cyber attack | Software Associates.

The valley of death between IT and information security

Posted in: Compliance, Data leakage, Information security, Internal security|Tags: attack modeling, Cloud computing, cyber attack, Cyber threats, ethics, IT Governance, Risk management, Threat modeling|By: Danny Lieberman|January 15, 20121 Comment

IT is about executing predictable business processes. Security is about reducing the impact of unpredictable attacks to a your organization. IT and security adopt a common goal and a common language – a language of customer-centric threat modelling Typically, when a company ( business unit, department or manager) needs a line of business software application, IT …

Russian cybercrime – pride or prejudice?

Posted in: Information security, News|Tags: cyber attack, hackers|By: Danny Lieberman|November 27, 2011No Comments

Mark Galeotti has a piece on the online Moscow News today entitled Why are Russians excellent cybercriminals? Mr Galeotti seems to have most of his facts right as he wonders: “Why does every hacking and cyberscam story – real or fictional – seem to have a Russia connection?In part, it is prejudice and laziness. The stereotype of the …

A strategy for combating cyber terror

Posted in: Information security|Tags: cyber attack, Cyber threats, cybersecurity|By: Danny Lieberman|July 1, 20112 Comments

Instead of getting some real work done this morning, I started collating some thoughts on cyber security strategy. I guess it’s a lot easier to think about strategies than to fix buggy, risky code. For most people – there are two worlds, the cyberspace world and the physical, people-populated world. This dichotomy of two separate spaces …

Offensive security

Posted in: Risk mitigation|Tags: cyber attack, Cyber threats, cybersecurity, offensive security, Security, Stuxnet|By: Danny Lieberman|June 20, 20114 Comments

I have written several times in the past here, here and here about the notion of taking cyber security on the offensive James Anderson, president of Professional Assurance LLC, says that there is no evidence that governments can protect large firms from cyber attacks. “National security authorities may not even acknowledge that their interests align …

Microsoft gives source code to Chinese government

Posted in: Information security|Tags: Critical infrastructures, cyber attack, data breach, Microsoft, RSA, Software security|By: Danny Lieberman|June 11, 2011No Comments

Sold down the river. A phrase meaning to be betrayed by another. Originated during the slave trade in America. Selling a slave “down the river” would uproot the slave from their from spouses, children, parents, siblings and friends. For example: “I can’t believe that Microsoft gave their source code to the Chinese in a pathetic …

Cyber crime costs over $1 trillion

Posted in: Information security|Tags: BSA, counterfeiting, cyber attack, Cyber threats, cybersecurity, data loss prevention, data security, DOD, Dolce Gabbana, McAfee, Microsoft, OECD, Stuxnet, Symantec, Verdasys, Websense|By: Danny Lieberman|March 4, 20114 Comments

A pitch from Alex Whitson from SC TV for a Webinar on the LinkedIn Information Security Community piqued my attention with the following teaser: As you may have read recently, Cybercrime is now costing the UK $43.5 billion and around $1 trillion globally. Sponsored by security and compliance auditing vendor nCircle, the Webinar pitch didn’t cite any sources for the …

Windows USB vulnerabilities reign supreme

Posted in: Compliance|Tags: cyber attack, data breach, ethics|By: Danny Lieberman|August 26, 20101 Comment

In an article to be published Wednesday August 26, 2010 discussing the Pentagon’s cyberstrategy, Deputy Defense Secretary William J. Lynn III says malicious code placed on a removable drive by a foreign intelligence agency in 2008 uploaded itself onto a network run by the U.S. military’s Central Command – source: Washington Post “That code spread …

Archives