The industry’s got 99 security problems, and hiring will soon be number one

Steve Morgan recently published an article in Forbes titled Cybersecurity’s Labor Epidemic and did a great job compiling research on the looming cybersecurity talent shortage. Several of the most telling statistics and facts: “The demand for the (cybersecurity) workforce is expected to rise to 6 million (globally) by 2019, with a projected shortfall of 1.5 […]

Applying the National Intelligence Process to Information Security

The “Intelligence” approach to information security is growing in popularity, but many are still struggling to define what this means to their own processes. Red Canary has drawn upon the time-tested and well-defined procedures followed by practitioners of secret intelligence – spies, satellites, drones, etc. – in order to explain how to build and manage […]

Are Rogue Code Signing Keys in Your Environment?

Although this specific example has been exposed as part of a joke, the threat is real – code signing keys are often targeted by advanced attackers.  Keys stolen during other breach operations have been used to sign malicious software. Perhaps this was inevitable – it appears the attackers behind the Sony breach are using stolen code signing keys […]

People as the Weak Link in Cybersecurity: Deep Dive Edition

People, it is often said, are the weak link in computer security. Its people falling victim to myriad social engineering techniques that help evil doers overcome technical defenses that lead to data breaches. Yes and no. It is true that stupid human tricks lead to a disturbing number of system compromises, but as Veracode points […]