Cyberpsychologist Mary Aiken: New Threats Demand New Solutions

Cyberpsychologist Mary Aiken: New Threats Demand New Solutions

Editor’s note: Dr. Mary Aiken, a cyberpsychologist, expert in cyber behavioral analysis and author, will deliver the closing keynote address at CSX North America 2017, to take place 2-4 October in Washington, D.C., USA; and CSX Europe 2017, to take place 30 October-1 November in London. Aiken recently visited with ISACA Now about several of her core areas [...]

The Real Solution To Youth Cyber-Crime

The Real Solution To Youth Cyber-Crime

The National Crime Agency recently revealed a fascinating intelligence assessment, uncovering the ‘pathways into cyber crime’. The key finding was that most young hackers are motivated, not by financial reward, but by idealism. The NCA added that many of those involved in cyber-crime had “highly marketable” skill sets, and evidence showed that positive role models could help steer ex-offenders [...]

Security Needs Vs. Business Strategy – Finding a Common Ground

Security Needs Vs. Business Strategy – Finding a Common Ground

Even before cloud adoption became mainstream, it wasn’t uncommon for IT security needs to conflict with both business strategy and end user preferences. Almost everyone with a background in security has found themselves in the awkward position of having to advise on going against a technology with significant appeal and value because it would introduce [...]

The Curious Case of Notepad and Chthonic: Exposing a Malicious Infrastructure

The Curious Case of Notepad and Chthonic: Exposing a Malicious Infrastructure

Recently, I’ve been investigating malware utilizing PowerShell and have spent a considerable amount of time refining ways to identify new variants of attacks as they appear. This posting is a follow-up of my previous work on this subject in  “Pulling Back the Curtains on EncodedCommand PowerShell Attacks”. In a sample I recently analyzed, something stood [...]

Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk

Physical and Logical Security: Joining Forces to Manage your Enterprise Security Risk

Just a decade ago, as security professionals, we could talk reasonably about physical security and logical security requiring different approaches. Five years ago, we might have found ourselves having conversations about the blurring lines between the two types of security discipline, and could have easily pointed to aspects of both physical and logical security that [...]