Skip to content

With Cybersecurity, It’s too late once the canary has died.

canary

You’re a couple of miles underground, it’s damp, noisy and cramped, your light flickers and you have been working hard shoring up the mine.  Looking over and you see the mine canary, flat on the bottom of the cage and now you have a limited amount of time to locate a source of good air, understanding that the buildup of carbon monoxide is already present in your system.

In the scenario above, a lucky miner avoided death.  In some cases, the miner could revive the canary if they had a resuscitation cage that would deliver oxygen to the Canary and both would survive for another day of mining.  

Canaries in mines are a real thing – there were a number of sentinel species used as biological danger detectors including rats and mice.  You might be surprised that the last mine canaries used in the United Kingdom were phased out in the later part of 1986.    

Whoa!  I was surprised by this fact as well, and surely we were not using canaries in mines in the 80’s one would think!   By 1986, I had already served three years overseas in the US Army.  Imagine the internet with around 100 nodes!  In 1986 MILNET had been separated from the ARPANET, severed for security reasons.   It is also the year when an infamous small essay was published, known as “The Hacker’s Manifesto” – which would set the stage for years to come.

 

inetcirca85

Continue Reading →

Personalizing the Cyber Security Sale – Building Credibility, Confidence and Trust

TrustMe

As a long-time cyber professional who began my career on the engineering side of the house, I often thought about the rapport I needed to build with my customers. As an engineer (sales engineer to be precise), my value was in connecting to our customers and leveraging the conversation from layman’s terms to technical terms and vice-versa. The ability to build that confidence and credibility with our customers was so important to our success.

As I moved my career in the direction of direct sales, it became even more important to ensure that I built this credibility with my customers. Yet, sales opened my eyes to a much bigger realization—there is something more important than the credibility and confidence in oneself and a product.

Continue Reading →

Be Prepared: What Cyber Security and the Rubicon Trail Have in Common

This past weekend I was lucky enough to experience what for some people is a “bucket list” item—I drove a 4×4 Jeep over the Rubicon Trail from Georgetown, California to Lake Tahoe. It was an amazing experience, but the best part fell into two simple categories:

1) There was a sense of danger and excitement in crawling over gigantic granite boulders, down steep chutes, up the side of a hill with a sheer drop-off on your right, and through this scary thing called “Little Sluice”—there was nothing little about it!

2) Sitting up on a rock with my friend and co-worker, Kim Ringeisen, drinking a Bud Light in fancy REI camp chairs watching meteorites go by. Also, not coincidentally, getting stung on the forehead by a yellow jacket—it must have known I was not a Georgia Tech fan. (War Eagle!)


Continue Reading →

Vendor Responsibility and Product Safety

For twenty years now I’ve been building and operating IT products: switches, routers, secure enclaves, etc. The overwhelming majority of vendors I know have a goal of building great products that meet or exceed customer expectations in performance, reliability, quality, etc. With the trend towards the consumerization of IT and an increasingly competitive marketplace I’ve witnessed an increased focus on time-to-market. There have been many examples cited where there is a significant first-mover advantage and a winner/fast-mover-takes-all type of outcome, whether we are discussing car sharing, home sharing, tablets, or the latest enterprise technology. This unerring focus on speed may be having some unintended consequences.

When you hurry a product schedule along you aim for the MVP – the minimum viable product. In short, what is the least we can do that will fulfill the customer’s expectation and hopefully enable this product to sell, capture some market share, and then based on real-world customer feedback add incremental capabilities to the offering to further expand the market and adoption rate. It is a model that has been getting a lot of press as it is more agile and nimble than the take-your-time, ‘nail it and scale it’ model. The costs, though, may be not only in quality and testing, but as we have seen more recently, cyber security is often being ignored in the overall product design and architecture. There have been too many reports over the past year of companies who should have known better shipping products with gross flaws and then ignoring the feedback from trusted security researchers.


Continue Reading →

5 Reasons to Not Use Skyport

“You shall not pass!”

Ever have that day where you just feel a bit contrarian? Like, just for fun, being a little bit of an ass? I think we all have that day now and then – it is that day I don’t feel like letting the guy cut me off when he didn’t get into the merge lane properly so I hug the tailgate of the car in front of me. Or I’m playing Blizzard’s new shooter Overwatch as Bastion, just repeatedly gunning down the same enemies again and again with the gatling gun while taunting them on the mic.

I was feeling a bit that way today, and I really don’t know why (maybe it was rolling off a great weekend of charity poker tournaments, beach visits, and dinners with friends and I need to re-balance), but I started thinking about ‘Why people should not buy the SkySecure Systems from us…’ Not being facetious about it either – you know those fake rhetorical questions we ask so we can make answers where using our product is really the only obvious solution such as:

Trite rhetorical question: ‘Who should NOT use Skyport?

Obviously contrived answer: ‘People who really want to get hacked soon and lose their jobs and customers and have their boss end up on the Wall street Journal bemoaning the evils of an unregulated Internet’. These are worse than Internet click-bait…Serious answers, though:


Continue Reading →

Five Necessary Improvements to the Swift (Not Taylor Swift) Security Model

Taylor+Swift+Taylor+Swift+Runs+Errands+Security+1nqK1IPSawwl

@securiTay – Taylor has better security than some banks transferring millions using SWIFT

Recently there has been what is likely the beginning of a wave of break-ins and financial exfiltrations via the SWIFT Alliance.  Reports vary a bit, but between vendor/operator mistakes, weak security controls, lack of integrated forensics, and some not-so-best practices we have ended up witnessing the theft of over $80 million dollars.  (It could have been over $950 million dollars but for the successful identification of typos by some astute bank operators.)

I spent some time going through the SWIFT Alliance’s publication ‘Security Guidance for Alliance’ published on 18 March 2016 (current version is 29 April 2016) to understand what their baseline security recommendations and architecture are and then thought about how I would re-implement them to protect against some of the more malicious threats we are seeing today.

TLDR; the document is a fairly comprehensive approach to securing SWIFT against the types of attacks that were prevalent a decade ago.  Times have changed, their model does not seem to have adapted to the threat landscape we are facing today.  If you operate a SWIFT infrastructure or just find armchair quarterbacking and 20/20 hindsight to be fun to read – please continue!  I’ll do my best to make this entertaining and hopefully informative.

Continue Reading →

1 2 7