10 years and counting! Such is the milestone of Verizon's 2017 Data Breach Investigations Report (DBIR). Like in years past, the 10th version of Verizon's research initiative highlights new patterns, evolving trends, and interesting findings in the information security field. It does so by synthesizing reports that Verizon received of discovered...

On average, each person has 27 online logins and passwords. They protect our bank accounts, our social media, our phones, and more. Passwords are the keys that unlock our digital lives. But what makes them so secure, and how can you make sure your passwords are doing a good job of protecting your information and your identity? Creating a Secure...

A battle between two rival families of malware is being blamed for the downtime that a Californian ISP suffered earlier this month. As BleepingComputer reports, customers of Sierra Tel unexpectedly found themselves without telephone and internet connectivity on April 10. In a statement issued by the ISP the following day, the blame was put firmly on...

Whenever you talk about WordPress security, every gig hands you a list of security plugins. My point of view and approach are different. I am not saying that using security plugins will not provide you efficient security. All I am saying is that only using security plugins will not completely secure your website. You have to take actions out of the...

Women currently represent only 11 percent of the cyber security workforce worldwide. This statistic is cause for alarm because it’s a key factor in the massive talent shortage that is impacting this crucially important field. It is estimated that, as of now, there are 1 million unfilled cyber security jobs—and that number is growing fast. This...

Tickets went fast for BSides Charm 2017. In just over two hours, this three-year-old event sold out and looks like it will welcome about 1,000 students, hackers and Information Security professionals to Baltimore’s famous Inner Harbor this weekend. Not bad for a con that drew just under 300 attendees in 2015. Perhaps it’s no surprise that BSides...

The upcoming GDPR compliance deadline of May 2018 affects any organization across the world that collects, processes, or stores data on citizens of the European Union. The intent behind the GDPR is to better protect the privacy of EU citizens, and the mechanism to do so is through harmonizing the existing data privacy laws across Europe. “The six...

Governments ought to disclose zero-day vulnerabilities and begin to collaborate to make digital disarmament more than just ‘a thing.’ The case for these policy changes is becoming increasingly clear as new public debates begin to take shape around online privacy, trust and the prevention of cyber conflict. However, much work lies ahead in correctly...

The cybersecurity industry can be made stronger if we attract more women and non-males. I've had the pleasure of interviewing some in my series. I spoke to Dr. Jessica Barker, who advises organizations on information security and maintains a blog at Cyber.uk. Then I spoke to Emily Crose, a network threat hunter. Most recently, I had the opportunity...

The title of this piece is quite obvious, but it is also an unappreciated fact. Consider for a moment the change we have seen over the last 30 years: access to cyberspace was scarce, often limited to enterprise users such as governments, educational institutions and the largest corporation, whereas today, there are billions of users that treat the...

Many organizations migrate to the cloud because of increased efficiency, data space, scalability, speed and other benefits. But cloud computing comes with its own security threats. To address these challenges, companies should create a hybrid cloud environment, confirm that their cloud security solution offers 24/7 monitoring and multi-layered...

Make no mistake: just like watching a perfect ballet performance, success is attributed to the hard work done behind the scenes. Only the best are chosen. The same goes for preparing and submitting a security project business case. Securing funding for a security project starts with a credible and comprehensive business case that not only justifies...

Fraudsters are using fake Delta Air Lines receipts that lack any flight information whatsoever to infect unsuspecting users with malware. An attack begins when a user receives a fake payment confirmation email from Delta Airlines. Fake Delta Airlines receipt. (Source: Heimdal Security) Notice...

Even if you’re not in the utility industry, it’s hard to ignore the slow march forward of the smart meter. The days of a utility employee stopping by to check the meter are well on their way out. In fact, it’s hard to imagine a system that relies on someone physically showing up to check the meter at all. Today, smart meters go beyond simply...

When the world's biggest online advertising platform is reported to be working on a technology to block ads in the world's most popular browser, it's no wonder that some eyebrows will be raised. According to a report in the Wall Street Journal, Google is planning to build an ad blocker into Google Chrome. The feature, which would be turned on by...

London gun owners want to know if the Metropolitan Police shared a database containing 30,000 firearm registrants' information with a marketing firm. On 18 April, 5,000 rifle owners and 25,000 shotgun owners living in London received a leaflet in the day's mail. Titled "Protect Your Firearms and Shotguns with SmartWater," the leaflet urges the...

In any conflict, humans are impacted. In conflict, the best scenario is that the individual leaves unscathed and perhaps even unaware of what could have been their misfortune, whereas in the worst of cases – such as kinetic warfare – the impact can be the ultimate price: loss of life. There is also a cruel truth of conflict that often gets looked...

Cyber security is a priority for every country in today's world. Canadian educators are among those who understand this fact. This explains why some of Canada's teachers are creating programs designed to foster students' interest and skills in the field. We at The State of Security are enthusiastic about these new cyber security educational programs...

The Center for Internet Security (CIS) Top 20 Critical Security Controls, or "Foundational Controls," can help any organization address the growing number of digital security threats confronting them. Obviously, for these controls to reduce risk, a company must first implement them. Failure to do so can result in some real security nightmares. IT...

The world is currently experiencing a serious cyber security talent shortage that is having profound effects on businesses and governments alike. An alarming number of cyber security/information security professionals surveyed for ISACA’s State of Cyber Security 2017 report (37 percent of 633 respondents) said fewer than 1 in 4 job applicants...