Category

Security+Privacy

Insight into the information security and privacy issues enterprises grapple with.

 
avatar

As mobile computing has made sophisticated, digitally-mediated interactions possible in both personal/consumer and business-like capacities (BYOD) – the market and the challenges associated with it have exploded. Taking a step back to when the technologies that underpin mobile computing and networking were developed, it was assumed that each user had some level of expertise, that the use cases were quite limited in scope, and that the overall numbers of users were constrained. Fast-forward to present day, the massive scale of mobile computing adoption, the broad scope of supported use cases, and the “naive” user base has created a number of serious issues that the IT industry must grapple with now. Chief among these problems is …

Read more

 
avatar

If one listed the top technology concerns for CIOs and CEOs around the world, cybersecurity has to be right at the top. Over the last year, serious data breaches have been increasingly common. Perhaps the most publicized was the one that occurred at Target during the Christmas season last winter. Millions of customers’ credit information was disclosed and Target did not discover/acknowledge the breach for nearly three weeks. The ensuing scandal cost the CSO, CIO and eventually the CEO their jobs and the company hundreds of millions of dollars in lost sales and in falling stock prices. Recently, EBay’s PayPal subsidiary disclosed that it had been broken into in February 2014 and the breach was …

Read more

 
Politics, Profiling, and Big Data

The ongoing IRS scandal, in which various groups were targeted according to keywords such as “tea party” in the search for infractions, has important lessons for emerging big data techniques. Because analytics based on huge amounts of streaming social data linked with demographics provide the possibility of creating social profiles, a door has been opened for new types of abuse that may create invisible legal issues. Profiling has always been problematic, but it has generally been overt, and the result of a conscious decision. Invisible social profiles, on the other hand, might not even be fully understood by the analyst. The IRS example is fairly primitive, and is actually at least partly a response to …

Read more

 
avatar

I’m excited about the Internet of Things (IoT), and I expect it to create incredible opportunities for companies in almost every industry. But I’m also concerned that the issues of security, data privacy, and our expectations of a right to privacy, in general — unless suitably addressed — could hinder the adoption of the IoT by consumers and businesses and possibly slow innovation. So, with all the hype of the IoT, I’m going to play devil’s advocate, because these issues tend to receive limited coverage when considering the impact of new technology developments on society. First of all, I am amazed at all the connected products and services that are starting to appear. These include, …

Read more

 
IoT, Big Data, Mobile Apps, Drones to Impact Privacy & Security

Here are my predictions for 2014: 2014 will bring exponential expansion and evolution of the Internet of Things (IoT). This will also bring new opportunities for information security trailblazers unlike any we’ve seen before. The potential benefits of the IoT will be huge, but just as large will be the new and constantly evolving information security and privacy risks. We will see some significant privacy breaches resulting from the use of IoT devices as a result. New IoT risks, and resulting security incidents and privacy breaches, will bring a significant need for technology information security pros to also understand privacy concepts so they can implement privacy protections within all these new devices, and into the …

Read more

Dec 162013
 
Securing Internet Traffic

By the end of 2014 or the beginning of 2015, various large cloud providers as well as the Internet Engineering Task Force (IETF) will have developed mechanisms to protect most Internet traffic against the pervasive domestic spying performed by the U.S. National Security Agency. The NSA won’t be unable to decrypt the traffic it really cares a lot about, but it will just take too much computer time to decrypt all traffic, as it can do right now. I predict this because there is a great convergence happening. First, the NSA’s antics have finally made companies aware of the security issues involved in taking client-server traffic that used to be inside the firewall and moving …

Read more

 
Things That Go Bump in the Night

By the end of the decade, self-driving cars will be on the roads in many developed countries. The electric grid will tell our heaters when it is more economical to run, “learning thermostats” will be in many homes, and we will track the movements of people, pets, packages, and many other things. By some estimates, the number of devices connected to this “Internet of Things” (IoT) will pass the number of connected human users by 2016. The question is: will serious accidents be necessary before people take the risks seriously and harden this infrastructure? Because the IoT senses and controls physical objects, serious harm can happen — either accidentally or intentionally. We need devices to …

Read more

 
avatar

Just in time for National Cyber Security Awareness month is the Cutter IT Journal issue — Privacy and Security in the Internet of Things. Guest Edited by Privacy by Design Ambassador and Cutter Senior Consultant Rebecca Herold and her host of expert authors — this issue highlights the many possible data hacking scenarios your organization could be privy to as the IoT gathers speed. With no current restrictions on how data collected by IoT-related devices is analyzed — the market is an open playing field for potential exploit. Explore the implications of the IoT and learn some strategies for mitigating the possibility of data breaches in this exciting new issue! Cutter clients read this issue …

Read more

 
avatar

The latest technology tsunami creates great market opportunities, and simultaneously wreaks havoc on the business world. The Internet of Things (IoT) is all about connecting sensors and other data-generating devices to everyday objects and ultimately to the Internet, generating a wealth of intelligence and real-time data, and merging and blurring the physical and virtual worlds. Already established in the consumer products world, the IoT offers corporations the opportunity to develop new offerings or to reconfigure existing products to collect intelligence. This will drive an increase in big data implementations, cloud, and other emerging technologies as corporations begin to capitalize on this up and coming phenomenon. Every new trend comes with its share of challenges and …

Read more

 
avatar

Some argue that a cyber-Armageddon — or a “digital Pearl Harbor” — may be just around the corner, while others counter that while cybersecurity needs to be taken seriously, the overall cyberthreat and its consequences are vastly overblown and are merely a convenient excuse to sell over-priced security software and consulting. The May 2011 Cutter IT Journal will try to separate the wheat from the chaff as pertains to security threats from current and potential cyberweapons. Proposals of interest are due 2 March 2011. To respond, please visit http://www.cutter.com/content-and-analysis/journals-and-reports/cutter-it-journal/callforpapers02.html