Quick Hits
Commentary
NewsQuick Hits
Commentary
NewsQuick Hits
News
CommentaryQuick HitsQuick Hits
CommentaryNews
News
NewsNews
News
Commentary
@Dr. T: Sure. The more you know, the more flexibly and powerfully you are able to innovate a solution. This is true of pretty much everything.I recently read a story of an ad man who was able to come up with effective copy...
In reply to: Re: Coders?
I saw a reference to this debate recently on Twitter. One security pundit was commenting that we shouldn't "code-shame" security people for not knowing to code because of the shortage of talent and to encourage their contributions....
In reply to: "Code shaming"
Geezalou, another freakin' gross misconfiguration of S3-bucket access. This has been a huge trend over the past couple of years (despite the fact that the default settings tend to be more secure) -- to the point that...
In reply to: more of the same
@Dr. T: In security studies, security-alert fatigue is routinely identified as the top or near-top obstacle facing security teams.AI/ML can help, but you can also accomplish a lot by trying some lower-tech techniques (like...
In reply to: Re: False positives
> AI is probabilistic, not deterministic.Is it, though? I mean, sure, modern ML programming relies on PPLs, but we have not reached true/generalized AI yet. Perhaps AI models will evolve such that some are more deterministic...
In reply to: Re: Probabilistic
@Dr. T: That's the very definition of big data: data collections that are so big that humans unaided by tech automation cannot possibly contend with them.The real question, however, is to what extent actual ML and AI are...
In reply to: Re: Big data
The operating productivity (a.k.a. accessibility) metric is a tough and debatable one. On the one hand, security and accessibility are polar opposites of each other -- and, as such, it can be fair to assign security...
In reply to: Productivity/accessibility as security considerations (or not)
Despite this suspect being a Chinese national, I shared a conversation with a security executive recently about the fact that these insider threats sometimes occur from otherwise loyal employees who get extorted to...
In reply to: Even citizens influenced
Collusion, are you kidding me? They can't prove anything. I mean, of course they colluded. Putin and Trump have been bff's for years. They've been riding tigers together since community college...
In reply to: Rumor has it...
Considering a recent military report highlighting the possibility of countrywide-impacting EMP attacks that could be hypothetically perpetrated by someone aboard an aircraft at high altitude, the "hackers on a plane" scenario...
In reply to: Hacks on a Plane
Another common way that organizations frequently downplay/cover up a security issue: Dismissing out of hand the security researchers who notify the organization of the vulnerability as a nuisance or criminal.Happens a lot....
In reply to: Panera example
The note about sharing information and working together is well taken. The financial-services sector has been doing this and scaling up their resources here for some years now -- with assistance/collaboration w/ government...
In reply to: A couple of points
The Year in Security 2018This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
![[Sponsored Content] The State of Encryption and How to Improve It](https://twimgs.com/custom_content/Vera_Report.jpg)
[Sponsored Content] The State of Encryption and How to Improve It
Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.
Tweet This
4 Comments
