Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Technology and Security Gap
12/04/2017

Technological advancements are increasing rapidly, but the general populations ability to utilize these new capabilities continues to lag behind. The growing number of recent cybersecurity attacks highlights a second gap; a shortage of skilled workforce in the cybersecurity industry, predicted to reach around 1.8 million workers by 2022.

There are numerous suggestions and ideas about how to close the gap, such as upskilling existing employees skill sets or utilizing automation. But a long-term strategy focused on training and educating the next generation will help to ensure enough people have the right skills for the future.
Children are now growing up in a digital age and should be in an ideal position and better equipped to take on the challenges of cybersecurity when they enter the workforce. This early exposure to the technology and best practices could easily be harnessed to give them a golden opportunity to be trained in the skills needed to fill the gap in the cybersecurity industry. But how do we to attract them into what many consider a geeky industry?

The cyber security skills your business needs
12/01/2017

The cyber security skills gap is set to widen to between one million and two million positions by 2019 - a nightmare for organisations needing talent, but a significant opportunity for those candidates with the right skills.

That increasing skills gap, forecast by Intel Security, leaves businesses and economies vulnerable to cyber attacks, as they often find themselves outmanned and outgunned in the battle against hackers. Companies are looking for people that are going to be able to help them safeguard against these threats, and so there has never been a better time to get into cybersecurity.

The opportunities are certainly there, but what exactly are the skills needed for effective cybersecurity?

Cybersecurity and the CFO: Risk, Responsibility and Resilience
11/29/2017

Your companys capital structure, the current sentiment of your stakeholders and constantly-evolving economic modeling are all things for you to worry about. You likely know what keeps your fellow executives up at night as well. But what about your organization’s cybersecurity team?

Old-schoolers might consider IT to be just an expensive line item when, in fact, your IT team’s successes and failures impact everything under your purview and beyond. Their nightmares should be your nightmares. Strategic investments, good governance and thoughtful reporting by your security team helps fortify your company’s business resilience, letting you enjoy some peace of mind while avoiding a situation of Equifax proportions.

Customers expect to be able to trust the safety of their private data and financial information within an organization. When any large-scale breach (like Equifax, which lasted from mid-May through July) occurs a considerable amount of that trust is lost, sometimes irrevocably.

But bigger than putting a dent in brand reputation, cyberattacks and data breaches can measurably affect an organization’s bottom line.

Why the governments cybersecurity matters
11/27/2017

With the recent breach of personnel information from the Office of Management and Personnel and revelations that insiders within our intelligence community mishandled and exposed sensitive information, citizens may be asking themselves, How could it get worse? To be certain, our national security and national prosperity will be significantly threatened if we do not ensure that cybersecurity and protection of the people’s information are at the top of every agenda in every department and agency.

Cybersecurity is a risk management issue, and the United States government, like many businesses around the country, is accepting a lot of risk. This should be deeply concerning to all Americans, as it represents a critical threat to our national security, the openness of our economy and our way of life. However, the good news is it does not need to be this way. There are concrete and achievable steps that the government must take to reduce the level of risk, beginning with filling the vacant federal chief information officer and chief information security officer positions with experienced and qualified personnel, upgrading our network architecture and infrastructure, investing in workforce training and adopting many of the proven best practices that work in the private sector.

Examining The Three Classes Of Cybersecurity Needs
11/25/2017

September 2017 witnessed a trifecta of mega-breaches: Equifax, SEC and Deloitte. Cybersecurity was already a messy and technical topic, and these disclosures have made it even more perplexing. There are hundreds of security product vendors, and the industry is collectively spending billions of dollars every year and is expected to top $100 billion by 2020. So why is it so hard for organizations to get their act together and prevent breaches? What exactly are we missing?

The cybersecurity problem is hard because organizations have massive and growing attack surfaces. There are myriad ways by which our networks can be breached, and it is very hard to keep up with the adversary. The industry still has unmet needs for tools and methods of appropriate scale to defend ourselves.

Cybersecurity a costly necessity
11/23/2017

It was a perfect case of the complexities involved in trying to protect against attacks like last May’s WannaCry ransomware that infected more than 300,000 computers in 150 countries in a matter of days, demanding ransoms to regain access to their computers.

Rather than being held hostage to cyber criminals who have manage to get into the most heavily guarded computer systems of businesses, hospitals and government agencies, it’s essential to be knowledgeable and diligent, said Brian Levine, founder of UMass Cybersecurity Institute.


Yet security is hard.

Florida Sets Sights on Becoming Cybersecurity Front-Runner
11/21/2017

Florida probably is not the first place that comes to mind in terms of a strong cybersecurity industry. In fact, it has a somewhat insecure reputation — the Sunshine State had the second highest rate for identity theft complaints in 2016, according to the Federal Trade Commission.

But local stakeholders are looking to change that, and Florida is making slow but incremental progress on a few fronts.

The mission that was given to us is make Florida the leading state in cybersecurity, said Sri Sridharan, executive director of the Florida Center for Cybersecurity.

The University of South Florida-affiliated center, which is hosting its annual cybersecurity conference Friday, was established by the Florida legislature in 2014 to position Florida as a national leader in cybersecurity.

Verisign Explores Blockchain for Domain Security System
11/19/2017

One of the oldest internet security firms is exploring applications for blockchain in the field of domain name services.

According to a patent application released by the U.S. Patent and Trademark Office Thursday, Verisign is considering using blockchain technology as part of a potential new DNS Security Extension (DNSSEC) project.

DNSSEC protocols exist to protect users from accidentally being sent to malicious websites disguised to look like real ones. These protocols verify that the website the user is trying to reach is the one they actually reach.

Verisign proposed potentially building a system which uses a public ledger on a blockchain to store digital certificates, public keys or other authenticating objects.

The DNSSEC protocol would compare the authenticating objects stored on the ledger with the ones returned by the website to confirm they match. Other iterations of the protocol would use public and private keys as an additional security measure.

The use of a blockchain ensures that the objects stored on the ledger are immutable, affirming that the objects are secure from hacking or malicious attacks.

New Fare System Raises Security Concerns, but Officials Promise Safety
11/17/2017

The MetroCard has had its downsides — Please swipe again’ are three words that are the curse of just about every New York City subway rider. More significantly, the wallet-size card has become outdated in a high-tech world. But at least it was hard to hack.

Now the Metropolitan Transportation Authority, which runs the subway, is finally planning a more modern fare system that will allow riders to wave smartphones and certain kinds of credit cards and debit cards at the turnstiles. But will commuters have to worry about hackers following them down into the subway?

Officials of the transportation authority and the company developing the new system say they will do everything they can to keep passengers’ personal information safe — a concern in an age of data breaches, like the ones involving online services like Equifax, Yahoo and LinkedIn, retailers like Home Depot and Target or banks like JPMorgan Chase and Citibank.

The officials say they are prepared to play defense against hackers who would no doubt relish the challenge of causing hiccups — or worse — for a fare-collection system as large and as complicated as the one coming to New York.

New Airport Security Rules
11/15/2017

If you are flying to the U.S. from overseas, we have some good news: Laptops and other electronic devices larger than a cellphone are no longer banned on plane cabins.

The new rule that took effect on Thursday loosens restrictions on carry-on electronics but steps up other security requirements for airports and airlines.This means travelers may be subject to short interviews that could cause longer clearance times, flight delays and even recommendations to arrive at the airport earlier.

The Department of Homeland Security (DHS) announced the new measures designed to do away with the carry-on electronics restrictions in June, giving airlines 120 days to comply. The rules will impact 235,000 passengers on 2,000 flights daily to the U.S. on 180 airlines from 280 airports across 105 countries, according to Reuters.

Kaspersky CEO says hack claims cutting U.S. cyber security sales
11/13/2017

Eugene Kaspersky told Reuters on Friday that the Moscow-based cyber security firm that bears his name would see a single-digit drop in U.S. sales this year as a result of suspicions about his companys ties to the Russian government, but its global revenue should still increase.

By turns frustrated and defiant in an 80-minute interview in his Moscow office, the founder and head of the embattled antivirus software maker denounced what he called an information war against his company, repeatedly asserting that “we’ve done nothing wrong.”

What are the security concerns of your body becoming the password?
11/10/2017

In this day and age, your eyes can be your passport, your fingerprint, can be your ticket to a baseball game, and you can even use your face to unlock an iPhone.

More companies are embracing biometric identification, but its raising privacy and security concerns.

Major cyber-attack will happen soon, warns UKs security boss
11/08/2017

A category one cyber-attack, the most serious tier possible, will happen sometime in the next few years, a director of the National Cybersecurity Centre has warned.

According to the agency, which reports to GCHQ and has responsibly for ensuring the UKs information security, a category one cybersecurity incident requires a national government response.

In the year since the agency was founded, it has covered 500 incidents, according to Ian Levy, the technical director, as well as 470 category three incidents and 30 category two, including the WannaCry ransomworm that took down IT in multiple NHS trusts and bodies.

The security aspects of modernization
11/06/2017

IT modernization has resurfaced as a topic of conversation in the federal government in the past month. On Aug. 30, White House officials issued a draft report on the Trump administration's plan to modernize federal IT. It directs agencies to move more swiftly to the cloud, consolidate networks and prioritize the modernization of high-value, high-risk assets.

The following week, a report by research company Market Connections found that many agencies -- in the opinions of their own managers -- were not as successful in their modernization efforts as they could be.

New passport app at LAX aimed at moving arriving travelers through security quickly
11/03/2017

The addition of a mobile passport app to Los Angeles International Airport will help travelers pass through security checkpoints faster, the airport and U.S. Customs and Border Protection said Thursday.

Mobile Passport Control can now be used at terminals 2, 4, 7 and Tom Bradley International Terminal and is the first authorized app to expedite passenger arrival into the U.S.

Eligible U.S. and Canadian citizens may voluntarily submit their passport information and answers to inspection-related questions to CBP via a smartphone or tablet app prior to arrival for speedier service.

4 Vital Cyber Security Measures Every Safety-Conscious Entrepreneur Needs to Take
11/01/2017

The transition to increased connectivity and quick, seamless, one-click solutions has also given rise to security issues when it comes to the private information held by the institutions leveraging those innovative solutions that optimize business operations.

In their bid to be more connected, businesses have increased the touch points of their organizations across networks, increasing the opportunities cyber criminals have to penetrate: Every time any of us visit Angies List, BestAdvisor (U.K.), Yelp or any other review site to decide on what to purchase, then proceed to Amazon, Walmart or other ecommerce store, whipping out our credit cards and making a purchase, we are releasing vital pieces of personal information.

Things only get worse when we fill out a  detailed form online. This is fodder for the plethora of hackers seeking ways to penetrate personal and corporate firewalls ,to get to the private information they protect. No wonder so many organizations spend so much on security. No wonder we can't ignore the vital role cyber security plays for businesses and individuals.



Current Blog

2018

January Archive

2017
Nov/December Archive

October Archive

September Archive
August Archive
April Archive
March Archive

February Archive
January Archive

2016 Security Blog Archive
November /December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2015 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.