Cybersecurity |
Sponsored by |
|
During a talk at the RSA Conference, security expert Bruce Schneier called for the creation of a new government agency that focuses on internet of things regulation, arguing that "the risks are too great, and the stakes are too high" to do nothing. more
In a blog post published today on Microsoft's website, company President and Chief Legal Officer, Brad Smith, has raised concerns over escalating cyberattcks over the past year and the need for a Digital Geneva Convention. more
In the first post on DDoS, I considered some mechanisms to disperse an attack across multiple edges (I actually plan to return to this topic with further thoughts in a future post). The second post considered some of the ways you can scrub DDoS traffic. This post is going to complete the basic lineup of reacting to DDoS attacks by considering how to block an attack before it hits your network -- upstream. more
NANOG 69 was held in Washington DC in early February. Here are my notes from the meeting. It would not be Washington without a keynote opening talk about the broader political landscape, and NANOG certainly ticked this box with a talk on international politics and cyberspace. I did learn a new term, "kinetic warfare," though I'm not sure if I will ever have an opportunity to use it again! more
The domain name system is in good health. But it's about to get even better. The Domain Name Association (DNA), the Internet domain industry's trade association, undertook an effort in 2016 it named the Healthy Domains Initiative (HDI). It's an ambitious, self-motivated effort to build on the DNS' already secure and stable platform and meet select challenges head-on, before they develop. more
US leadership and influence online stems from US innovation and corporate risk-taking. But it also is the direct result of US Government policy. In the early days of the web and e-commerce, the Clinton administration recognized they had to figure out a strategy to reconcile the internet, which is global, with laws and regulations, which are domestic. Instead of demanding negotiations for shared global rules, Administration officials put forward a set of principles, which they called the Framework for Global Electronic Commerce. more
Who do you think deserves recognition in the Internet Hall of Fame? Do you know of someone who has played a key role in the Internet's development who should be recognized? (And is not already among the existing IHOF inductees?) If you know of someone who deserves the recognition, nominations are open until March 15, 2017. As outlined by Internet Society President & CEO Kathy Brown in a blog post today, the Internet Hall of Fame seeks to honor three types of inductee. more
President Donald Trump expected to sign an executive order on cyber security on Tuesday. more
US law-enforcement agencies are at risk of being spied on and hacked because some of their field offices are located in foreign-owned buildings without even knowing it. more
Private or public? Both cloud types offer benefits and both have enjoyed significant growth over the last few years. Yet, what's the best bet for your business: The virtually limitless resources of public cloud stacks, or the close-to-home control of private alternatives? Here's a look at some critical differences between public and private clouds... more
2016 broke the previous all-time high, set back in 2013, for the number of records exposed from reported data breaches. more
Many organizations are struggling to overcome key conceptual differences between today's AI-powered threat detection systems and legacy signature detection systems. A key friction area -- in perception and delivery capability -- lies with the inertia of Indicator of Compromise (IoC) sharing; something that is increasingly incompatible with the machine learning approaches incorporated into the new breed of advanced detection products. more
In Part 1 of "Bug Bounty Programs: Are You Ready?" we examined the growth of commercial bug bounty programs and what organizations need to do before investing in and launching their own bug bounty. In this part, we'll discuss why an organization needs to launch a bug bounty program, and what limits the value they will likely extract from such an investment. more
Distributed Denial of Service is a big deal -- huge pools of Internet of Things (IoT) devices, such as security cameras, are compromised by botnets and being used for large scale DDoS attacks. What are the tools in hand to fend these attacks off? The first misconception is that you can actually fend off a DDoS attack. There is no magical tool you can deploy that will allow you to go to sleep every night thinking, "tonight my network will not be impacted by a DDoS attack." more
The premise of crowdsourcing the task of uncovering new bugs and vulnerabilities in an organization's web applications or consumer products sounds compelling to many. What's not to like with the prospect of "many eyes" poking and prodding away at a corporate system for a minimal reward -- and preemptively uncovering flaws that could have been exploited by hackers with nefarious intent? more
A World-Renowned Source for Internet Developments. Serving Since 2002.