Security Cloud Privacy Tech

Tags

Content Tags

Latest in AI

Is Google LaMDA Sentient?

Is a Google language model alive? One researcher certainly thinks so.

Facial Recognition Consent

Facial recognition is becoming more and more common. In some cases, it’s used to make existing procedures more efficient or to connect existing data points together. While that seems like the community has already consented to these use cases, people often have a visceral reaction to hearing that new technology is being applied.

Deep Fakes Was That Real

Is that video real? Are you sure? A new technique makes it easier than ever to create passable fake videos of prominent people. You cannot trust your eyes anymore.

Latest in Apple

If Apple’s FaceID Works With Masks On, Will That Reduce Your Security?

😷📲 …finally

Should Apple Allow 'Sideloading' Apps on My iPhone?

Apple is under fire on a number of fronts. The biggest issue this week is several bills introduced in the US. A key issue? The ability to “sideload” apps on your iPhone.

Privacy at WWDC21

Apples annual developer conference announced the latest version of all of Apples operating sytems and privacy was a key pillar across all of them.

Latest in AWS

The Ultimate Guide to AWS re:Invent 2022

The best conference in cloud is back for 2022. Here’s how to get the most out of the show!

Automating Audit Evidence Collection Natively in AWS

The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points.

Some Thoughts on AWS Well-Architected Custom Lenses

The AWS Well-Architected Tool allows users to create their own Custom Lenses. I have thoughts…

Latest in AWS re:Invent

The Ultimate Guide to AWS re:Invent 2022

The best conference in cloud is back for 2022. Here’s how to get the most out of the show!

Stephen Schmidt's Security Leadership Session at AWS re:Invent 2021

The leadership session at AWS re:Invent provide a deeper dive into a specific area of focus. Stephen Schmidt, CISO at AWS takes the stage to talk all things security.

Werner Vogel's Keynote at AWS re:Invent 2021

AWS re:Invent is always THE event in cloud. Werner Voegls delivered the latest version of his hotly anticipated keynote on day four.

Latest in Azure

Security on Azure

How does security work in the Azure cloud? This post lays out the basics.

Getting Up to Speed on Azure

Microsoft Build 2014 kicks off a new era for Microsoft. One that will (hopefully) transform the company and focus on building out their cloud; Azure.

Latest in CBC

Why is it so hard to law enforcement to track down harassers?

If you’ve been harassed online, is there any hope that the criminal will be caught?

Canadians Are Reliant on Rogers Whether We Like It or Not

Rogers suffered a network outage that took down 35+% of Canadian internet connectivity…whoops?

Is Google LaMDA Sentient?

Is a Google language model alive? One researcher certainly thinks so.

Latest in Cloud

Making 'included_files' in Netlify Functions Actually Work

The included_files feature of Netlify Functions can be confusing. Here’s how to get it working.

I Fixed My Website in 317 Effortlessly Easy Steps...After I Broke It

I’ve been publishing to markn.ca for almost 22 years. I broke it yet again in order to fix it.

The Ultimate Guide to AWS re:Invent 2022

The best conference in cloud is back for 2022. Here’s how to get the most out of the show!

Latest in Culture Change

Parler Pas: Fringe Social Network Offline

Parler gets deplatformed and can’t find any organizations that want to work with it. It’s about time.

The Help Desk Is a Key to Incident Response

Outages are hard to handle. There’s pressure to get things back up and running, to avoid damage to your reputation, and to avoid getting yelled at by the boss. The Help Desk is often the best positioned team to help…and the most overlooked. Here are some tips to help handle the communications side of incidents better.

The New Office: Home?

Is working from home the new normal in tech? Is working from home as simple as ensuring a strong internet connection and access to the right tools? This is an issue with a ton of impacts outside of just the relationships on your team. This post highlights various conversations and points of view on the issue.

Latest in Cybercrime

Streaming Giant Twitch Hit by Major Data Breach

Twitch has been hit by a major data breach. 165GB of critical information was leaked on 4chan. What will the impact be? Will this cause even more streamers to leave?

US Federal Government Cybersecurity is Lacking

A new report from a United States Senate Committee gave 24 US department and agencies an average grade of C- in cybersecurity. That’s not good.

Lazio & BlackMatter Bring Ransomware Into the Spotlight…Again

The region of Lazio was hit by a ransomware attack and is struggling to recover from this attack on critical infrastructure. BlackMatter, a new ransomware supergroup, just announced they wouldn’t conduct these types of attacks. What does it mean for the future of ransomware?

Latest in DevOps

Making 'included_files' in Netlify Functions Actually Work

The included_files feature of Netlify Functions can be confusing. Here’s how to get it working.

I Fixed My Website in 317 Effortlessly Easy Steps...After I Broke It

I’ve been publishing to markn.ca for almost 22 years. I broke it yet again in order to fix it.

Software Development Security Challenges

In software, developers often don’t have a choice. Speed becomes a business imperative for survival and to stay competitive.

Latest in Google

Automating Audit Evidence Collection Natively in AWS

Google Cloud makes some small pricing adjustments and reactions are mixed. Here are my thoughts.

Google Cleans Up Google Cloud Development

Google Cloud recently cleaned up both the CLIs and SDKs for building in the Google Cloud.

Your Web Browser As Your Computer

Google Chrome OS Flex is going to help put Chrome OS on a lot more computers. That’s a good thing, right?

Latest in Identity

Digital Id in Canada

Canadian data privacy laws state that an organization is responsible for the life cycle of the data. Most orgs struggle with protecting it while it’s in use, what about after they no longer need it?

Porn & Digital Identity

The Digital Economy Act of 2017 in the UK is trying to put up enforceable age gates to pornography. That might be a good idea but it’s extremely difficult to actual do online. At the same time, here in Canada, our major financial players are launching a joint identity service.

Connect both of these issues together and the larger issue …

Passwords, Educatiing Users, and the Communal Good

Security awareness is next to useless. Educate users instead

Latest in IoT

Hackers Delete Home Backups Remotely (WD My Book Live Flaw)

Some WD My Book Live users had a shock this week as hackers remotely wiped their data. What can they do about it?

Does Your Utility Control Your Smart House?

When your local electric utility offered a new smart thermostat a heavy discount, a lot of homeowners jumped at the chance. Unfortunately, a clause in the terms of the promotion grants the utility access to your data and the ability to remotely control the device!

What You Need To Know About the Colonial Pipeline Attack

Colonial Pipeline is recovering from a ransomware cyberattack. There’s a ton of attention on them right now, what do you need to know about this issue?

Latest in Livestream

How to Present on Video and Live Streams

Presenting on video and live streams is hard. Even though the goal is to connect to people, sitting alone(ish) presenting to a camera lens and computer display can be alienating. There are a number of simple techniques you can use to upgrade the quality of your present and stream. This post walks you through planning out and delivering a high …

Zoom Us and Practical Cybersecurity

Video conferencing platform Zoom has been in the news almost constantly over the past few weeks. At first it was hailed as a tool to help reduce this isolated feeling all of us are experiencing, then it was a pile on for security and privacy issues, and finally the last two weeks have started a redemption story.

Road to re:Invent - AWS Machine Learning

AWS has recently explored with great machine learning services. From the core building blocks to services design to teach you techniques to simple transactional services that just get the job done. This stream looks provides an overview of these services and when you might want to use them.

Latest in OT

What You Need To Know About the Colonial Pipeline Attack

Colonial Pipeline is recovering from a ransomware cyberattack. There’s a ton of attention on them right now, what do you need to know about this issue?

Building On Fragile Layers

Nothing is built in isolation. Each technology builds on layers and layers of technology before it. But are those layers worth building on? Can they support the weight of new ideas? How do you account for issues in layers you don’ t control? We’re seeing the negative consequences more and more in the IIoT / OT world…

The Cybersecurity Paradox in Operational Technologies

This deep techincal dive in the cybersecurity of operational technologies (OT) focuses on the dramatic timing disconnect. Physical technology is often bought to last for years and years, digitally focused tech is designed to be updated constantly and replaced quickly. That’s problem in today’s hostile internet.

Latest in Privacy

Is Digital Privacy Important?

Digital privacy is critical in our communities. Why don’t we have it?

Risk Analysis (And Essays) Shouldn’t End in “Um”

“Um” is not a great call to action, but sometimes it’s all you’ve got.

How Can You Figure out How Likely an App Is to Have Security Problems?

Can you—as a user—understand an app or service’s security posture? If so, how?

Latest in Rant

If Apple’s FaceID Works With Masks On, Will That Reduce Your Security?

😷📲 …finally

Why You Should Build Less, Not More

Just because you can solve a problem, doesn’t mean you should.

An Uncomfortable Admission On Work

Good enough sometimes is.

Latest in Risk

My Toaster Works so Well It Almost Burnt Down My House

Toasters work so well that you forget they need maintenance. If we could get to taht level with cybersecurity controls we’d be lucky…until we weren’t

NFTs, Web3, and The Blockchain Have Their Place…Maybe

Are NFTs, Web3, and Blockchains useful? Or just hype?

Hype & Money Are Testing The Idea of NFTs

Too much hype and money make NFTs a risky bet right now.

Latest in Security

My Toaster Works so Well It Almost Burnt Down My House

Toasters work so well that you forget they need maintenance. If we could get to taht level with cybersecurity controls we’d be lucky…until we weren’t

Okta Breach Highlight The Challenges of Incident Response Communications

Okta is responding to a public cybersecurity incident, what can we learn from how they handled communications?

CloudFlare Launches an API Gateway

CloudFlare launches a new API Gateway product, will is shake up the market?

Latest in Serverless

Making 'included_files' in Netlify Functions Actually Work

The included_files feature of Netlify Functions can be confusing. Here’s how to get it working.

It’s Official, Serverless Is Now Meaningless and That’s...Ok?

Serverless used to mean something…maybe. Does it mean anything to the cloud community today?

3 Years of Serverless Security

Serverless architectures help you and your team focus almost entirely on delivering business value. They also break almost every existing security technique. I’ve been actively researching serverless security for a while now, here’s what I’ve learned over the past three years.

Latest in Ship30for30

NFTs, Web3, and The Blockchain Have Their Place…Maybe

Are NFTs, Web3, and Blockchains useful? Or just hype?

Hype & Money Are Testing The Idea of NFTs

Too much hype and money make NFTs a risky bet right now.

Why Multi-Factor Authentication Is Critical To Stopping Hackers From Getting Into Your Accounts

Two minutes of work can stop hackers in cold in their tracks.

Latest in Social Media

Why is it so hard to law enforcement to track down harassers?

If you’ve been harassed online, is there any hope that the criminal will be caught?

Twitter To Add Edit Button...Finally

Twitter finally admits it’s working on an edit button. Why now?

Facebook Sets Out To Build The Multiverse...and Hopes To Hide There

Facebook commits $10B per year to build the multiverse. Earnest attempt at progress or an attempt to divert attention?

Latest in Society

Facebook Sets Out To Build The Multiverse...and Hopes To Hide There

Facebook commits $10B per year to build the multiverse. Earnest attempt at progress or an attempt to divert attention?

Parler Pas: Fringe Social Network Offline

Parler gets deplatformed and can’t find any organizations that want to work with it. It’s about time.

How AI Could Help Ease Your Zoom Fatigue

Is your day chalk full of video calls? Wondering why you’re exhausted at the end of the day? The two might be related 😉. In this column, Robyn and I discuss some of the reasons for ‘zoom fatigue’ and what technology might help address it.

Latest in Talk

The Unicorn Project Through a Security Lens

The Unicorn Project is the latest book from Gene Kim, one of the leaders of the DevOps movement. The book focuses on developer enablement and culture. What does this have to do with cloud security? Everything.

The cloud is an amplifier. It lets teams do more with less. This innovative and fast-paced approach creates a mountain of security …

Risk Decisions in an Imperfect World

Security is often spoken of in absolutes. Is this secure? Is that insecure? The reality is that security is a spectrum. It is a series of implicit and explicit decisions made to meet the business needs within an acceptable risk tolerance.

What is an acceptable risk? How can you determine what threats pose a risk to your work? How likely are those …

Strong Security Made Simple

Organizations struggle with extending their security practices to the cloud. Traditional approaches don’t work, and new cloud-only practices duplicate work for an already overtaxed team. The goal of cybersecurity is simple: to ensure that what you build works as intended and only as intended. This session teaches you how the AWS Cloud Adoption …

Latest in Technology

I Fixed My Website in 317 Effortlessly Easy Steps...After I Broke It

I’ve been publishing to markn.ca for almost 22 years. I broke it yet again in order to fix it.

Why is it so hard to law enforcement to track down harassers?

If you’ve been harassed online, is there any hope that the criminal will be caught?

Canadians Are Reliant on Rogers Whether We Like It or Not

Rogers suffered a network outage that took down 35+% of Canadian internet connectivity…whoops?

Latest in Trend Micro

Let's Talk Cloud - Season 2

The second series of my live streaming series for Trend Micro. In it,I speak to various cloud leaders about what’s happening in cloud.

Let's Talk Cloud - Season 1

In this live streaming series for Trend Micro, I speak to various cloud leaders about what’s happening in cloud.

4 Principles for Hybrid Cloud Success

Four principles to help you navigate a cloud migration and the realities of hybrid cloud.

Latest in Vulnerabilities

Pegasus Spyware Runs Roughshod over Human Rights

The Pegasus Project is a collaborative effort by a number of media and advocacy organizations around to the world. With their work, they are shining a light on nation state use a specific malware tool: Pegasus spyware.

Microsoft Windows PrinterNightmare Patch Highlight “Unperfect” Security Decisions

The out-of-band patch for PrinterNightmare on Microsoft Windows doesn’t completely fix the issue. What are IT and security teams to do?

Windows Is Having a PrinterNightmare and Can’t Wake Up

PrinterNightmare is a high severity vulnerability that affects all versions of Windows and is being actively exploited…on a long weekend 😬