Data is compromised so frequently these days that it seems like nothing is safe anymore. So one would be forgiven for thinking that using apps that require the user to voluntarily submit payment card information in order to function -- think Venmo, Uber, etc. -- would be a risky play. The reality, however, is that these kinds of apps are actually no more risky than any other transaction involving payment cards.
Grant Hatchimonji |
09 Sep |
Read more
Put simply, cybercrime, especially financial malware, has the potential to be quite the lucrative affair. That's only because the bad guys have the tools to make their work quick and easy, though. Cripple the automated processes presented by certain malware platforms, and suddenly the threats -- and the losses --aren't quite so serious.
Grant Hatchimonji |
20 Aug |
Read more
Much like my experience with learning to hack at RSA, learning to pick locks was something that I was very interested in learning how to do, but approached with much trepidation given that I had zero experience with the practice. Nevertheless I thought I'd give it a shot, so I headed down to the Lockpicking Village at this year's DEFCON 22 so I could be shown the ropes.
Grant Hatchimonji |
10 Aug |
Read more
"The situation we're in with advertising is a lot like where the banks are, where everyone has struggled with the fact that you can't trust the other end of the connection," says White Ops CEO Michael Tiffany. "It's the same cookies, user information, etc. But one is real, and the other is fake."
Grant Hatchimonji |
07 Aug |
Read more
It's summer, so chances are good that you're planning on taking a trip sometime in the next couple of months. While the prospect is exciting, it can also be daunting for those who aren't sufficiently prepared to protect themselves and their assets while they're traveling.
Grant Hatchimonji |
09 Jul |
Read more
Physical perimeter security can differ from facility to facility, with myriad factors playing into what exactly is implemented, including budget and the assets that are being protected.
Grant Hatchimonji |
24 Jun |
Read more
Given the current prevalence of mobile devices, especially smartphones, it comes as no surprise that they are becoming more and more entwined with everyday aspects of our lives. We don't just use them to make calls, to text, or to browse the internet anymore. We can use them to do just about anything, and that includes using them as a means to provide our credentials.
Grant Hatchimonji |
03 Jun |
Read more
The moment I walk into the 3D Cannabis Center in Denver, Colorado, I'm approached by a security guard, taser on his hip, who requests my identification. As I fumble around in my wallet for my driver's license, I take a look around the lobby and spot at least three different cameras staring right back at me -- and this was after walking past multiple cameras outside just to get in the front door. After explaining that I'm here for an appointment with Toni Fox, the store's owner, I'm issued a badge and asked to sign in before taking a seat and waiting while she's notified of my arrival.
Grant Hatchimonji |
07 May |
Read more
It's the how the future is meant to be, isn't it? The good guys need to find a bad guy in a crowd of people, so they start scanning the environment with a camera that is equipped with facial recognition technology. Seconds later, they scan a face that's a positive match with an entry in their criminal database and bam, they've smoked him out.
Grant Hatchimonji |
29 Apr |
Read more
In large-scale organizations, implementing mobile device management (MDM) is typically given. After all, with so many employees using mobile devices that either contain or connect to sources of sensitive information, there needs to be some way to keep everything in check. But what about those companies that aren't big enough to be able to afford an MDM implementation and a full-sized IT department to manage it? Without a means to centralize the control of mobile devices, how can these smaller companies protect their data?
Grant Hatchimonji |
08 Apr |
Read more
These days, the threat landscape for most companies is massive. But while there is a litany of outside threats that their security teams need to worry about, there is often an even greater danger much closer to home. Insider threats are an issue that no company is safe from, with breaches not just occurring at the hands of a disgruntled or malicious employee, but also unintentionally as a result of ignorance.
Grant Hatchimonji |
03 Apr |
Read more
It may not be a revelation that security isn't a top priority for many organizations, but what about those companies that want to have a full-time CISO and simply cannot afford it? Enter the CISO "in residence" program in Howard County, Maryland.
Grant Hatchimonji |
24 Mar |
Read more
As our world becomes increasingly connected via the Internet, it only seems logical that the interconnectivity would eventually permeate our homes. "Smart devices" like alarm systems, locks, thermostats, and more that can be controlled over the Internet are gradually gaining visibility and creating legions of "smart homes." For all the technological advancements, however, it would appear that our houses are simultaneously becoming more vulnerable.
Grant Hatchimonji |
17 Mar |
Read more
How well is incident response working for corporations effected by security incidents? A panel at RSA says there is still a lot of work to be done
Grant Hatchimonji |
27 Feb |
Read more
Data privacy has gotten its fair share of attention these days, what with the high-profile data breaches that have taken place in recent months. Fittingly, PricewaterhouseCoopers released the results of its 2013 data privacy survey late last year, in which the 370 participants represented both board level members responsible for oversight of privacy programs within their organization and practitioners involved in day to day operations.
Grant Hatchimonji |
31 Jan |
Read more