Matthew Rosenquist's Blog (90)

Finding the Next SolarWinds Type of Supply Chain Attack

The SolarWinds compromise showed that supply-chain attacks are possible and the ramifications can be tremendously impactful. Other nation states will be investing in efforts to duplicate this success. That makes IT tools, security products, hardware & firmware vendors, and cloud service providers prime targets for…

Continue

Added by Matthew Rosenquist on January 21, 2021 at 2:43am — No Comments

WhatsApp Still Needs to Prove it is Trustworthy

In the aftermath of WhatsApp’s privacy notification to users, that they will again be sharing data with Facebook, there is still a lack of clarity.  I see a lot of statements from WhatsApp and general chatter regarding what data they will NOT be sharing.  But I have yet to find any specificity on what exact data they WILL be sharing with Facebook. …

Continue

Added by Matthew Rosenquist on January 17, 2021 at 6:21am — No Comments

Cybersecurity Value is About Protecting Intangible Assets

Intangibles now account for 90% of the S&P’s total assets and it is no accident that the core of cybersecurity has evolved to protect those aspects of the business.  It is a natural progression for security to align with protecting the most important assets.  This is a crucial element when communicating the value and relevance to…

Continue

Added by Matthew Rosenquist on January 15, 2021 at 1:14am — No Comments

Why are Cybersecurity Roles Confusing

The cybersecurity field is dynamic and the roles and responsibilities are ever changing.  People coming into the cybersecurity field often expect clearly defined positions and are surprised at the significant variance when looking at job descriptions or talking with professionals. 

It is a chaotic and confusing mess.  But, if you are…

Continue

Added by Matthew Rosenquist on January 11, 2021 at 1:33pm — No Comments

Law Enforcement is Seduced by Big Cybercrime Cases

Some important aspects are changing in law enforcement, when it comes to cybercrime. 

In today's video I look at the social aspects within the law enforcement community, the criminal evolution of cybercrime, and the resulting changes in behaviors that are driving fundamental improvements to cybercrime investigations around the globe.

Added by Matthew Rosenquist on January 8, 2021 at 2:40am — No Comments

Top 2020 Cybersecurity Lessons for Cryptocurrency

As 2020 comes to a close, we can reflect back on some of the important cybersecurity lessons that are intertwined with the rapidly growing digital cryptocurrency economy.

Added by Matthew Rosenquist on January 4, 2021 at 10:58pm — No Comments

Privacy is at risk when security fails - especially for surveillance cameras

A recent incident involving city surveillance video data highlights some of the criminal privacy risks of public camera and biometric programs.  Without strong cybersecurity, everyone’s privacy could be undermined by cyber attackers, criminals, and malicious insiders.

Added by Matthew Rosenquist on December 30, 2020 at 3:54am — No Comments

The CISO Dilemma - When Leadership Ignores Risks

What should a CISO do when the executive leadership chooses to ignore critical cyber risks? 

If the C-Suite and board are well informed of imperative vulnerabilities and yet choose a path to ignore security, the CISO is put in a position where they are incapable of effectively managing risk, yet still responsible when incidents…

Continue

Added by Matthew Rosenquist on December 24, 2020 at 11:17pm — No Comments

Objectives of Nation State Cyber Attackers

It is important to look into the motivations of government orchestrated cyberattacks, such as SolarWinds, as understanding the threat-agent’s objectives can provide important insights to their long-term goals and potential next steps.

Today I discuss the 4 primary reasons why Nation States conduct cyber warfare activities and evaluate that…

Continue

Added by Matthew Rosenquist on December 21, 2020 at 10:40pm — No Comments

Leaders and Losers of the SolarWinds Hack

The SolarWinds hack has had a significant ripple effect on the cybersecurity community, with over 18k organizations discovered to be severely vulnerable and at the mercy of nation-state hackers.  The security community realized some of the biggest companies, most sensitive government agencies, and critical infrastructure were at risk.  Some…

Continue

Added by Matthew Rosenquist on December 20, 2020 at 3:32pm — No Comments

Missing the Big Picture from the SolarWinds Hack

The cybersecurity industry is consumed with scale and effectiveness of one of the biggest hacks in recent memory.  The emerging narrative and stories are missing important pieces of the puzzle.  The attackers, likely a nation-state, gained unprecedented access to the U.S. government, military, critical infrastructure, and most major…

Continue

Added by Matthew Rosenquist on December 16, 2020 at 4:27am — No Comments

Evolution of Law Enforcement is Driving Changes Cryptocurrency

There is an important transition that is happening with law enforcement’s adaptation to digital currencies.   Authorities are seizing billions worth of criminal’s cryptocurrency and their improving skills are proving crypto is not the safe haven that criminals thought it to be.

Added by Matthew Rosenquist on December 15, 2020 at 1:26am — No Comments

Top 10 Privacy Thought Leaders and Influencers

I am honored to be among Thinkers360’s Top10 Privacy Thought Leaders and Influencers.  Our digital world is filling with so much information, it represents a growing risk to the privacy and respect of people.  We can have the benefits of innovative technology and still protect the privacy of individuals, so they are…

Continue

Added by Matthew Rosenquist on December 12, 2020 at 8:40am — No Comments

FireEye Hacked – A Stark Reminder of Cybersecurity Risks

Even the best security organizations can be hacked!  Watch my message to both the cybersecurity industry as well as those attackers that hacked FireEye and stole the RedTeam tools. 

This skirmish went to the hackers, but the battle continues.

Added by Matthew Rosenquist on December 10, 2020 at 1:51pm — No Comments

Why TrickBot Malware may be a Game Changer for Cybersecurity

Cyber attackers continue to move down the compute stack with the latest variant of TrickBot now targeting firmware for malicious manipulations.  This is when it gets serious.  The firmware sits below the operating system and is a perfect place for malware to hide from detection or eviction.  It is very tough to accomplish, but if successful, the…

Continue

Added by Matthew Rosenquist on December 5, 2020 at 4:06am — No Comments

Some Justice for Phone Scammers

You know those spam calls that threaten money is owed to the IRS and if you don’t pay over-the-phone you will be arrested?  How about the call that the US Immigration will deport you if you don’t pay.  All annoying scams.  But, highly profitable for the organized criminals behind them. 

One of the biggest offenders was an operation based…

Continue

Added by Matthew Rosenquist on December 3, 2020 at 7:30am — No Comments

Top 3 Recommendations to Avoid Online Holiday Fraud and Scams

The holidays are a time for increased online fraud and scams. All of us need to follow the best security practices to keep our holiday from turning into a digital disaster.

Be smart.  Know that the cybercriminals will attempt all manner of fraud.  Be suspicious.  There are resources available to you if you need help or have…

Continue

Added by Matthew Rosenquist on December 2, 2020 at 3:26am — No Comments

China Seizes $4B in Cryptocurrency from Scammers

Governments can still pursue cybercriminals and fraudsters who use cryptocurrency.  China authorities have seized over 4 billion dollars worth of Bitcoin, Ethereum, and several other cryptocurrencies as part of a crackdown on the…

Continue

Added by Matthew Rosenquist on December 1, 2020 at 1:50am — No Comments

Disable Amazon Sidewalk for Now

Added by Matthew Rosenquist on November 26, 2020 at 3:32am — No Comments

Managing IoT Data SECURITY RISKS

We are surrounded!  Smart devices are everywhere and being integrated into all facets of our lives, from toothbrushes to automobiles.  Entire cities are becoming ‘smart’, as are factories, governments, global retail, freight logistics, and all national critical…

Continue

Added by Matthew Rosenquist on November 24, 2020 at 11:11pm — No Comments


Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20, 2020. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */