You think an Air Gap is a defense? Sofacy, Stuxnet, Uroburos, AirHopper, BitWhisperer and ProjectSauron…enough said!
Share this quote:
Right and wrong isn’t a matter of ethics, rather it’s the geography in which you reside and whose control you’re under. Tallinn Manual 2.0 is based largely on western international humanitarian law.
Share this quote:
Security-by-design is an indispensable prerequisite to the establishment of vital critical infrastructure resiliency. Each device vulnerable to adversarial compromise, inflates and bolsters the exploitable cyber-attack surface that can be leveraged against targets, and every enslaved device grants adversaries carte blanche access that can be utilized to parasitically entwine malware into organizational networks and IoT microcosms, and that can be leveraged to amplify the impact and harm inflicted on targeted end-users, organizations, and government entities
Share this quote:
Security by design is a mandatory prerequisite to securing the IoT macrocosm, the Dyn attack was just a practice run
Share this quote:
We’re talking about the fate of our economy and the questionable resiliency of our Nation’s critical infrastructure. Why are experts so polite, patient, and forgiving when talking about cybersecurity and National Security? The drama of each script kiddie botnet attack and Nation State pilfering of our IP has been turned into a soap opera through press releases, sound bites and enforced absurdity of mainstream media. It’s time for a cybersecurity zeitgeist in the West where cyber hygiene is a meme that is aggressively distributed by those who have mastered it and encouraged to be imitated by those who have experienced it.
Share this quote:
Exfiltrated metadata from internet service providers and social media platforms can be plugged into big data analytics and once the right algorithm is applied, can allow an adversary surgically precise psychographic targeting of critical infrastructure executives with elevated privileges. Why is no one talking about this?
Share this quote:
I don’t care how secure you think your organization is, I’ll social engineer my way inside in less than 24 hours regardless of the sophistication of your IoT microcosm security. Whatever obstacles I run into exploiting your technical vulnerabilities will be made up for by exploiting the vulnerabilities in the cyber hygiene of your staff.
Share this quote:
Youll have the right to be angry about Vault 7 only after you boycott dragnet surveillance data providers like Google, Microsoft, Skype, Facebook and LinkedIn. The true threat is coming from the private sector surveillance profiteers.
Share this quote:
Overall, Cyber Shield Act is an excellent idea and could facilitate a much-needed cultural shift in secure device manufacturing and upkeep.
Share this quote:
The Cyber Shield Act could serve as a secure conduit to facilitate update and patch delivery
Share this quote:
A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network.
Share this quote:
In this cyberwar, industry is on their own and must combat nation states, cyber mercenaries, cyber caliphate and other actors via layered security laced with intelligent machines.
Share this quote:
In an age of dynamic malware obfuscation through operations such as mutating hash, a hyper-evolving threat landscape, and technologically next generation adversaries, offensive campaigns have an overwhelming advantage over defensive strategies.
Share this quote:
Theres a compounding and unraveling chaos that is perpetually in motion in the Dark Webs toxic underbelly.
Share this quote:
Few critical infrastructures need to expedite their cyber resiliency as desperately as the health sector, who repeatedly demonstrates lackadaisical cyber hygiene, finagled and Frankensteined networks, virtually unanimous absence of security operations teams and good ol’ boys club bureaucratic board members flexing little more than smoke and mirror, cyber security theatrics as their organizational defense.
Share this quote:
The Cyber Shield Act could serve as a secure conduit to facilitate update and patch deliveryJames Scott, Senior Fellow, Institute for Critical Infrastructure Technology
Share this quote:
If developed and implemented meaningfully, Cyber Shield Act could be a catalyst to incite responsible cybersecurity adoption and implementation throughout multiple manufacturing sectors.James Scott, Senior Fellow, Institute for Critical Infrastructure Technology
Share this quote:
The two main problems with signature and heuristic based anti-virus is the mutating hash and the fact that you first need a victim in order to obtain the signature.James Scott, Senior Fellow, Institute for Critical Infrastructure Technology
Share this quote:
Most IoT devices that lack security by design simply pass the security responsibility to the consumer, thus, treating the customers as techno-crash test dummies.James Scott, Senior Fellow, Institute for Critical Infrastructure Technology
Share this quote:
Overall, Cyber Shield Act is an excellent idea and could facilitate a much-needed cultural shift in secure device manufacturing and upkeep.James Scott, Senior Fellow, Institute for Critical Infrastructure Technology
Share this quote: