Doug Bedell — July 15, 2019, 12:00 pm

Meet a Foe of Cybersecurity Risks to Small Businesses


Here’s a discussion of what small businesses are doing in seeking to overcome cybersecurity risks and function safely on the Internet. Byron V. Acohido on The Last Watchdog provides information that is well worth spending time with in the interest of small business web security.

“A recent survey of more than 1,000 senior execs and IT professionals, called the AppRiver Cyberthreat Index for Business Survey, showed a high level of awareness among SMB (small business) officials that a cyberattack represents a potentially devastating operational risk,” Achohido contributes.

“What’s distinctive about this index is that AppRiver plans to refresh it on a quarterly basis, going forward, thus sharing an instructive barometer showing how SMBs are faring against cyber exposures that will only continue to steadily evolve and intensify.”

If you’re a small business this looks like it’s well worth following up on. The hazards of not keeping attentive to hacking security risks are real.

Doug Bedell — July 13, 2019, 9:42 am

Maitaining Corporate IT Security: A Vexing Challenge


Protection against computer security attacks is becoming daunting for corporate IT managers, Danny Bradbury advises on the Naked Security blog. This after a survey of 3,100 IT managers across 12 countries.

“According to the survey, two out of three organizations (68%) suffered a cyber attack in 2018 that they were unable to prevent from entering their network. Nine out of 10 (91%) said they were running up-to-date cybersecurity protection at the time…

“The inability to fend off increasingly complex attacks worries companies because of its potential implications. Data loss was the number one concern for 31% of respondents, followed by cost and damage to the business, which were the biggest concerns for 21% of people.”

So, corporate people with IT security concerns have lots of company. To find out more about what IT managers think, read the full survey.

Doug Bedell — July 10, 2019, 7:59 am

Does the U.S. Need a Department of Cybersecurity?


Something to consider as we keep hearing about computer break-ins and hacking: To enhance cyber security, maybe the U.S. needs a cabinet-level Department of Cybersecurity.

This possibility is raised by the In Homeland Security blog, which warns that “The U.S. is more vulnerable than ever to cyberattacks from foreign adversaries who attempt to penetrate vital American companies and steal intellectual property.

“For example, one of the key components of the U.S.-China trade confrontation is Beijing’s continued strategy of cyberattacks on American companies to gain vital intellectual property which previous administrations failed to stop.”

“Security” has been largely a terrestrial term, that is, insuring physical safety. But computer security has been taking on steadily growing importance as the Internet becomes an environment of its own.

Thus, “Many experts suggest the creation of a Department of Cybersecurity. This new federal agency would be modeled after the Department of Homeland Security (DHS) – which was formed shortly after the 9/11 terrorist attacks. Similarly, the Department of Energy (DOE) came into being in 1977 after the energy crisis of the mid-1970s caused by the oil embargo by Arab nations belonging to the Organization of the Petroleum Exporting Countries (OPEC).”

Give it some thought.
.

Doug Bedell — July 8, 2019, 2:57 pm

Cyber Security Portents For the Year Ahead


The Security Ledger site reports on premonitions held by security professionals as they prepare to assemble for the Black Hat event coming up in Las Vegas August 7th and 8th.

The Ledger titles the post: “Ahead of Black Hat: Fear and Pessimism in Las Vegas”.

Ahead of Black Hat, “A survey of information security professionals by conference organizers reveals deep misgivings about the security of U.S. critical infrastructure and pessimism about the government’s readiness to respond to large scale cyber attacks…

“Almost two thirds (63%) believe that voting machines are likely to be hacked in next year’s presidential contest. An identical share said they believed that Russian offensive cyber efforts will impact the U.S. elections.”

Not a rosy outlook, we’d say.

Doug Bedell — July 5, 2019, 11:00 am

‘Smart Homes’ Will Be Doing Everything But Hovering


Here’s a look at a home of the very near future that will be not only secure, but electronically smart. Security InfoWatch shows us what Resideo has been doing to provide smart homes.

“First,” the post explains, “you have a network of piping that distributes water around the home and Buoy and some other water leak technologies we have in our portfolio now help protect against any kind of serious or catastrophic leaks,” Harkins explains.

“The second network we think of as duct work and how air moves around and is distributed throughout the home. Air is what makes people comfortable and, by the way, indoor air quality is a key component of health and we are already a leader in that space with lots of damper controls, venting, air filtration products, etc.

“The third network is the copper wires that run throughout a house in the electric network and how energy is transmitted through a home. The acquisition of the energy management asset from Whisker Labs really helps us to create new and interesting energy management and control (products) within the home.”

Who would ever want to leave such a smart domicle?

Doug Bedell — July 3, 2019, 3:56 pm

Digital License Plates Are Arriving, Along With Privacy Concerns


You’re seeing it here, if not first, at least an early edition – digital license plates are arriving. They’re legal now in three states – California, Michigan and Arizona – and are pricey to maintain. But that should change as more states allow them.

UPI.com provides this news.

“Developers say digital plates utilize “advanced telematics” – to collect tolls, pay for parking and send out Amber Alerts when a child is abducted. They also help recover stolen vehicles by changing the display to read ‘Stolen,’ thereby alerting everyone within eyeshot…”

But, of course, as with anything digital “there are privacy concerns about ‘smart’ plates that transmit over the air and store personal data”. Ah well, that’s being worked on and transmission day may not be that far off for your car.

Doug Bedell — July 1, 2019, 8:58 pm

Security Can Hinge on Digital Evidence; Suggestions For Preserving It


More and more we’re finding security discussed in digital terms. Here’s an example, from In Public Safety, “Countering Criminals’ Attempts to Destroy Digital Evidence”.

Evidence can be collected from smartphones and computers. Police officers need to be mindful of collecting digital devices before they can be wiped clean. That becomes like playing cat and mouse with a newly encountered suspect.

Dr Jarrod Sadulski, currently in the Coast Guard and writer of the post, provides suggestions on how to maintain digital evidence. They’re signposts in this digital age.

Doug Bedell — June 28, 2019, 11:42 am

Keyless Locks Can Pose a Security RiskToo


It looks appealing to have a door lock that doesn’t open with a key, but beware of keyless smart locks, advises ThreatPost.

“Ultraloq is a Bluetooth fingerprint and touchscreen door lock sold for about $200.” ThreatPost reports. “It allows a user to use either fingerprints or a PIN for local access to a building. Ultraloq also has an app that can be used locally or remotely for access.

“When Pen Test Partners, with help from researchers identified as @evstykas and @cybergibbons, took a closer look they found Ultraloq was riddled with vulnerabilities…

Read on in the post to find how digital security can be thwarted in keyless locks.

Doug Bedell — June 26, 2019, 12:02 pm

Security Enhanced By Academic Learning


Eric W. Adams on In Public Safety reports on how choosing the right set of instructors and coursework added to his is proficiency in security, in his case intelligence work.

“In one of my early graduate classes, INTL501 Strategic Intelligence,” Adams explains, “the professor focused on strategic intelligence analysis and assessments of nation states around the world. Since I was professionally interested in Russia, I became focused on learning about Russian President Vladimir Putin’s focus on increasing and sustaining Russian ideals by resurrecting the nation’s past efforts and visions of Russian prowess, and repairing damage done after the collapse of the Soviet Union.”

Choosing appropriate coursework usually supplements shoe-leather experience, and that’s true in security studies, too. Adams, who has master’s degree in Intelligence Operations, explains how his his focus on Russian studies “translated to more patience and thoroughness in my professional work, which has led to a more comprehensive understanding as I assess indicators” in daily rounds.

In other words, choose your security interest and learn all you can about it – it can’t hurt.

Doug Bedell — June 24, 2019, 12:31 pm

Considering School Security ‘Guardian’ Programs


Here, on SecurityMagazine.com, is a discussion of creating armed school Guardian programs. They take the complexities of school protection tactics a notch further.

“Not unlike the rational utilized by other states who choose to implement a Guardian program, the Florida Senate Bill analysis states that,’…The bill improves school security measures by expanding school district options and eligibility for participation in the Coach Aaron Feis Guardian Program’. In other words, the reasoning for arming selected employees is an asserted linkage between armed staff and faculty, and improved campus security. As a result, for decision makers in the education field who must take into consideration a variety of options as to the value and risks of a Guardian program, arming teachers and staff is a true dilemma. Below are seven considerations that can help campus administrators as they weigh the decision making process to implement a Guardian program…”

There’s more, and the options should be thoroughly understood before deciding on launching a school Guardian program.