Commentary: Is the US the new ‘Axis of Evil’?
Ordering investigations and revoking security clearances for former CISA director Chris Krebs, along with several other employees of federal contractormore
Read more...
Podcasts
An encryption primer: Don’t wait
Encryption became a hot topic in the news in the past month. The United Kingdom, Sweden, France and the EU are considering requiring “back doors” to encryption protections. The “Signalgate” scandal in Washington, DC started most people asking, “What is this encryption stuff?” So we decided to provide a primer on the state of encryption today.
While the technology behind encryption is complex, it is not new. The basic algorithms have been with us for decades, silently running on devices and servers, invisible to the user. The purpose is basic: to keep data safe from prying eyes, like criminals and nation states.
Encryption is also a good way of saving money and not just in avoiding ransoms. Insurance companies often offer up to 15% premium discounts to businesses demonstrating strong security practices, including proper data encryption. Encryption significantly reduces the risk of data breaches and their associated costs.
Read more...
AI bubble about to pop for cybersecurity?
As quickly as the artificial intelligence (AI) industry appeared, it may disappear just as quickly. That may have significant ramifications for cybersecurity, according to industry watchers, as the technology falls into the trough of disillusionment.
When OpenAI burst on the scene more than two years ago, Microsoft was a significant instigator in its growth and adoption. Microsoft invested billions in the not-for-profit enterprise for early access to cutting-edge AI technologies and helping accelerate OpenAI's research. It transformed its Azure cloud platform into a leading infrastructure provider for AI development, offering specialized hardware (like GPUs and TPUs) and services tailored for machine learning workloads. AI capabilities were embedded across its product suite, and Microsoft Research contributed significantly to AI advancement in computer vision, natural language processing, and deep learning.
All of that came with extreme demands on computing resources. Microsoft began a buying spree in data centers, both to secure resources and build new centers. They even entered into a deal to reopen the notorious Three Mile Island nuclear power plant.
Spree ends
That has all come to an end. As reported in Bloomberg last week, the company decided to scale back data center projects in the UK, Australia, and Indonesia. Data center development in Illinois, North Dakota, and Wisconsin is also canceled. All tolled, Microsoft has walked away from more than 2GW. That’s on top of the news that Microsoft had walked away from two data center projects in the US and Europe, piling on to a February announcement that it was canceling data center leases.
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
DDoS on X was avoidable, but inevitable
The DDoS attack on X.com this week provided a certain amount of schadenfreude for people less than enamored by Elon Musk. It also rang alarm bells in the cybersecurity community.
Premium Membership Required
You must be a Premium member to access this content.
Already a member? Log in here
Phishing grows but can be blunted
Phishing attacks are on the rise again with the help of sophisticated generative-AI tools. However, new defenses and increased wariness among potential victims are blunting phishing’s potential for widespread harm.
Read more...
EU’s DORA: Who will stand up for protection?
The EU's Digital Operational Resiliency Act (DORA) went live in January. This legislation's goals seem to conflict with the US administration’s willingness to ignore technology security standards. The question is: Who will stand up to protect corporate and consumer data?
DORA is highly targeted at the stability and resilience of the financial services sector. It ensures financial institutions can respond to, withstand, and recover from ICT-related threats and disruptions. It also requires robust strategies and policies to manage ICT risks in financial institutions.
Arnaud Treps, chief information security officer at Odaseva, said, “DORA is very different from previous regulation where you have to change where you operate. DORA is about having proper backups, the capability to restore quickly, and building redundancy.”
Europe takes the lead
But does the US rejecting data privacy regulation mean walling America off from the rest of the world? Meta has threatened to potentially limit
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
How social media moderation works
There has been a lot of debate regarding the imposition of moderation on social media and whether that constitutes censorship and violations of the right to free speech. That argument is specious at best. Offending content on commercial social media is removed only when it negates profitability.
Most humans moderate their speech. Sometimes we think about impulsively speaking in reaction to something that incites strong emotions. People who do not react have what is called, “self-control”. Some people don’t have that filter (I’m looking at you, Elon) and blurt out offensive, nonfactual, or dishonest responses. Sometimes they aren’t atypical, they are just selfish people without manners (still looking at you Elon). Moderation of your speech is just a civilized attitude.
Profit motive
When it comes to social media, however, especially for-profit social media, the primary factor is profit. That has been the guiding principle of all social media moderation.
Read more...
Security industry addicted to bland marketing
There is no question that the cybersecurity industry performs a vital role in keeping the digital world safe. It’s too bad the industry is so dedicated to bland, repetitive and un-informational marketing and research.
The problem doesn’t exist with cybersecurity alone. Every tech industry under finances and plagiarizes marketing communications both within and without their niches, but the problem in security is that there is so little actual data to refer to, it is easy to make it up and still be believed. The introduction of AI into marketing efforts definitely cuts down the price and effort of communications, but it makes the bland and repetitive content even more bland, repetitive while making it less informative than when humans are actually involved.
Anyone involved in the process of evaluating this content and mining nuggets of relevant truth knows the problem and some are trying to do something about it. James Bore is one of them.
Read more...
A new year and new problems
We open a new year and a new season with our friend, Ian Thornton-Trump, chief information security officer at the MSSP Inversion6 and in 30 minutes we take on some pretty meaty subjects.
First, we discuss how China strategically infiltrated technology systems in the US and other countries as a geopolitical message rather than attacks. He discusses the challenges of securing complex, interconnected systems and the need for proactive defense.
Next we review the rise of corporate power and influence and how the increasing wealth and influence of individuals like Elon Musk is disrupting the traditional balance of power in democracies. The ethical concerns around wealthy individuals wielding disproportionate political influence could result in something the oligarchs are not expecting.
Finally, we review potential trade wars and the possibility of Canada and Mexico joining the BRICS alliance.
2025 is going to be bumpy but very interesting.
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
AI making life hard for consumers and cybersecurity
The AI industry supposedly to make life easier for humanity. Since it first burst onto the scene it has, arguably, made life more difficult. Consumers and the cybersecurity industry, in particular, are struggling professionally, emotionally, and mentally to understand the value, if not the efficacy, of the technology.
Cyber Protection Magazine evaluated three surveys, from Armorcode, Arkose Labs, and Appdome, over the past few weeks. They agreed the public image of AI is untrustworthy, full of false promises, and something to be feared. In spite of this image, customers believe they must adopt and adapt to the technology, even if they don’t want to.
Read more...