NetEvents

All posts in Newsletter

By Alan Zeichick Location-as-a-Service (LaaS) isn’t a new concept. There are times when you simply want to know where a physical object is hiding. Perhaps it’s your car keys. Perhaps it’s a misrouted suitcase, an overnight package, a shipping pallet, a stolen cargo container, or Police Car #54. Where are you? For the first use case, lost car keys, there’s Tile, a battery-powered gadget that works within the 30-meter radius of a Bluetooth signal. For the other cases, there are several providers, but arguably the most interesting is PoLTE, a startup based near Dallas. I spent a lot of time talking to the company’s CEO, Ed Chao, at the recent Read more


By Alan Zeichick and Mark Fox The U.S. Department of Homeland Security (DHS) understands the threat posted by bad apples on the Internet: Long-standing threats are evolving as nation-states, terrorists, individual criminals, transnational criminal organizations, and other malicious actors move their activities into the digital world. Enabling the delivery of essential services—such as electricity, finance, transportation, water, and health care—through cyberspace also introduces new vulnerabilities and opens the door to potentially catastrophic consequences from cyber incidents. The growing number of Internet-connected devices and reliance on global supply chains further complicates the national and international risk picture.” That’s part of the introduction to the long-awaited Cybersecurity Strategy report, released by the Read more


By Alan Zeichick and Mark Fox The healthcare industry is vulnerable to cyberattacks – arguably more vulnerable than most industries. The technology is constantly changing, and so are the regulations regarding certifying that technology. Devices are hard to configure, and hard to secure, and medical equipment often isn’t under the tight control of a facility’s IT department (other than supplying a network connection). And the prize for breaching a hospital or other medical practice? Lots of personal data worth big money on the Dark Web. It doesn’t help that there are security flaws in some devices. Take, for example, computed tomography (CT) scanners. One maker, Philips, disclosed on May 1, Read more


By Alan Zeichick and Mark Fox The deadline for compliance with the General Data Protection Regulation (GDPR) is coming up fast. Says the European Union: “Enforcement date: 25 May 2018 – at which time those organizations in non-compliance may face heavy fines.” Bad news: Companies aren’t ready. Neither are regulators. Remember that the GDPR doesn’t only apply to European entities, says the regulation. “The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the Read more


By Alan Zeichick and Mark Fox Did you know that majority of businesses (56%) in the United Kingdom hold personal data on customers, beneficiaries or donors electronically? That’s a lot of information – and a lot of potential for data breaches. Not just potential. In study published by the U.K. Department for Digital, Culture, Media, and Sport, 43% of businesses report data breaches or other cyberattacks. The Cyber Security Braches Survey 2018 says that: More than four in ten businesses (43%) experienced a cyber security breach or attack in the last 12 months. Three-quarters of businesses (74%) say that cyber security is a high priority for their organization’s senior management. Read more


By Alan Zeichick and Mark Fox Tier 1, Tier 2, Tier 3. Security analysts. Incident responders. Hunters. The industry tends to toss those terms around when describing the cybersecurity specialists that staff a Security Operations Center (SOC). What exactly do they mean? And how standardized are those descriptions? The short answer is that the job tiers are fairly common across SOCs, but it’s by no means a standard. A job posting I found at an employment site, for example, describes: Security Operations Center Technician, Tier 1: The Tier 1 Security Operations Center Analyst will act as the first responder to account/system attacks to determine threat vectors and then provide initial Read more


By Alan Zeichick & Mark Fox SAN FRANCISCO — There was no shortage of news at the RSA Conference, held here from 16-20 April 2018. With thousands of participants, and seemingly thousands of vendor announcements, two big trends seemed to drive momentum: Artificial Intelligence and Botnets. Certainly, there were many topics of conversation, covering everything from the ransomware attack on Atlanta, to reports of cyberwarfare, to the rise of cryptocoin mining, to hardware flaws as evidenced by Spectre/Meltdown. Still, AI and botnet attacks seemed to hold everyone’s attention. Here are some of the top RSA news stories around artificial intelligence, botnets, and other areas, including the fast-growing field of Endpoint Read more


By Alan Zeichick and Mark Fox The United Kingdom is under attack. Not from a single large adversary, but from dozens or hundreds of cybercriminals, some large and well-organized, others small and opportunistic. Some attackers wants to cripple the U.K.; others want to turn a quick profit. The brand-new report, “The cyber threat to U.K. business,” issued in April 2018 by the National Cybre Security Centre (NCSC), describes many of those threats in painful detail. The report talks about the biggest incidents of 2017 in a number of categories, including ransomware, distributed denial of service (DDoS), data breaches, supply chain compromises, and fake news. It also looks at business email Read more


Lights! Camera! Champagne! The winners of the IoT, Cloud & Cybersecurity Innovation Awards 2017 couldn’t be happier — especially since it wasn’t an easy road to victory. First, the nominees for the awards had to submit an entry. There were six awards categories – three for “Hot Start-Ups” and three for “Innovation Leader.” Within each of those broad areas, there was one award focused on each of the Internet of Things (IoT), Cloud/Datacenter and Cybersecurity. The initial nominations, and there were many, were run past 40+ leading technology press and industry analysts representing 35+ countries across the globe to determine a list of finalists. Those finalists were then judged at Read more


Did you know that the lingua franca used by hackers is Russian? That language, not English, is what cybercriminals of all nationalities use to share intelligence, recruit team members, and crow about their victories on the Dark Web. Just because the information is in Russian, though, that doesn’t mean the players are actually Russian. That’s one of the insights from the opening keynote panel at the Global Press & Analyst Summit on Sept. 28, held in Silicon Valley. The panel was moderated by Alan Zeichick, Principal Analyst at Camden Associates. Three top cybersecurity law enforcement experts made up the panel: MK Palmore of the FBI’s Cyber Branch in San Francisco; Read more