Author Archives: Eric Sharret

Protect Anonymity in Machine Learning

How to Protect Anonymity in Machine Learning

The General Data Protection Regulation (GDPR) just went into effect in the European Union.  It is a law that is designed to protect the privacy of individuals by requiring explicit permission for data collection and the enforcement of strict data usage policies.   Companies, specifically those that employ machine learning, have complained about the onerous regulation,

Read More

NIST's Tougher Approach to Identity Risk

NIST’s Tougher Approach to Identity Risk

According to Verizon’s 2017 Data Breach Investigations Report (DBIR), “81% of hacking-related breaches leveraged either stolen and/or weak passwords.” The National Institute of Standards and Technology (NIST) understands this. This is why, I believe, they are taking a tougher approach to identity risk than to other areas of network security. As proof I would point

Read More

NIST 800-63-3

Authentication Token Cybersecurity and NIST 800-63-3

In June 2017, the National Institute of Standards and Technology (NIST) released its updated Digital Identity Guidelines in Special Publication 800-63-3.  The draft of this publication gained a lot of press in 2016 for highlighting the cybersecurity risks when using SMS for multi-factor authentication.  While the final version has not had as much focus, the

Read More

3 Ways Blockchain Can Improve PKI

3 Ways Blockchain Can Improve PKI

3 Ways Blockchain Can Improve PKI When it comes to technology buzzwords there are few bigger than blockchain.  Speak with any overexcited technologist and you will get an hour lecture about how it is the future of secure transactions.  The benefits of blockchain technology are that it is public, distributed, and tamper-resistant.  Indeed blockchain technology

Read More

Ransomware and 3 Rays of Hope

Ransomware and 3 Rays of Hope

This week we received news of another global ransomware attack that has reportedly affected FedEx, Rosneft, Moller-Maersk, and Merck.  This comes hot on the heels of last month’s WannaCry ransomware attack that affected 300,000 computers in 150 countries.  It seems these two attacks are linked because they both use the Server Message Block (SMB) protocol

Read More