Author: Tony Bradley

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 2 dogs, 5 cats, 1 rabbit, 2 ferrets, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

I am not sure if you noticed or not, but 2020 was a strange year. The COVID-19 pandemic completely disrupted the business model for most companies and forced an acceleration in digital transformation—even for companies who weren’t planning on, or prepared for, it. The net result is that there were a variety of repercussions from a technology and cybersecurity perspective—which makes the 2020 Product Security Report from Intel that much more relevant and interesting. The report opens with this statement from Intel: “Security doesn’t just happen. It’s the result of unwavering focus that guides everything we do to research, architect,…

Read More

Wi-Fi connectivity is increasingly pervasive. Many organizations have embraced Wi-Fi as a primary means of connecting to network applications and resources. It is significantly cheaper and more convenient than having to run ethernet cable throughout the office. It is also a more feasible option today than it once was because wireless technology has evolved to the point that Wi-Fi speeds today rival or exceed what was possible with wired connections not too long ago. Of course, the benefits of Wi-Fi connectivity also come with some unique security challenges—like the issues recently discovered by Ruben Santamarta, a principal security consultant at…

Read More

Organizations are faced with an increasing volume of attacks from a constantly evolving threat landscape. Cybersecurity is largely a game of cat and mouse—with attackers and IT security professionals taking turns leapfrogging each other’s capabilities—and digital transformation, accelerated dramatically by the COVID pandemic for many companies, has expanded the attack surface and created new opportunities for attackers. Thankfully, the rise of detection and response offerings strives to change the game and provide more effective protection. Qualys introduced a new service this week—Qualys SaaS Detection and Response (SaaSDR) to help customers defend SaaS applications and platforms. It wasn’t that long ago…

Read More

Ransomware has emerged in recent years as one of the most pervasive and effective cyber threats. It is generally easy to automate and execute ransomware attacks, and there is very little risk to the attackers—yet this type of attack enables cybercriminals to extort a steady stream of revenue from victims. 2020 presented even greater opportunity for attackers with the COVID-19 pandemic forcing entire companies to suddenly shift to a work-from-home model, and the crucial efforts to treat COVID-19 patients and develop treatments and vaccines making the healthcare and pharmaceutical industries particularly valuable targets. A ZDNet report from June 2020 declared,…

Read More

In technology circles, the acronym SDL is commonly understood to stand for Software Development Lifecycle. There is another very important “S”, though: Security. Intel recently published a white paper that describes the Security Development Lifecycle—an SDL developed to provide a framework for consistent application of privacy and security practices across software, firmware, and hardware. There are two very important reasons to incorporate security principles and design early and throughout the development lifecycle—cost and efficacy. Security is often not considered until a product is essentially ready for release. At that point, most of the design and engineering decisions are pretty much…

Read More

TechSpective Podcast Episode 051 Every year around this time, tech and cybersecurity media take a look back at the year that is winding down, and experts and pundits make predictions about the year ahead. It is a holiday tradition. From a cybersecurity perspective, it generally feels like the holiday we are celebrating is Ground Hog’s Day, though. You could take the recap articles and prognostications from almost any year and switch them with another without really losing anything. This year, however, is unique. This time last year, nobody had “Global pandemic shuts down the world and forces companies to embrace…

Read More

Intel is a sponsor of TechSpective When it comes down to it, money is involved in virtually every form of crime and cybercrime. In many cases, money itself is the primary target, but even when it isn’t, it still plays a vital and central role. Criminals leverage technology to launder and move money—funneling Illicit funds to finance criminal networks, rogue regimes, terrorist activities, and more. Consilient recently launched with a goal to develop a more effective approach to discovering and mitigating financial crime risk. Consilient was created through a partnership between K2 Integrity and Giant Oak. Gary Shiffman, founder and…

Read More

Companies of all sizes and across all industries have been forced to adapt to a business model where most—or all—employees work from home and connect remotely in response to the COVID-19 pandemic. Few were prepared to manage remote connectivity at that scale—never mind addressing security and data privacy concerns. Wandera recently launched Wandera Private Access —a cloud-based service that provides secure connections between users and applications based on the concept of zero trust—to give organizations the tools to maintain productivity without sacrificing security in this new remote workforce world. Challenges of VPN The standard method of secure remote access has…

Read More

Encryption is an essential element of effective cybersecurity and data protection. Only systems or individuals with the correct encryption keys are able to decipher and view the encrypted data. Of course, attackers know that too—which is why they work diligently to find ways to steal secret encryption keys and digital identities. Side channel attacks (SCA) are a creative way for hackers to try and capture keys and break encryption, but two potential new solutions from Intel are designed to raise the bar and show promise to help prevent these attacks from succeeding. Secure public key encryption is essential for maintaining…

Read More

Qualys is a sponsor of TechSpective The use of containers and container orchestration platforms like Kubernetes has exploded in recent years. Along with migrating to the cloud and embracing DevOps culture, containers enable significantly greater agility and scalability than traditional applications, and also accelerate the development lifecycle. Like traditional applications, containerized applications need security, but the nature of containers also makes this a more challenging endeavor—especially when trying to protect containers at runtime. Earlier this month, Qualys announced availability of Container Runtime Security (CRS)—an add-on to Qualys Container Security. The solution weaves the technology of Layered Insight—a company acquired by…

Read More