Z Trek: The Alan Zeichick Weblog

,

Streamlining the cybersecurity insurance application process

Have you ever suffered through the application process for cybersecurity insurance? You know that “suffered” is the right word because of a triple whammy. First, the general risk factors involved in cybersecurity are constantly changing.…
,

Dragonfly, butterfly, bee

Everyone loves bugs — at least, everyone loves beautiful bugs. Right? Here are a few photographed in Phoenix over the past couple of days. The desert here is full of life, from insects to birds to reptiles to plants. Sure, the temperatures…
, , ,

A phone that takes pictures? Smartphone cameras turn 20 years old

Twenty years ago, my friend Philippe Kahn introduced the first camera-phone. You may know Philippe as the founder of Borland, and as an entrepreneur who has started many companies, and who has accomplished many things. He’s also a sailor,…
,

Hacking can kill — and cyberattacks can lead to warfare

Two Indian Air Force pilots are dead, possibly because of a cyberattack on their Sukhoi 30 fighter jet. According to the Economic Times of India, Squadron leader D Pankaj and Flight Lieutenant S Achudev, the pilots of the Su-30 aircraft, had…
,

It's suddenly harder to do tech business in China

Doing business in China is always a rollercoaster. For Internet businesses, the ride just became more thrilling. The Chinese government has rolled out new cybersecurity laws, which begin affecting foreign companies today, June 1, 2017. The…

Stop contacting the other lying spammers!

A little reverse psychology, eh? Don’t worry, trying to get this faux fortune will only cost you $450 from the spammers… or maybe more. Interesting that the name of the contact, Mr.James Richard, has the same spacing throughout, which is…
, ,

How to design software that gracefully handles poor Internet connectivity

"Someone is waiting just for you / Spinnin’ wheel, spinnin’ true." Those lyrics to a 1969 song by Blood, Sweat & Tears could also describe 2017 enterprise apps that time-out or fail because of dropped or poor connectivity. Wheels…
, ,

Malware in movie subtitles are coming to a mobile near you

Movie subtitles — those are the latest attack vector for malware. According to Check Point Software, by crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any…
, ,

My article on digital watermarks cited in a U.S. government paper

March 2003: The U.S. International Trade Commission released a 32-page paper called, “Protecting U.S. Intellectual Property Rights and the Challenge of Digital Piracy.” The authors, Christopher Johnson and Daniel J. Walworth, cited an article…
,

Female entrepreneurs are treated differently than male entrepreneurs

According to a depressing story in Harvard Business Review, venture capitalists consider female entrepreneurs to be quite different than males. The perceived difference is not good. According to the May 17, 2017, story, “We Recorded VCs’…
, ,

Proposed laptop travel ban is not good news

From eWeek’s story, “Proposed Laptop Travel Ban Would Wreak Havoc on Business Travelers,” by Wayne Rash: A current proposal from the Department of Homeland Security to mandate that large electronic devices be relegated to checked luggage…
,

Things you must understand for technical and business due diligence

Technical diligence starts when a startup or company has been approved for outside capital, but needs to be inspected to insure the value of the technology is "good enough" to accept investment. The average startup has something like 1/100 odds…
, ,

The art and science of endpoint security

The endpoint is vulnerable. That’s where many enterprise cyber breaches begin: An employee clicks on a phishing link and installs malware, such a ransomware, or is tricked into providing login credentials. A browser can open a webpage…
,

Slow-motion lifecycle of our echinopsis flower

Our beautiful little echinopsis has a second flower. Here you can see it opening wide over a 22-hour period. Sad to think that it's nearly finished. Thursday or Friday the closed-up blossom will drop off the cactus. Tuesday, 5:20pm Tuesday,…
, ,

What the WannaCry ransomworm means for you

Many IT professionals were caught by surprise by last week's huge cyberattack. Why? They didn't expect ransomware to spread across their networks on its own. The reports came swiftly on Friday morning, May 12. The first I saw were that dozens…
, ,

Almost on my way to London for NetEvents to talk about endpoint security

If you’re in London in a couple weeks, look for me. I’ll be at the NetEvents European Media Spotlight on Innovators in Cloud, IoT, AI and Security, on June 5. At NetEvents, I’ll be doing lots of things: Acting as the Master…
,

Ransomworm golpea a más de 150 Países

Los informes llegaron rápidamente el viernes por la mañana, 12 de mayo – la primera vez que leí una alerta, referenciaba a docenas de hospitales en Inglaterra que fueron afectados por ransomware (sin darse cuenta que era ransomworm), negando…
, ,

The ongoing challenge for women in high-tech companies

In the United States, Sunday, May 14, is Mother’s Day. (Mothering Sunday was March 27 this year in the United Kingdom.) This is a good time to reflect on the status of women of all marital status and family situations in information technology.…
,

Save yourself, save your corporate assets, by blocking spearphishing

Ping! chimes the email software. There are 15 new messages. One is from your boss, calling you by name, and telling him to give you feedback ASAP on a new budget for your department. There’s an attachment. You click on it. Hmm, the file…
, ,

Open up the network, that's how you enable innovation

I have a new research paper in Elsevier's technical journal, Network Security. Here's the abstract: Lock it down! Button it up tight! That's the default reaction of many computer security professionals to anything and everything that's perceived…
, , ,

Your board members are a cybersecurity liability — here’s what to do

To those who run or serve on corporate, local government or non-profit boards: Your board members are at risk, and this places your organizations at risk. Your board members could be targeted by spearphishing (that is, directed personalized…
,

H-1B visa abuse: Blame it on the lottery

In 2016, Carnival Cruises was alleged to have laid off its entire 200-person IT department – and forced its workers to train foreign replacements. The same year, about 80 IT workers at the University of California San Francisco were laid off,…
,

Flame decals add 20-25 whp to your car's performance

It has been proven, beyond any doubt whatsoever, that flame decals add 20-25 whp (wheel horsepower) to your vehicle, and of course even more bhp (brake horsepower). I know it's proven because I read it on the Internet, and everything we read…
,

Why am I being spammed by the American Bar Association?

IANAL — I am not an attorney. I've never studied law, or even been inside a law school. I have a cousin who is an attorney, and quite a few close friends. But IANAL. So why am I on the American Bar Association's email list? I am not a member…
, , ,

Last year's top hacker tactics may surprise you

Did you know that last year, 75% of data breaches were perpetrated by outsiders, and fully 25% involved internal actors? Did you know that 18% were conducted by state-affiliated actors, and 51% involved organized criminal groups? That’s…
, ,

No security plan? It's like riding a bicycle in traffic in the rain without a helmet

Every company should have formal processes for implementing cybersecurity. That includes evaluating systems, describing activities, testing those policies, and authorizing action. After all, in this area, businesses can’t afford to wing it,…
Red Yucca Flower
,

Beautiful little flowers on our Red Yucca (Hesperaloe parviflora)

We have two Red Yucca plants in our garden. Both are magnificent: The leaves, with curlicue strings, are about two feet high. The flower stalks are about five feet high. Currently, each plant has only a single flower stalk; we expect them…
Sean Spicer with Pepsi
, ,

Self-inflicted public relations disasters: United Airlines, Pepsi, Tanium, Uber

There are public-relations disasters… and there are self-inflicted public-relations disasters. Those are arguably the worst, and it’s been a meaningful couple of weeks for them, both in the general world and in the technology industry. In…
,

Manage the network, Hal

Some large percentage of IT and security tasks and alerts require simple responses. On a small network, there aren’t many alerts, and so administrators can easily accommodate them: Fixing a connection here, approving external VPN access there,…