According to Verizon’s 2017 Data Breach Investigations Report (DBIR), “81% of hacking-related breaches leveraged either stolen and/or weak passwords.” The National Institute of Standards and Technology (NIST) understands this. This is why, I believe, they …
In June 2017, the National Institute of Standards and Technology (NIST) released its updated Digital Identity Guidelines in Special Publication 800-63-3. The draft of this publication gained a lot of press in 2016 for highlighting …
Active Directory has long been a favorite target for hackers. As every penetration tester knows, the best way to compromise a network is to gain access to the Active Directory (AD) server and escalate your …
Last week, while driving, an advertisement came on the radio for a home security system. I already have a home security system but the ad still caught my attention. As I listened I started to …
LinkedIn Phishing – Are your employees safe? It all started as a harmless exchange between like-minded adults. It was something I had experienced many times before either at work or in the privacy of my …
Do cybersecurity vendors consider user experience? We need to start designing solutions based on both network protection AND network performance.
The DoD CIO Terry Halvorsen made a bold call for the replacement of the CAC within the next two years. If there is no more CAC how can the DoD maintain its PKI?
I recently returned from the AFCEA Defensive Cyber Operations Symposium where one of the main topics was Assured Identity, particularly as it pertains to Mobility. The DoD’s Public Key Infrastructure (PKI) is well established as …
