Security Cloud Privacy Tech

Tagged With 'Risk'

<< More tags

My Toaster Works so Well It Almost Burnt Down My House

Toasters work so well that you forget they need maintenance. If we could get to taht level with cybersecurity controls we’d be lucky…until we weren’t

NFTs, Web3, and The Blockchain Have Their Place…Maybe

Are NFTs, Web3, and Blockchains useful? Or just hype?

Hype & Money Are Testing The Idea of NFTs

Too much hype and money make NFTs a risky bet right now.

A 326 Million Dollar Smart Contract Bug

The risks of smart contract bugs are quickly becoming apparently. They can cost millions.

Can You Own A Colour? Can You Try?

The NFT/Web3 world certain is the wild west…and some projects are way, way more wild.

The Number One Problem With Web3 Smart Contracts

If you can’t read the code in a Web3 contract, do you really know what it’s going to do?

Risk Analysis (And Essays) Shouldn’t End in “Um”

“Um” is not a great call to action, but sometimes it’s all you’ve got.

How Can You Figure out How Likely an App Is to Have Security Problems?

Can you—as a user—understand an app or service’s security posture? If so, how?

How The App Privacy Card in the Apple App Store Matters To You

What steps should we take to evaluate the privacy impact of a mobile app?

Despite 5G’s Capabilities, Mobile Providers Can’t Connect With Airline Industry

5G mid-band is rolling out in the USA with a last minute please from airline industries for more safey precautions. Why the last minute appeal?

Do You Care About Data Privacy? Does Anyone?

Data Privacy Day is January 28th, can we raise awareness about the issues around data privacy effectively? Will you take action?

Encryption Is Good For You and Your Community

Should be able to encrypt your communications? The debate is on…again

Would You Put Your Security in the Hands of a Guess?

A lot of risk decisions are made in the dark…why?

What Is Risk?

How do we respond to risk? Do we have the data we need to make an informed decision?

Lessons in Designing Blast Radius The Hard Way; One Mistake Crashes Facebook For Hours

Facebook, Instagram, and WhatsApp are deeply integrating into many aspects of daily life for many communities and business. One networking misconfiguration reminded 3.5 billion users of just that.

RSAC 2021

A purely digital RSAC 2021 kicks off looking back at a challenging year and to the challenges ahead for the security community.

Passwords Suck

Passwords are the worst. Trying to pick a “secure” one makes the whole thing worse. Every site and service has it’s own variation on the “rules” for making a strong password and it’s hard to remember what you’ve set your password to.

Are those rules really making our passwords stronger? Do we need so many …

Legacy Authentication Risks

The Canada Revenue Agency suffered a large breach exposing over 5,000 citizens to COVID-19 benefit fraud. This issue exposes some of the challenges of providing authentication services to millions of citizens. Why did this happen? And what can we do to protect ourselves?

Should I Worry About TikTok?

Is a social network focused on dancing, lip syncing, and fun a threat to national security just because of who owns it? Is TikTok a threat to national security? Do you need to worry about it you or your family using it?

Risk Decisions in an Imperfect World

Security is often spoken of in absolutes. Is this secure? Is that insecure? The reality is that security is a spectrum. It is a series of implicit and explicit decisions made to meet the business needs within an acceptable risk tolerance.

What is an acceptable risk? How can you determine what threats pose a risk to your work? How likely are those …

Keep Decisions Up To Date

Decisions are hard enough that you don’t want to have to revisit them constantly. But that’s exactly what is required in the realm of cybersecurity. Do you have a system in place to review decisions? Are you recording the right information to update those decisions when the time comes?

Most teams do not and it’s taking it’s …

DRUGS!!! and IT Risk and Graphs

Many questions come along with the federal legalization of cannabis in Canada. It’s a massive example of trickle down risk as various controls around usage and methods of delivery are pushed into areas they weren’t designed for. Are you doing the same thing with your IT deployments? Are you evaluating your risk graph?

Cybersecurity Basics #11a - Risk Assessments Redux

In your personal life you’re assessing risk constantly whether you know it or not. In the digital world the same thing happens BUT you probably don’t have the required context to make an informed decision.

Cybersecurity Basics #11 - Risk Assessments & Pen Tests

Risk assessments are useful when kept in context and continually updated. A penetration test (or pen test) is when your system undergoes a “friendly” attack with the idea of find issues before cybercriminals do. Together they are a strong set of practices to help you defences.

Ignorance & Risk

Some perceptions override the logic behind risk decisions. How do you fight through to make a sound decision?

Terms of Service

Terms of Service agreements hide all manner of tricks and cede all of the power to the issuing corporation. Should they?

Organizational Design and OT Risk

Sometimes the digital world has an impact on the real world…and it’s not always a positive one.

Apple iOS 11 Security

SXSW, Canadian budget, Apple, and more

Risk Assessments & The Risk Of No Data

Good data drives good decisions. This is a major problem in cybersecurity where the data simply isn’t available or accurate.

Another Day, Another Data Breach

Why do all incident response communications from customers feel the same? Why do they all miss the mark? How hard is it to do better?

What You Need to Know About Shellshock, aka the 'Bash Bug'

Shellshock is a surprising bug. Hidden for decades, what do you need to know to help your organization respond?

The Code Spaces Nightmare

Code Spaces is the worst case scenario. A simple misconfiguration in the cloud cost them their business.