Taylor Armerding

Robots: Lots of features, not much security

Robots: Lots of features, not much security

Robotics is one of the fastest-growing components of the IoT. It can also be one of the more dangerous, if taken over by hackers. And given the level of vulnerabilities in them, that is a clear and present risk.

IP theft: Declining, or just more stealthy?

IP theft: Declining, or just more stealthy?

China and the US agreed 18 months ago to stop “knowingly” tolerating economic espionage. According to some studies, the agreement is working. Others aren’t so sure, however.

Want good cyber insurance? Read the fine print

Want good cyber insurance? Read the fine print

Given the explosive growth of online threats, cyber insurance is becoming mandatory for most organizations. But the field is still new enough that buying an effective policy takes a lot of due diligence and attention to the fine print....

Bots: Biggest player on the cybercrime block

Bots: Biggest player on the cybercrime block

Bot fraud cost an estimated $31 billion in the US last year, dwarfing the estimated $1 billion lost to ransomware and DDoS attacks.

Will a cyber crisis add to chaos of Trump’s first 100 days?

Will a cyber crisis add to chaos of Trump’s first 100 days?

Forrester Research predicted last fall that the new president would confront a “cyber crisis” within the first 100 days. Experts say that’s an easy call – depending on how you define a crisis.

FDA 'guides' the way to medical device security

FDA 'guides' the way to medical device security

The FDA’s “guidance” documents on medical device security are non-binding. But advocates say they will still have plenty of legal force – especially when it comes to things like insurance or civil suits for damages from insecure...

To pay or not to pay: Too many victims say yes to ransomware

To pay or not to pay: Too many victims say yes to ransomware

Ransomware’s success rate is so alarming that it is the subject of an all-day “summit” at this week’s RSA conference. Ironically, experts say defending against it is not terribly difficult, and how to do it is widely publicized – it’s...

Can the FTC save the IoT?

Can the FTC save the IoT?

Enormous amounts of effort, time and money haven’t made much of a dent in the insecurity of the Internet of Things. So, what about making more use of the old-fashioned lawsuit? The Federal Trade Commission is having some impact with...

Obama’s cybersecurity legacy: Good intentions, good efforts, limited results

Obama’s cybersecurity legacy: Good intentions, good efforts, limited results

President Obama declared early in his presidency that cybersecurity was a priority. Most experts agree he delivered a significant effort. But they also agree that the effort didn’t deliver better security.

FBI v. Apple: One year later, it hasn’t settled much

FBI v. Apple: One year later, it hasn’t settled much

At the one-year anniversary of the battle between the FBI and tech giant Apple over unlocking an iPhone, surveillance and privacy rules have not really changed. But they could this coming year, and the debate over that is as intense...

Passwords: A long goodbye

Passwords: A long goodbye

There is no debate about the reality that passwords are a “fundamentally broken” method of authentication. But it is still expected to take time – likely years – for the replacement model to become mainstream.

Can government really fix the IoT mess?

Can government really fix the IoT mess?

The Internet of Things is an ever-expanding attack surface. And a growing number of experts note that the market has failed to address that problem. They are now saying it will take government intervention.

Top 15 security predictions for 2017

Top 15 security predictions for 2017

So here are some of the best guesses about what we will see in 2017 from several dozen vendors and analysts. There are many more than 15 predictions out there, of course, but these are the ones we heard most frequently.

Ransomware as a Service fuels explosive growth

Ransomware as a Service fuels explosive growth

Ransomware as a Service has made the entry into the world of cyber crime cheap and easy. Meanwhile, people and organizations still aren’t protecting themselves. No wonder it is exploding.

Is critical infrastructure the next DDoS target?

Is critical infrastructure the next DDoS target?

DDoS attacks are vastly bigger now, thanks to botnets composed of Internet of Things devices. A recent attack that took down a portion of the internet has led to questions about whether something similar could shut down critical...

DDoS attack on Dyn could have been prevented

DDoS attack on Dyn could have been prevented

The Online Trust Alliance issued a prescription earlier this year for securing IoT devices. But even the alliance’s director admits that, with billions of devices already in use, change will not come easily or quickly.

Bots may be trumping online polls

Bots may be trumping online polls

Poll results are supposed to be driven by opinions, but marketers, politicians and others know opinions can be driven by polls. Hence the rising use of bots to skew perceptions in favor of a product, a celebrity or, at this time of...

BSIMM7: Older then, younger now

BSIMM7: Older then, younger now

Software security is going mainstream, which means the BSIMM, launched to create communal measuring tools, is attracting a younger membership.

Taking down the internet: possible but how probable?

Taking down the internet: possible but how probable?

Security guru Bruce Schneier reported recently that the companies that maintain the “backbone” of the internet have been under increasing attacks designed to test their defenses. It’s the kind of thing, he said, that could mean an...

Hillary Clinton’s email has vanished but why can’t yours?

Hillary Clinton’s email has vanished but why can’t yours?

Experts agree that recent high-profile cases demonstrate that emails can be permanently destroyed. But they also warn against complacency. They still recommend treating emails as if they really are “forever.”

Load More