Things I Hearted This Week, 22 Feb 2019

February 22, 2019 | Javvad Malik

We have two weeks of news to catch up with because I was travelling last week and wasn’t able to submit to the editor in time.

But that just means double the security fun. So let’s just jump right into it.

Helping The Smaller Businesses

Small and mid-sized businesses have most of the same cybersecurity concerns of larger enterprises. What they don't have are the resources to deal with them. A new initiative, the Cybersecurity Toolkit, is intended to bridge that gulf and give small companies the ability to keep themselves safer in an online environment that is increasingly dangerous.

Security Isn’t Enough. Silicon Valley Needs ‘Abusability’ Testing

It is time for Silicon Valley to take the potential for unintended, malicious use of its products as seriously as it takes their security. From Russian disinformation on Facebook, Twitter, and Instagram to YouTube extremism to drones grounding air traffic, Tech companies need to think not just about protecting their own users but about abusability: the possibility that users could exploit their tech to harm others, or the world.

Hackers Wipe US Servers of Email Provider VFEmail

Email provider VFEmail.net were compromised and disks formatted. Every VM, file server, and backup server was lost.

No ransom demand, no notice, just attack and destroy.

CISO Spotlight: Security Goals and Objectives for 2019

Rick Holland shares his security goals and objectives for 2019, which has some great insights and tips such as hyperfocusing on process / program improvements, establishing a security and risk playbook, avoiding ‘expense in depth’, eating their own BBQ, and investing in the team.

Court Camera Used to Spy on Juror’s Notebook

Some defense attorneys in San Juan County worry that Sheriff Ron Krebs has a finger on the scales of justice after learning he used a courtroom security camera to surreptitiously zoom in on defense documents and a juror’s notebook during a criminal trial last week.

The incident has drawn outrage from criminal and civil-rights attorneys and frustration from the county prosecutor, and prompted a rare weekend hearing during which a judge dismissed misdemeanor assault and trespass charges against a Lopez Island man after finding the incident amounted to government misconduct that had violated his right to a fair trial.

We Need to Kill the ‘Security Analyst’

This is a rational and well-grounded piece talking about the skills gap, how it’s perceived and what can be done to address some of the apparent shortages.

It’s not so much about trying to find and throw more bodies at the problem, but rather, finding the right kind of people and placing people in the correct roles.

When You Can’t Do Awesome Things, Because of Crushing Bureaucracy

The term ‘thought leader’ is thrown about with reckless abandon to the extent that it is viewed as a derogatory term. But Haroon Meer is probably among the few who are worthy of the title, and most of his posts give me something new to think about. This one is no different.

NHS Cybersecurity Needs to be a Qualified Success

A freedom of information request which revealed a lack of cyber and information governance training may be something of a red herring. But that doesn’t mean there isn’t valuable work to be done on creating a cyber-qualified NHS IT workforce.

Cards Used at 137 Restaurants Exposed by Point-of-Sale Breach

North Country Business Products point-of-sale and security solutions provider with roughly 6500 customers around the US mdwest has disclosed a data breach which led to the exposure of payment information for clients who used their credit and debit cards at 137 restaurants.

According to the company's data breach notification, North Country first observed that suspicious activity was present on some of its clients' networks on January 4 and a joint investigation with a third-party cybersecurity forensic firm established that the cause was malware deployed on its partner restaurants' networks.

The RSA Shortlist

RSA is just a couple of weeks away - arguably one of the largest business-focused security conferences, and soon the masses shall descend on San Francisco.

There’s usually something for everyone there, but how can you find the talks that are best for you? Well, maybe not the best talks for you, but Thom Langford has listed out some of the sessions he’s most interested in. Maybe it can inspire you to shortlist your own sessions:

Not wanting to be outdone my Thom, I came up with my own list of vendors I’d like to meet, or who seem pretty cool and interesting.

Other Things I Hearted

Javvad Malik

About the Author: Javvad Malik

The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.

Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Watch a Demo ›
Get Price Free Trial