Author Archives: Tripwire Guest Authors

VPNs: What Do They Do, and What Don’t They Do?

Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet. Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well […]… Read More

The post VPNs: What Do They Do, and What Don’t They Do? appeared first on The State of Security.

Entry-Level Career Advice for Aspiring Cybersecurity Professionals

If the global cybercrime forecast took the form of a weather report, it might go something like this: The extended outlook calls for continued online lawlessness, scattered malware attacks and an ongoing blizzard of data breaches. After all, with experts predicting that the cybercrime epidemic will cost the world $6 trillion annually by 2021 as […]… Read More

The post Entry-Level Career Advice for Aspiring Cybersecurity Professionals appeared first on The State of Security.

What to Expect from Brazil’s New Data Protection Law

The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has played a crucial role in formulating another substantial privacy law known as the California Consumer Privacy Act that came into effect on January 1, 2020. Similar to the […]… Read More

The post What to Expect from Brazil’s New Data Protection Law appeared first on The State of Security.

State of Insider Data Breaches in 2020

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing. Insider threats can be accidental […]… Read More

The post State of Insider Data Breaches in 2020 appeared first on The State of Security.

Beyond Passing the Test: Lessons from My Infosec Certification Journey

Not everything that tastes good is healthy, and not everything healthy tastes good. I think of exams as the latter. They are one way to test knowledge, and that attitude is a big part of how I survived getting certified. After taking all kinds of exams, one thing hasn’t changed – I don’t like them. […]… Read More

The post Beyond Passing the Test: Lessons from My Infosec Certification Journey appeared first on The State of Security.

The Cybersecurity Implications of 5G Technology

The coming of widespread 5G technology promises more than just faster everything, enhanced capacity and greater reliability. Leading proponents of the wonders of 5G, such as the theoretical physicist and author Michio Kaku, paint a picture of a true technological “paradigm shift, a game-changer.” The self-described futurist invites us to imagine a lightning-fast global communications […]… Read More

The post The Cybersecurity Implications of 5G Technology appeared first on The State of Security.

Protecting Fleet Data from Security Threats

Big data is revolutionizing fleet management — specifically in the form of telematics. From engine diagnostics that track fuel efficiency and mileage to sensors that detect aggressive driving behavior and interior vehicle activity, this information is so valuable that we’re quickly approaching the point where connected technology will come standard in every vehicle. Telematics is […]… Read More

The post Protecting Fleet Data from Security Threats appeared first on The State of Security.

U.S. Elections: Effectively Balancing Access and Security

For a Democratic Party desperate to unseat President Trump in November, the primary election process has been filled with large-scale technology failure, official miscalculations, voter annoyance and public embarrassment, not to mention piles of money spent in pursuit of an improved 21st-century process that turned out to be worse than what they had. They might […]… Read More

The post U.S. Elections: Effectively Balancing Access and Security appeared first on The State of Security.

Why OPSEC Is For Everyone, Not Just For People With Something To Hide – Part III

In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just those with something to hide. If you haven’t read the previous articles then please check them out first (Part I & Part II), as they provide key background information about the techniques discussed in this […]… Read More

The post Why OPSEC Is For Everyone, Not Just For People With Something To Hide – Part III appeared first on The State of Security.

I, CyBOK – An Introduction to the Cyber Security Body of Knowledge Project

The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational and generally recognized knowledge on Cyber Security.” Version 1.0 of the published output of this consultative exercise was quietly released last year and then more publicly launched in January 2020. Yet, this […]… Read More

The post I, CyBOK – An Introduction to the Cyber Security Body of Knowledge Project appeared first on The State of Security.

Maze Ransomware Targets the Hospitals and Labs Fighting Coronavirus

“Never let a good crisis go to waste.” These wise words have been recently attributed to former Bill Clinton Chief of Staff Rahm Emanuel, though Freakonomics actually dates it back to 1976 and a completely different context. Regardless of who first uttered the phrase or some permutation of it, modern-day cybercriminals have taken the candid […]… Read More

The post Maze Ransomware Targets the Hospitals and Labs Fighting Coronavirus appeared first on The State of Security.

Is Cyber Bullying Just Kids Being Mean On Social Media, Or Is There More To It?

Whilst there are many definitions out there, to me cyberbullying is any form of communication that is aimed at hurting or embarrassing a specific target. From my personal experience, it has been often used in an attempt by the bully to raise themselves above their target and/or discredit the target. Working within the cybersecurity field, […]… Read More

The post Is Cyber Bullying Just Kids Being Mean On Social Media, Or Is There More To It? appeared first on The State of Security.