No regime that works for bugs, gas, or isotopes is going to work for code.
Ransomware: The Present We Deserve?
The scourge of ransomware is the inevitable result of decades of schizophrenia about our relationship with information technology and security. Treating this problem like all […]
From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice
If everyone agrees on what we should do, why do we seem incapable of doing it? Alternately, if we are doing what we have been told to do, and have not reduced the risks we face, are we asking people to do the wrong things?
The Wolf Approaches
If cybersecurity had a doomsday clock, it just got closer to midnight. Thankfully, we’ve got a snooze button.
The Global Ungoverned Area
Looking at the Internet through Westphalian-tinted glasses is not going to make us safer or more secure.
C.R.E.A.M. IoT Edition
We can go round and round about what’s going to drive improvements in computer security writ large, but when you boil it down it’s really only about one of and/or two things: money and bodies.
Save Yourself – Delete Your Data
If an era when remedying computer security failures is cheaper than calling in computer security experts is even remotely realistic, we need to collectively get on board with some new ways of doing things.
We Learn From Death
Cybersecurity will get better when people die in sufficiently large numbers.
Intelligence Agencies Are Not Here to Defend Your Enterprise
The way to reduce the chance that someone can crack your computer code is to write better code, and test it faster than the spooks can.
How Do You Get Good at Incident Response?
The true measure of defensive success is the speed at which you detect, eject and mitigate the actions of your attackers.