Cybersecurity

January 22, 2017
President Donald J. Trump’s Administration has suggested massive overhauls in a number of policy areas, but few have remained as shrouded in uncertainty as Trump’s vision for the future of cybersecurity.
January 22, 2017
In the wake of the arrest of Central Intelligence Agency (CIA) officer Aldrich Ames as a spy, then-CIA Chief of Counterintelligence Paul Redmond commented, “There is an actuarial certainty that there are other spies in U.S.
January 22, 2017
U.S. failure to fully develop and implement a comprehensive cyber security strategy created the perfect opportunity for Russia to attack the Democratic National Committee computer network, and enabled them to meddle and interfere with the U.S. presidential election.  
January 22, 2017
In the fall of 2008, a bipartisan group of cybersecurity experts delivered some sage advice to Barack Obama, set to become president in January: “Don’t start over.” That group, organized by the
January 11, 2017
President Barack Obama’s decision to impose a range of sanctions against Russia for its successful network strike and information operation against the U.S. electoral process was an excellent first step towards an improved cyber deterrent capacity.
January 8, 2017
On November 29, Royal Assent was given to the UK Investigatory Powers Act, after eight months of intensive Parliamentary scrutiny, with hundreds of amendments made, following lengthy pre-legislative debate in three Parliamentary Committees.  The Act draws on the input from three separate, indepen
January 8, 2017
Surveillance law is absolutely necessary because it compels the government to write down, for all to clearly see, the rules that they must abide by as they undertake intrusive powers, often in secret, to investigate criminal activity and protect a country.
January 8, 2017
On January 1st, the United Kingdom began the implementation of the Investigatory Powers Act, widely considered the most comprehensive—and intrusive—surveillance law in the Western world.
January 5, 2017
Pundits will pick over the lessons of 2016 for a long time, and as they do, cyber experts are looking at the past year and finding lessons as well, with far-reaching implications for our nation’s security.
December 25, 2016
Editor’s Note: Over the coming days, The Cipher Brief presents some of our most incisive coverage on key issues of 2016 and a look ahead at what is yet to come in 2017.
December 25, 2016
Hacktivism has been a fact of life even before the rise of Anonymous. In 2016, we saw a tidal wave of global hacktivism and cyber spying, and this trend will continue in 2017.
December 22, 2016
The cybersecurity environment is constantly changing.
December 18, 2016
On December 1, Congress authorized sweeping new government hacking and surveillance authorities by allowing changes to Rule 41 of the Federal Rules of Criminal Procedure to take effect.
December 18, 2016
What if the U.S. government could force entry—in other words, hack—into electronic devices around the world, using only one warrant, even if the owners of those devices were not suspected of any criminal activity - and it would be legal?
December 18, 2016
With the growth of cybercrime facilitated by the global nature of the Internet, law enforcement is adapting their toolsets to better tackle the challenges presented by technologies that blur legal jurisdiction.
December 11, 2016
China’s new Cybersecurity Law, which received parliamentary approval in November and will go into effect in June of 2017, is not necessarily novel.
December 11, 2016
Last month, China’s legislature passed the Cybersecurity Law, which is due to take effect next summer. The controversial law has received a number of criticisms from technology companies, Western government officials, and human rights advocates.
November 30, 2016
With the pervasive growth of smart phone and tablet use, cybersecurity professionals are worried these devices could present new vulnerabilities to company systems.
November 27, 2016
Amidst a rash of data breaches where compromised passwords provided the vector of attack – think Target, Anthem, OPM, or more recently, the Democratic National Committee – industry and government are working together to bolster their defenses. 
November 27, 2016
The use of biometrics to authenticate identity has been the subject of great debate for years, with opposing sides arguing its value for security, privacy, and convenience.
November 27, 2016
Cyberspace has grown into a vital domain of everyday life—we work, socialize, play, and conduct financial transactions online. Our lives now have a digital touch, and much like in the physical world, our identities are at the core of our virtual experience.
November 17, 2016
With organizations and companies continuing to experience breaches in their networks, there is a need for the cybersecurity industry to quickly adapt their strategies so that they are inspecting the entire chain of steps leading up to a breach as well as taking an attacker point-of-view into
November 6, 2016
On Tuesday, people around the United States will flood to local polling places to cast their vote for the future leadership of the United States. Voting—the very foundation of representative democracy—is predicated on privacy, anonymity, and freedom from outside influence or coercion.
November 6, 2016
When it comes to cybersecurity preparations for the 2016 election, it is now officially too late.
November 6, 2016
With elections around the corner and ongoing fears of Russian interference and vulnerabilities in electronic election systems, The Cipher Brief sat down with Rachel DeLevie-Orey of the Atlantic Council to discuss the current state of the U.S.
November 6, 2016
The idyllic American university campus conjures the image of a safe and open academic environment where students spend four or more years learning new ideas and preparing for future careers.  Professors challenge eager students to open their minds to old and new perspectives in science, mathemati
October 30, 2016
All Americans – including both company executives and law enforcement officials across the nation – want to keep our country safe and secure.
October 30, 2016
At least twice in the past year, the U.S. was Twappled.  That is, multibillion-dollar U.S. corporations used their significant position in their respective industry to obstruct the U.S.
October 30, 2016
Earlier this month, Director of National Intelligence (DNI) James Clapper described reaching out to the private
October 9, 2016
As cyber attacks against U.S. government and private networks have increased in severity in recent years, the Congress and President have actively sought to identify, with the assistance of the U.S. private sector, conditions in U.S.
October 9, 2016
The past year has proven to be a contentious and disruptive time for the technology sector.
October 9, 2016
A confusing legal landscape and ever changing technology has created a challenging environment for businesses to navigate.  The Cipher Brief recently spoke to Chris Pogue, the Chief Information Security Officer at Nuix, about the nature of the problem and what needs to be done to bring govern
October 6, 2016
Recent amendments to the Wassenaar Arrangement (WA)—a multilateral voluntary agreement among 41 countries that places restrictions on the export of dual use
October 2, 2016
The risk of attack or theft from cyber-enabled actors has been made extremely clear to both private businesses and governments. The last few years have demonstrated that any connected device – be it a computer, a phone, or even a car – can be hacked by someone.
October 2, 2016
Whether it’s your phone, your computer, TV, or even a refrigerator, all those connected devices that we depend on in our daily lives have become targets for an ever-growing cadre of cyber criminals.  The Cipher Brief spoke with two Flashpoint officials, Chief Scientist Lance James and Subject
October 2, 2016
As more and more business is conducted online and cyber criminals target in on a very lucrative market, both the public and private sector face increasing cybersecurity risks.  The Cipher Brief sat down with Scott Keoseyan, the leader for Deloitte’s Cyber Threat Analysis and Research Teams, a
September 25, 2016
Cyber threats pose a challenge to banks and firms operating in the financial sector, primarily due to the fact that “vulnerability really exists everywhere,” both on the technological side and the business side, says Michael Orozco, Managing Director in Accenture Strategy Security.
September 25, 2016
The Cipher Brief sat down with Steven Grossman, VP of Strategy and Enablement at Bay Dynamics, to discuss the current cyber threat landscape facing the financial sector.
September 25, 2016
American businesses lose an estimated $160 billion to $480 billion annually due to trade secret misappropriation.
September 25, 2016
Observers around the world were shocked when news broke about a major bank heist in Bangladesh. This was no ordinary robbery though – this time, the thieves stole tens of millions of dollars by exploiting a flaw in the SWIFT network—an internationally recognized code for banks.
September 20, 2016
The Cipher Brief sat down with Stuart Clarke, Chief Technical Officer for Cybersecurity at Nuix, to discuss how the visualization of data plays a critical role in detecting cyber threats, including insider threats originating from within a company itself.
September 20, 2016
Behavioral profiling plays an important role in the wider effort to counter cyber threats, explains Steve Bongardt, VP of Security Consulting Services at Fidelis Cybersecurity.
September 20, 2016
There are two different types of insider threat: negligent and malicious. Negligent insiders are people who give attackers access by mistake. For example, the employee who clicks on a spear-phishing email and lets hackers into their employer’s networks is a negligent insider.
August 21, 2016
The Cipher Brief’s Luke Penn-Hall sat down with Steve Grobman, Intel Fellow and Chief Technology Officer for Intel Security, at the annual Black Hat cybersecurity conference, which took place in early August. Steve discussed how he views the threat from ransomware evolving.
August 21, 2016
The Cipher Brief’s Luke Penn-Hall spoke to Tom Parker, Chief Technology Officer for FusionX, at the annual Black Hat cybersecurity conference that took place in early August.
August 21, 2016
Every day, the line between cyber-threats and physical threats grows thinner – blurring the crucial distinction between attacks on networks and attacks on materials objects.
August 17, 2016
Given the growth of the cyber-threat matrix, many IT system users have found that conventional defenses—firewalls, anti-virus applications, blocking software, and malware detection regimes—are only as effective as the last attack.  Porous perimeter defenses can slow system operating speeds and re
August 3, 2016
Trying to keep malware off your computer is standard practice at this point, but not many people know that malware also poses a threat to their phones. The Cipher Brief asked Ravi Devireddy, CTO and co-founder of E8-Security, about mobile phone malware.
July 15, 2016
As hackers continue to grow more sophisticated, many firms are struggling to find ways to ensure that their systems are secure. In support of that goal, some have found a measure of success with bug bounty programs, which allow firms to crowdsource the identification of vulnerabilities.
July 11, 2016
One year ago, on July 10, 2015, Katherine Archuleta resigned her position as Director of the Office of Personnel Management (OPM) in the face of intense criticism following the announcement that OPM had been the victim of the worst breach of a government network in U.S. history.

Pages