Predicting things is easy. Predicting them accurately is more difficult. Here’s how I did on my predictions for this year.
Online consumers say they want more security on their accounts, but they have to be prodded to adopt two-factor authentication.
NIST has revised its guidance to help small businesses establish cybersecurity programs. It is based on the Cybersecurity Framework, which has proved to be a versatile valuable document since its publication in 2014.
A lot of attention has been given lately to the security in the Internet of Things. Unfortunately, there is already a widely installed base of vulnerable hardware and software that is being exploited for attacks. Are we doomed to another losing game…
Standards are being published for creating new private sector Information Sharing and Analysis Organizations. Will these ISAOs be the tools we need to improve the nation’s cybersecurity?
Despite years of rising concern over cybersecurity risk, the old conflict between operations and security remains the number one challenge for federal agency CISOs. Agencies must do a better job of building risk management into operational decisions.
The new U.S.-E.U. Privacy Shield, new European data privacy rules, Brexit, and globalization are combining to create interesting times for U.S. companies doing business across borders.
Given the diversity of the nation’s election systems and voting technology, there is no easy fix to ensure security. On the other hand, that diversity makes rigging a national election a significant challenge for would-be attackers.
With less than six months to the deadline for agencies to implement HTTPS on all public-facing websites, nearly half of .gov sites remain unprotected. Deploying the secure protocol should be one of the easier security mandates for agencies to meet.
A suggested phase-out by NIST of SMS for sending one-time passwords has been widely misinterpreted as a threat to two-factor authentication. No need to worry—2FA is not going away and you can still use your mobile phone as a token.
