main

Security

Federal CISO: Superhero Needed

May 16, 2018 — by Carl Herberger0

federal-ciso-superhero-960x457.jpg

A famous leadership coach said, “Only Superman can leap tall buildings in a single bound, the rest of us must chip away at our goals one day at a time.” What a befitting quote for the position of Federal CISO! This role of organizing, equipping, training and leading the nation’s cybersecurity programs is not only ominous, it has thus far been an utter failure when historically approached.

Security

A fifth of millennials would rather the U.S. government see what’s on their phone than their significant other

April 18, 2017 — by Radware34

harris-poll-govt-privacy-960x640.jpg

Breaches of personal data have big consequences. Ask any user of Ashley Madison. Ask executives at Sony. Ask Hillary Clinton’s campaign. And, as we learned from the recent Wikileaks dump, all those private messages you’re sending may not be so private.

So, if you had to choose, who would you rather have view what is on your phone? The government? Or your significant other?

DDoSSecurity

From Underestimating to Unplugging: Government Attitudes and Strategies on Cyber Security

September 8, 2016 — by Ben Desjardins0

government-cyber-security-strategies-2-960x720.jpg

Many years ago when Distributed Denial of Service (DDoS) attacks were becoming a more common problem, I had a meeting with a government agency (not to be named here). The discussion was broad in terms of challenges they faced around cyber security, but it was their response to how they handled DDoS attacks that stuck out more than any part of the meeting. “Oh, we just shut down the servers that are being attacked until the attack subsides,” was their input on DDoS defense strategy. Now, to be fair, this was in the early days of advanced thinking on DDoS defense, and also in the context of a broader climate where the view was if there’s a DDoS attack going on, it might signal an attempt to breach data from the server so best to lose availability than lose data confidentiality.

Times have changed since then and most any government agency now has to more evenly balance the availability threats with those targeting data confidentiality or integrity. Indeed, a few recent situations have highlighted the impacts of a loss of availability and the constituent reaction to security strategies that don’t effectively balance staying connected with staying secure.

DDoSSecurity

Is Your Organization In the Ring of Fire?

March 17, 2016 — by Shira Sagiv0

ring-of-fire-2-960x498.jpg

Schools are getting more sophisticated; there is no doubt about it. My kids recently had an "emergency study exercise" in grade-school where they needed to log in to the school system from home and participate in an online classroom, listen to a session and answer some questions.  The idea was to see if the school was prepared for emergency situations, where the kids couldn’t attend school for some reason, but they could continue studying remotely.  I thought that was pretty cool. 

I also learned recently about a high school in our area where all the classroom activity is conducted online.  The students have no books, no notebooks – only their laptop. 

Attack MitigationDDoS AttacksHTTP Flood AttacksSecurity

Why Bother to Demonstrate in the Streets When You Can Simply Launch a Cyber-Attack on a Government Website

May 7, 2012 — by Ronen Kenig0

Not in favor of the new law that was just passed, immigration policies too racist, the Catholic Church too corrupt, it is possible or organize a demonstration or take the fastest, easiest and most effective way and launch a virtual attack on the offensive website. Take down the parliament portal to protest unfair laws or policies, shut down the local police’s website or the website of any offensive organization. Hacktivists have been very effective launching attacks on government websites and their motivation increases with each successful attack.