first introduced by psychologist Dr. Daniel Goleman in 1995. Dr. Goleman found that while intelligence (IQ) is an important factor in leadership, a high level of emotional intelligence (EI) marks those who emerge as highly effective leaders. Emotional intelligence involves soft skills such as discipline, motivation and empathy.
I was watching a wonderful webcast by Marie Forleo. It was part of her “Copy Cure” course, and if you are unfamiliar with Marie and her work, take the time to explore some of her wisdom. Her webcasts are gems, particularly if you work in the consulting space. During the webcast she mentioned a phrase that should be at the top of mind for every InfoSec professional: If you confuse them, you lose them.
Among security professionals, one way to identify a breach or spurious entity is to detect anomalies and abnormalities in customer’ usage trend. At Google, we use Forseti, a community-driven collection of open-source tools to improve the security of Google Cloud Platform (GCP) environments. Recently, we launched the “Forseti Intelligent Agents” initiative to identify anomalies, enable systems to take advantage of common user usage patterns, and identify other outlier data points.
