The increasing importance of information security has forced researchers to start literally thinking outside the box. The importance of the isolating systems as a form of high security control has lead to tests of the permeability of an air gap. there has been research into techniques by which data from an isolated system can …
A recent podcast from risky business (www.risky.biz) had a very interesting interview with Stephen Morse, formerly the staff vice president of cybersecurity analytics at Anthem. You might remember that Anthem were the target of a state-sponsored attack back in 2015. The interview is well worth listening, particularly for those charged with security in a large …
People often make predictable passwords. They use common methods to create passwords such as common words, substituting characters or using patterns on the keyboard. Blase Ur from the University of Chicago and a team from Carnegie Mellon University developed and evaluated a password security meter that provides a more accurate rating of password strength and …
Presented at the SERENE-RISC Workshop – 2016 Spring The cyber-attacks targeting individuals and businesses worldwide continue to grow and wreak havoc. But one particular threat type clearly stands out from everything else we see today or had faced before. The file-encrypting ransomware has taken its victims by storm recently. It’s dominating the current threat landscape …
Presented at the SERENE-RISC Workshop Spring 2016 The discussion of cybersecurity is highly complex and struggles with the ever increasing rate of sophisticated cyberattacks and digital exploitation. Cybersecurity continues to fall low in prioritization amongst executive management where there is a denial for a need of protection against such attacks. The discussion in today’s technological …
Dr. Mashatan is currently a faculty member at the Ted Rogers School of Information Technology Management of Ryerson University where her research focus has been on Information Systems Security and Privacy. Prior to joining Ryerson University, she was a Senior Information Security Consultant and Solutions Architect at CIBC. Prior to that Dr. Mashatan was …
The National Institute of Standards and Technology has released a Cybersecurity risk reduction framework for businesses in the manufacturing sector. The document outlines a general target profile for manufacturers around to identify risks within their business more efficiently than customizing from a general set of guidelines. If you are in any manner concerned with …
Presented at 2017 GoSec, 30 October 2017 Susan Munn has over 35 years of security and business risk management experience in law enforcement, government, and private sectors. She is CEO of her own firm, CompassQ Inc. and also recently named to the Advisory Board for PARM – Proactive Risk Management – an international …
RAND obtained a dataset of information about zero-day software exploits through a research connection. It is a rich dataset, as some of these exploits have been found by others and some have not. The dataset spans 14 years (2002–2016) and contains information about more than 200 zero-day exploits and the vulnerabilities that they take advantage …
A grand jury Northern District of California has indicted four defendants, including two officers of the Russian Federal Security Service (FSB), for computer hacking, economic espionage and other criminal offenses in connection with a conspiracy, beginning in January 2014, to access Yahoo’s network and the contents of webmail accounts. The defendants are Dmitry Aleksandrovich Dokuchaev, 33, …