Author: Tony Bradley

Information by itself is generally boring. My role as a writer is to take relevant facts and details and put them into a format that my audience wants to read. The very best information is useless if nobody reads it, so it is important to make it engaging by crafting a narrative around it. The Identity Defined Security Alliance (IDSA) understands the value of the story—which is why they created the CISO Chronicles to raise awareness of identity and access management fundamentals. Hacker’s Challenge I started my career as a writer as the Guide for the About.com site for Internet…

TechSpective Podcast Episode 088 What have you got going on next Tuesday? Identity Management Day is coming up on April 12. Identity Management Day is a one-day virtual conference that brings together security leaders, vendors, and advocates to raise awareness, share best practices, and inspire individuals —and organizations of all sizes—to take action when it comes to effectively managing and securing digital identities. You will be able to visit with exhibitors in the virtual expo starting at 10am Eastern. The sessions will start at 11am Eastern with awards announcements and a keynote panel.  “The biggest problem with identity management today is…

Last week, results were released for the fourth round of MITRE Engenuity ATT&CK Evaluations. There were 30 participating vendors this year. Cybereason achieved perfect scores in nearly every aspect of the MITRE evaluations. “This latest round indicates significant product growth from our vendor participants. We are seeing greater emphasis in threat-informed defense capabilities, which in turn has developed the infosec community’s emphasis on prioritizing the ATT&CK framework,” said Ashwin Radhakrishnan, acting General Manager of ATT&CK Evals, MITRE Engenuity, in a blog post. Unfortunately, once the results are published, it quickly becomes clear that the primary benefit of MITRE can also…

We live today in a brave new world. No, not the world envisioned by Aldous Huxley in his dystopian classic “Brave New World,” but a world very different from the one we had just a couple of years ago. The COVID-19 pandemic has been a catalyst for a seismic shift in the way companies do business and how individuals connect and maintain productivity. The wheels of digital transformation were already in motion, but the pandemic greatly accelerated those efforts—introducing unique risks and security challenges at the same time. Adapting and Embracing Change When the COVID-19 pandemic first took off in…

TechSpective Podcast Episode 087 In a former life, I was a network administrator and IT support manager. One of the core responsibilities was to ensure resilience and business continuity even in the event of a power outage–and that meant relying on UPS (uninterruptible power supply) devices. APC was the brand we used, and–as far as I know–APC is the default that most companies turn to. New research from Armis discovered multiple vulnerabilities in APC Smart-UPS devices that could potentially be exploited remotely by attackers. An Armis blog post explains, “The latest APC Smart-UPS models are controlled through a Cloud connection.…

TechSpective Podcast Episode 086 Connecteam is an Israeli startup with a mission to provide everything a company needs to empower, manage, and engage its deskless workforce. That mission is resonating with investors as well, as the company recently announced $120 million in Series C funding. Global efforts to quarantine and limit the spread of the COVID-19 pandemic have dramatically accelerated digital transformation efforts. The pandemic drove businesses to adopt a 100% remote, work-from-home business model overnight, and has fundamentally changed the way companies communicate and get things done. From Connecteam’s perspective, though, that is just the tip of the iceberg.…

TechSpective Podcast Episode 085 The Winter Olympics are taking place right now in Beijing, China. It puts the teams and athletes in a sensitive and precarious situation because China is an economic and geopolitical adversary to most of the participating nations, and expectations are high that China will do everything it can to intercept communications and infiltrate devices to gather intelligence during the event. It is also a prime opportunity for cybercriminals. Any time you have a massive event with tens or hundreds of thousands of attendees and millions of viewers around the world, cybercriminals can take advantage of heightened…

TechSpective Podcast Episode 084 The world has changed in dramatic ways over the past couple of years. The COVID-19 pandemic forced an overnight shift to a remote, work-from-home business model and accelerated digital transformation efforts. Those changes have cybersecurity consequences–making the attack surface more complex and introducing new risks for attackers to take advantage of. Prabath Karanth, Head of Security Assurance, Compliance, and Trust for TripActions joins me to talk about some of the challenges of managing cybersecurity under these conditions. I spoke with Prabath previously while he was with Adobe, so we touched on the difference between working cybersecurity…

TechSpective Podcast Episode 083 The concept of zero trust is not new. John Kindervag popularized the term back around 2010 when he was a Forrester analyst, and organizations have been implementing and deploying variations on the idea ever since. However, the combination of the continued expansion of the attack surface and threat landscape, the shift to working remotely from home due to the COVID-19 pandemic, and the dramatic rise in ransomware attacks has fueled renewed interest. Den Jones, Chief Security Officer at Banyan Security, joins me on this episode of the TechSpective Podcast to talk about the current state of…

Technology has liberated us from our desks and homes. We can connect to applications and access information from virtually anywhere thanks to mobile devices and laptops. We can finish a presentation from a hotel lobby, write a report while enjoying a latte at a coffee shop, or search the web to compare prices while shopping in a store thanks to cellular and Wi-Fi connectivity. One of the persistent myths when it comes to connecting on the go, though, is that cellular networks are more secure than Wi-Fi networks. The reality is that current generations of both cellular and Wi-Fi networks…