Interview: Me on Cybersecurity
In the context of an event in Berlin, where I had a presentation, I was asked for an interview (in German):
A “thank you” to ISACA German for producing this interview.
Ukraine Power Outage Confirmed as Cyber Attack
Andi t will happen again; I would expect: Ukraine Power Outage Confirmed as Cyber Attack …and not “only” in Ukraine. Swiss TV did a series called Blackout on January, 2nd – three days the power is gone and what happens, what happens afterwards etc. There were seven “fictions documentaries“, which were really interesting. What was…
Details
Facebook and Profiling
Just a quick one. I was aware that a few data points in an anonymized data set can already be enough to identify a single person. However, what you can get out of Facebook is amazing. If you do not know it yet, go to https://applymagicsauce.com/ and apply the magic to your Facebook profile. Just…
Details
Is Cyber Crime worth the effort?
Most of us most probably think that people committing Cyber Crime make a lot of money. The contrary seems to be the case. Looking at Report: Most cybercriminals earn $1,000 to $3,000 a month it seems that the income is fairly minimal. There is one statement in there, which I would challenge: In many ways,…
Details
Christmas Wishes for Cyber Defense?
First of all I have to apologize: I had quite some technical issues with my blog and therefore had some time between now and the last post…. Today I would like to tap your brains: It is close to Christmas and therefore a typical time to hand your wish list to Santa (in our case…
Details4 Biggest Mistakes in Security?
Actually the article I was looking at was called: The 4 Biggest Mistakes Businesses Make Trying To Secure Endpoints. However, a major part – in my opinion – is not only true for the endpoint but for security in companies as such: Underestimating Human Error: Well it starts with the administrator who is taking wrong…
Details
What is the real state of banking security?
What I see in my daily life is, that a lot of banks are focusing heavily on compliance when it comes to security. The way I put it is that compliance does not bring security – but good security brings compliance. However, the financial crisis and the situation a lot of banks are in make…
Details
Drone Network Hacked?
Are networks air gapped, really? Do you build critical systems on commercial products? Often critical systems are built on commercial products and air gapped networks are almost air gapped – except for the few bridges that were built for convenience reasons… Look at recent news: These classified networks are definitely not connected to the Internet,…
Details
IoT and the impact on the broader society
Nobody actually would argue with the challenge regarding IoT and security. There are plenty of examples out there proving how easy it is to compromise devices connected to the Internet, especially as security is really not at the forefront of companies developing these devices. We often talk about the impact this development could have when…
Details
Is the Internet becoming the “Wild Wild West”?
One of the key challenges on the Internet is that law enforcement does hardly work on the Internet. This has different reasons: The legal frameworks – if they exist – are hardly aligned internationally but the criminals are. Law enforcement, even though they made great progress still has a hard time to work across the…
Details
The Risks of Governments Training Hackers
Since quite some years, governments are building Cyber forces – either within the military or within national intelligence. This is a normal trend and was expected even back then. When I met these governments, I typically asked them how they see the risks that the people they train actually leave the government (or get fired)…
Details
Osram ‘Smart Light’ Bugs Could Allow Corporate Wi-Fi Access
I mean, we all knwo that security in the context of the Internet of Things is a challenge but would you have thought of a light bull being your attack vector?
I would not….
Osram ‘Smart Light’ Bugs Could Allow Corporate Wi-Fi Access
Roger
Incentivizing good security
In theory today the top management of a company is incentivized based on the company’s success. As I said, in theory as it seems that the top management is incentivized heavily even if the company fails but that’s another story. In the UK Parliament it seems that they are discussing about linking the bonus/salary of…
DetailsAccenture Acquires Maglan
It is one of the acquisitions and investments we do as we know that we – and the market – need absolute top knowhow to leverage digital, the cloud and whatever will come in the near future. Understanding the threat landscape and having answers in the context of a very fast and disruptively moving business…
Details
Clinton’s private mail and the Internet of Things
Basically the whole discussion about Hillary Clinton’s private mail server and whether it was accurately protected or not has nothing to do with the Internet of Things, right? Almost. Based on this article Did the Clinton Email Server Have an Internet-Based Printer? it seems that a printer accessible through the Internet was attached to the…
Details
Fintech & Cyber Showcase 2016
Startups in the Fintech and Cyber area have the potential to really disrupt the business and the way we do security. Therefore, we decided to support the Fintech & Cyber Showcase 2016 – Israel Innovation Effect intensively and out came a great event with interesting startups in these sector. So, if you are interested and…
Details
Security in the digital age
I just started to blog on the Accenture Banking Blog as well – it is in German: Problemdenken abschalten – denn mit Sicherheit sind die neuen Banken-Lösungen Angreifern gewachsen
Think Resilience
When we talk about security, we often talk about the “assume breach” scenario and therefore about resilience against attacks. When I am on panels talking about resilience, I often talk about resilience in society as well. Today, large parts of Zurich were without power for one hour. It is interesting to see what happened: Shops…
DetailsThat’s pretty clear: Government Wants Access To Data and For The Good Of The Country
Waiting for tomorrow’s episode….
Supply Chain Security – Your Weak Link
That I think that your supply chain will become one of your key risks is not new. Typically, however, I raise it in the context of a bad guy being able to inject into the supply chain – say the products you buy – and therefore you already install the attack kit. I just read…
Details