2016: The Year of the Spearphish

On November 29th, after a high-profile year of published leaks and hacks targeting the Democratic Party, Wikileaks struck once more, albeit against an unexpected target: HBGary Federal, a now-defunct government contracting affiliate of the eponymous cybersecurity firm. It was not a name unfamiliar to online observers; in 2011, HBGary Federal CEO Aaron Barr had boldly claimed to have identified the leading members of internet hacking collective Anonymous, drawing attention from federal investigators eager to identify and arrest the culprits behind DDoS attacks in support of Wikileaks.

Read More

New York Cybersecurity Regulations Explained (Updated)

Recently, New York’s Department of Financial Services and Gov. Andrew Cuomo released their long-awaited proposal for cybersecurity regulations regarding banking and financial services companies. The proposal, if implemented, would be the first mandatory state-level regulations on cybersecurity and promises to deliver sweeping protections to consumers and financial institutions alike. In Gov. Cuomo’s words: "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyberattacks to the fullest extent possible."

Read More

How Lack of Visibility Resulted in the Most Devastating Data Breach to Date

Government/politics, and cybersecurity—these topics may seem plucked from recent U.S. election headlines, but they're actually themes that have persisted over the last decade, reaching a pinnacle with the massive OPM data breach that resulted in the theft of over 22 million records—fingerprints, social security numbers, personnel information, security-clearance files, and more. Last month, a key government oversight panel issued a scathing 241 page analysis blaming the agency for jeopardizing U.S. national security for generations. The main culprit? Lack of visibility.

Read More

Cybersecurity and the State

Last week the Australian government announced a new cybersecurity initiative that will cost upwards of AU$240 million and create 100 “highly specialized” jobs. This comes on the heels of Obama’s February announcement of the Cybersecurity National Action Plan, which hopes to establish a cybersecurity committee and create a 3.1 billion dollar “modernization fund.” With business and communications now done almost entirely online, it makes sense that governments are taking cybersecurity seriously, but what does it mean for the state to establish a cybersecurity presence and how will these initiatives ultimately play out? We’ll look at the details of both plans and how they align with their government’s cybersecurity actions, as well as their potential impact on citizens.

Read More