Steps for Fortifying Your Organization’s Data in the Cyber War

The most recent ransomware attacks should make every executive in every company take notice, and be worried. Last week, I spoke at a cyber event and came with a message: the continued focus on legacy endpoint and network security is almost worthless. As cyber attacks become more sophisticated, our reliance on legacy ‘castle and moat’ theory to […]

The Sony Hack in Context

The good news for the moment is that the North Korean attack on Sony Pictures is in the headlines and has the nation discussing cyber security issues. The bad news is that neither the press nor the government is placing the Sony attack in context. Considering the Sony case in isolation is equivalent to looking […]

DHS Secretary Napolitano Uses Hurricane Sandy to Hype Cyber Threat

No natural disaster in the last several years has passed without a government official or civilian “expert” using it to raise fears of cyber threats. That is why, after a series of snarky tweets over the last couple days by Rob Rosenberger, I was inspired to create a Google alert for any news item mentioning […]

Anonymous Sources Provide No Evidence of Iran Cyber Attacks

This is the headline that should have been affixed to the New York Times’ most recent story about supposed Iranian cyber attacks against oil and natural gas companies in Saudi Arabia and Qatar, as well as banks in the United States. In fact, it is the most appropriate headline for practically all of the news […]

The Automation of Espionage

Kapersky Labs has reported a new form of malware dubbed “Flame:” A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said. Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010. …This new […]

Cyber Threat Projection and the Insider Threat: Stuxnet Edition

[This post by CTOVision contributor Sean Lawson was also published at] Experts who theorize about cyber conflict talk about the ability to “project” power in and through cyberspace. They also warn of the danger from the “insider threat,” a trusted individual with access to sensitive systems or information who either deliberately or accidentally compromises […]