Government moves to a secure connection standard for websites

The White House has established an HTTPS-only standard for federal websites, requiring all public sites to use the encrypted connection protocol within 18 months. Agencies can leverage private sector experience in making the switch. Declaring that Americans deserve a high level of assurance when visiting federal websites, the White House has mandated that all agencies adopt … Continue reading Government moves to a secure connection standard for websites

More bad news yet to come from government breaches

Major back-to-back breaches at federal agencies illustrate a vicious circle in cyberattacks: Personal information stolen in one breach is being reused to enable secondary breaches. Expect data stolen from OPM to be used elsewhere.  More bad news this week on the cyber front. The U.S. Office of Personnel Management (OPM) announced a breach of its … Continue reading More bad news yet to come from government breaches

Snow Crash and the Future of Now

Cyberpunk author Neal Stephenson pulled off a difficult feat in his techno-thriller “Snow Crash;” he created a future that does not seem dated 25 years after it was written. How close did he come in predicting the early 21st Century? I’ve been rereading “Snow Crash,” an early techno-thriller by Cyberpunk author Neal Stephenson. It’s a great … Continue reading Snow Crash and the Future of Now

New Internet Protocols emerging as a vector for DDoS attacks

The adoption of IPv6 is opening up new attack vectors for Denial of Service attacks as researchers probe the next generation of Internet Protocols for weaknesses, according to the most recent State of the Internet—Security report from Akamai. Distributed Denial of Service attacks (DD0S) became more common and more robust in the first quarter of … Continue reading New Internet Protocols emerging as a vector for DDoS attacks

A workable cybersecurity bill? Maybe.

The latest entrant in the increasingly crowded field of proposed cybersecurity legislation appears to offer adequate protections on personal information as well as appropriate corporate shields. We’ll see. There is a new entrant in the increasingly crowded field of proposed cybersecurity legislation. The Cybersecurity Information Sharing Act of 2015, (S.754), was introduced by Sen. Richard … Continue reading A workable cybersecurity bill? Maybe.

New DOD Cyber Strategy puts a new focus on private infrastructure

The latest Cyber Strategy, released this week by the Pentagon, refines the nation’s strategic goals in cyberspace and recognizes for the first time the DOD’s responsibility to protect private sector networks that are not necessarily critical infrastructure.  The Pentagon has released its latest Defense Department Cyber Strategy, updating its original strategy released in 2011 and … Continue reading New DOD Cyber Strategy puts a new focus on private infrastructure

Some nice stranger filed my 2014 tax return

Despite increased efforts by the IRS to catch fraudulent tax returns, the growth in electronic filing has produced a tidal wave of phony philings during the 2015 tax season. I had a number of unpleasant surprises while doing my taxes this year. (Has anyone ever had a pleasant surprise while doing his taxes?) The first … Continue reading Some nice stranger filed my 2014 tax return

Investing in cannabis, and helping the pot industry become HIPAA compliant

The marijuana industry still operates in a legal limbo but is beginning to emerge from the underground as a big business. InvestinCannabis.com wants to leverage IT to help the nascent industry grow, including helping medical marijuana dispensaries to comply with HIPAA. Pot has been a big business for decades, but with the recent liberalization of … Continue reading Investing in cannabis, and helping the pot industry become HIPAA compliant

The President’s Executive Order on Cybercrime takes the problem seriously

In the absence of congressional action on cybercrime, this week’s executive order is a significant new step in dealing with what the president called a national emergency. Former NSA director Keith B. Alexander said recently that the government has a responsibility to protect private companies in cyberspace. Because companies are forbidden to retaliate against their … Continue reading The President’s Executive Order on Cybercrime takes the problem seriously