A Review of the Best News of the Week on Cyber C-Suite Views
Black Hat 2017: Insightful, but too much hype (CSO Online, Aug 01 2017)
“Like many others in the cybersecurity community, I attended Black Hat in Las Vegas last week. Here are a few of my thoughts on the show:..The industry has become far too obsessed on the zero-day problem (i.e. zero-day exploits) and isn’t paying enough attention to eliminating all the manual tasks and busy work we do as cybersecurity professionals.”…
Cracking suicide: hackers try to engineer a cure for depression (The Verge, Aug 02 2017)
There have been at least five hacker suicides in the last decade that made the news. The typical hacker lifestyle doesn’t exactly sound like a breeding ground for good mental health. Erratic sleep patterns and prolonged isolation in front of a computer monitor are common. …
Will The Real Security Community Please Stand Up (Threatpost | The first stop for security news, Aug 02 2017)
Black Hat may be the benchmark signaling the end of security nihilism and snark, and a re-prioritization of energy toward the greater good….
Fired employee caught by keylogger wins case (Naked Security – Sophos, Aug 03 2017)
Spyware isn’t the preserve of foreign militaries and script kiddies…
In EternalPetya’s Wake, How Could Regulators Punish Victims? (Executive Perspective, Jul 24 2017)
U.S. regulators are ramping up investigations into why and how badly companies fell victim to this cyber campaign. In the lead is the New York Department of Financial Services (DFS), which has implemented one of the toughest cybersecurity regulatory schemes in the nation….
Symantec sells its problem SSL unit to DigiCert for $1B (CSO Online, Aug 03 2017)
Symantec has found a way to make a dispute with Google over the validity of its TLS and SSL certificates go away — and get paid almost US$1 billion in the process….
Social engineering: The basics (CSO Online, Aug 03 2017)
Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. …
Managing Physical Security (InfoSec Resources, Aug 04 2017)
According to the security expert S. Harris, “physical security protects people, data, equipment, systems, facilities and company assets.” She also enumerates various means through which this protection is managed: “site design and layout, environmental components, emergency response readiness, training, access control, intrusion detection, and power and fire protection.” …