One of my first tasks after leaving NSA for private industry in the early 90s was to write my new company’s information security policy. I’m not sure my previous job as a cryptanalyst left me qualified for this, but I was viewed as the security guy. So, I attacked the task with vim and vigor. That first information security policy I wrote was a thing of beauty. I scoured the Orange Book and other resources to find every security requirement that might help us prevent a security incident.

Technology has become an essential part of daily life. From the way we get around to the things we buy, computers are at the forefront of change. This is especially true for vehicles. Vehicle technology has evolved dramatically over recent decades. The latest iteration of vehicle remodelling in the automobile industry is heavily software-focused, from autonomous and connected vehicles to electric vehicles and car-sharing.

The journey for someone to the role of Chief Information Security Officer (CISO) isn’t often straightforward. Take Sandy Dunn, for example. Per SailPoint, Sandy started as a paper delivery kid at 10 years old. She then worked her way through software sales, insurance, and even horses before becoming the CISO of a health insurance provider in Idaho. All these “entry-level” jobs share one thing in common.

Grooming is a method of establishing a connection with a person to perpetrate a crime against them. Grooming is becoming more common in fraud, both online as well as in interpersonal interactions. What’s more, scammers are getting more sophisticated in their techniques. There is a mistaken belief that scammers are forceful, arrogant, and therefore easy to spot, but many play a long game, carefully and patiently grooming the victim before asking for money.

The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working in the food and agriculture sector.

When we think about cyberattacks and malicious hackers, we often think in terms of our own personal lives and our own organizations. In my experience in cybersecurity, I often hear people say “Why would hackers target me?

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point within an organization.

I’ve been working at Tripwire for over two decades, and I’ve acquired a fair bit of swag over those years: branded jackets, hats, shoes, a watch, and of course a drawer full of t-shirts. One thing I never would have predicted owning was a Tripwire-branded face mask to protect me from a global pandemic. Over the past year, I’ve worn that face mask more than any of my other swag. Of course, none of my other swag protected me and others from a highly contagious, deadly virus.