Archive for

The Cybersecurity Canon – American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road

We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.  The Cybersecurity Canon … Continue reading

World Economic Forum Report Reinforces Rising Prominence of Cybersecurity

The recent Global Risks Report by the World Economic Forum offers the latest evidence that cybersecurity is rising among the top global risks. Cyberattacks are now the global risk of highest concern to business leaders in advanced economies. This reflects the inability of enterprises to keep pace with today’s challenging threat landscape, and points to an urgent … Continue reading

Introducing ISACA’s GDPR Implementation Guide

The purpose of the General Data Privacy Regulation (GDPR) is to harmonize the data privacy regulations that each European Union member state implemented to comply with GDPR’s predecessor. GDPR provides a single, comprehensive regulation that is compulsory for all organizations processing the personal data of individuals living within the European Union. The regulation becomes enforceable … Continue reading

Nine Myths of Account Takeover

Account takeover attacks are a nearly invisible tactic for conducting cyber espionage. Because these breaches can take months or years to detect, we are slowly discovering that this attack vector is much more common than we thought. The more we learn about new methodologies, the more we realize just how misunderstood account takeover attacks can … Continue reading

Unveiling Magnifier Behavioral Analytics: Rapidly Hunt Down and Stop the Stealthiest Network Threats

At Palo Alto Networks, we constantly seek out new ways to achieve our mission to protect our way of life in the digital age by preventing successful cyberattacks. We analyze all the steps threat actors take to carry out their attacks and systematically add new protections to disrupt each step. By blocking threat actors’ every … Continue reading

Meltdown/Spectre: Not Patching is Not an Option

The most prominent data security events of 2017, such as WannaCry and Equifax, were direct results of poor patching practices. Now, 2018 is off to a menacing start with disclosure of two hardware vulnerabilities affecting most modern microprocessors and requiring a number of patches on several levels of defenses. To clarify, Meltdown is a vulnerability … Continue reading

Make 2018 the Year for Securing the Internet of Medical Things

News of medical device security flaws are increasingly in the news. Consider the announcement from the U.S. Food & Drug Administration last year about a flaw in one model of a St. Jude Medical implantable pacemaker. This was subsequently covered in more than 14,000 published reports to date. Thirty-four different individuals sent me a message soon after … Continue reading

Encouraging Women in Tech is About a Better Future for All of Us

Why is ISACA’s SheLeadsTech program needed? Why does the 2030 Agenda for Sustainable Development consider the technology gender gap to be an important topic to address, and who must be involved in the solutions? Where are we now? Thematic focus and indicators are useful to understand the current situation. Factors such as access to education and training, Internet usage … Continue reading

Launching of Application Containers and Microservices

The Cloud Security Alliance is launching the Application Containers and Microservices (ACM) Working Group. The CSA ACM Working Group previously work with the National Institute of Standards and Technology (NIST) ACM Working Group to provide research, guidance, and best practices for the secure use of application containers and microservices. CSA is currently looking for volunteers … Continue reading

In the Age of Cybersecurity, Are Data Centers Ignoring Physical Security?

Maintaining a data center is a huge responsibility. While you certainly have systems in place for dealing with cyberthreats, are you giving enough attention to physical security? This is still a very important aspect of the security equation. Five Tips for Keeping Data Centers Secure The objective of physical data center security is pretty straightforward: keep out unauthorized … Continue reading

Web Stats

  • 129,870 hits


@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 17 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,720 other followers

Twitter Updates


January 2018
« Dec   Feb »