Entries by Alan Zeichick

, , ,

Your board members are a cybersecurity liability — here’s what to do

To those who run or serve on corporate, local government or non-profit boards: Your board members are at risk, and this places your organizations at risk. Your board members could be targeted by spearphishing (that is, directed personalized attacks) or other hacking because They are often not technologically sophisticated They have access to valuable information If […]

, , ,

Last year’s top hacker tactics may surprise you

Did you know that last year, 75% of data breaches were perpetrated by outsiders, and fully 25% involved internal actors? Did you know that 18% were conducted by state-affiliated actors, and 51% involved organized criminal groups? That’s according to the newly release 2017 Data Breach Investigations Report from Verizon. It’s the 10th edition of the DBIR, […]

, ,

No security plan? It’s like riding a bicycle in traffic in the rain without a helmet

Every company should have formal processes for implementing cybersecurity. That includes evaluating systems, describing activities, testing those policies, and authorizing action. After all, in this area, businesses can’t afford to wing it, thinking, “if something happens, we’ll figure out what to do.” In many cases, without the proper technology, a breach may not be discovered […]

, ,

Self-inflicted public relations disasters: United Airlines, Pepsi, Tanium, Uber

There are public-relations disasters… and there are self-inflicted public-relations disasters. Those are arguably the worst, and it’s been a meaningful couple of weeks for them, both in the general world and in the technology industry. In some cases, the self-inflicted crises exploded because of stupid or ham-handed initial responses. In PR crisis management, it’s important […]

,

Manage the network, Hal

Some large percentage of IT and security tasks and alerts require simple responses. On a small network, there aren’t many alerts, and so administrators can easily accommodate them: Fixing a connection here, approving external VPN access there, updating router firmware on that side, giving users the latest patches to Microsoft Office on that side, evaluating […]

, ,

Email clients and 3D paint applications do not belong in operating system releases

No, no, no, no, no! The email client updates in the 10.12.4 update to macOS Sierra is everything that’s wrong with operating systems today. And so is the planned inclusion of an innovative, fun-sounding 3D painter as part of next week’s Windows 10 Creators Update. Repeat after me: Applications do not belong in operating systems. […]

, ,

Listen to Sir Tim Berners-Lee: Don’t weaken encryption!

It’s always a bad idea to intentionally weaken the security that protects hardware, software, and data. Why? Many reasons, including the basic right (in many societies) of individuals to engage in legal activities anonymously. An additional reason: Because knowledge about weakened encryption, back doors and secret keys could be leaked or stolen, leading to unintended consequences […]

, , ,

Congress votes against Internet customer privacy; nothing changes

It’s official: Internet service providers in the United States can continue to sell information about their customers’ Internet usage to marketers — and to anyone else who wants to use it. In 2016, during the Obama administration, the Federal Communications Commission (FCC) tried to require ISPs to get customer permission before using or sharing information about […]

, ,

Three years of the 2013 OWASP Top 10 — and it’s the same vulnerabilities over and over

Can’t we fix injection already? It’s been nearly four years since the most recent iteration of the OWASP Top 10 came out — that’s June 12, 2013. The OWASP Top 10 are the most critical web application security flaws, as determined by a large group of experts. The list doesn’t change much, or change often, because […]

,

Blue passion vines are ready for butterflies and caterpillars

To our delight this morning, our new Blue Passion vines had their first flowers. Passiflora caerulea is an amazing plant. It grows these colorful and complex flowers, which only last about one day, but there’s a long array of buds in various stages of development, so we’ll have blooms nearly every day for months. The Gulf Fritillary butterfly common […]

, ,

Top Do’s and Don’ts for creating friendly calendar invites

“Call with Alan.” That’s what the calendar event says, with a bridge line as the meeting location. That’s it. For the individual who sent me that invitation, that’s a meaningful description, I guess. For me… worthless! This meeting was apparently sent out (and I agreed to attend) at least three weeks ago. I have no recollection […]

, , ,

What’s the deal with Apple iCloud accounts being hacked?

The word went out Wednesday, March 22, spreading from techie to techie. “Better change your iCloud password, and change it fast.” What’s going on? According to ZDNet, “Hackers are demanding Apple pay a ransom in bitcoin or they’ll blow the lid off millions of iCloud account credentials.” A hacker group claims to have access to […]

, ,

New ban on flying with a laptop or tablet means the terrorists win

The U.S. and U.K. are banning larger electronic items, like tablets, notebooks and DLSRs, from being carried onboard flights from a small number of countries. If that ban spreads to include more international or even domestic flights, this will result in several nasty consequences: 1. Business travelers may be unable to bring computers on trips […]

,

The cybersecurity benefits of artificial intelligence and machine learning

Let’s talk about the practical application of artificial intelligence to cybersecurity. Or rather, let’s read about it. My friend Sean Martin has written a three-part series on the topic for ITSP Magazine, exploring AI, machine learning, and other related topics. I provided review and commentary into the series. The first part, “It’s a Marketing Mess! Artificial […]

,

Repurposing, solution, robust, best of breed, mission-critical, next-generation, web-enabled, leading, value-added, leverage, seamless…

Let’s take a chainsaw to content-free buzzwords favored by technology marketers and public relations professionals. Or even better, let’s applaud one PR agency’s campaign to do just that. Houston PR, based in the UK, has a fun website called “Buzzsaw” which removes those empty phrases from text, such as press releases. Says the agency: This […]

, , ,

Exciting News: BZ Media sells InterDrone to Emerald Expositions

As many of you know, I am co-founder and part owner of BZ Media LLC. Yes, I’m the “Z” of BZ Media. Here is exciting news released today about one of our flagship events, InterDrone. MELVILLE, N.Y., March 13, 2017 — BZ Media LLC announced today that InterDrone™ The International Drone Conference & Exposition has been […]