Many organizations have not established basic account policies which control how

Many organizations have not established basic account policies which control how to handle credentials or grant third parties access to their internal networks directly. For example, the security breach experienced by retailer Target. Target eventually proposed to pay $10 million to settle a class-action lawsuit over its massive 2013 data breach, according to court documents… Continue reading Many organizations have not established basic account policies which control how

Published
Categorized as IT, Web

U.S Federal regulators lifted all uncertainty when they announced it was lawful

U.S Federal regulators lifted all uncertainty when they announced it was lawful to hack or “jailbreak” an iPhone, and declared that there was “no basis for copyright law to assist Apple in protecting its restrictive business model.” By hacking your device, you can potentially open security holes that may have not been readily apparent, or… Continue reading U.S Federal regulators lifted all uncertainty when they announced it was lawful

Published
Categorized as IT, Web

Historically, there has been a range of well-structured attacks on many embedded

Historically, there has been a range of well-structured attacks on many embedded systems, ranging from HVAC to vehicle control systems. Many embedded systems are mainly secured by strong password protection and encryption protocols such as Secure Socket Layer (SSL) or Secure Shell (SSH). While IP networks employed firewalls, embedded systems do not commonly employ these… Continue reading Historically, there has been a range of well-structured attacks on many embedded

Published
Categorized as IT, Web

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1) As

Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1) As part of the University’s implementation of the NIST Cybersecurity Framework, an organization-wide security assessment resulted in a prioritized data security mitigation and remediation plan –which became a launch point for an ongoing dialogue on a more holistic approach to security issues in general. Situation: The… Continue reading Evaluating The Implementation of NIST Cybersecurity Framework (version 1.1)
As

Published
Categorized as IT, Web

CSID found that amongst U.S. consumers, 61% reused the same password across mult

CSID found that amongst U.S. consumers, 61% reused the same password across multiple sites and 46% of them had 5 or more passwords to remember. You can, of course, use a federated system, which is used by platforms such as Facebook, Twitter, Google, Papal, and Amazon as an alternative to a username and password. See:… Continue reading CSID found that amongst U.S. consumers, 61% reused the same password across mult

Published
Categorized as IT, Web

The use of repeated challenges is intended to limit the time of exposure to any

The use of repeated challenges is intended to limit the time of exposure to any single attack. Password Authentication Protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP) are authentication protocols used for establishing authenticated network connections. In your opinion discuss 3 problems with using Challenge Handshake Authentication Protocol CHAP as an authentication protocol To the writer:… Continue reading The use of repeated challenges is intended to limit the time of exposure to any

Published
Categorized as IT, Web

Legal Issues with Cryptography The use of cryptography has traditionally been as

Legal Issues with Cryptography The use of cryptography has traditionally been associated with military intelligence gathering and its use by criminals and terrorists has the potential to make law enforcement harder. The legal issues with cryptography fall into the following three categories: export Control Issues, import control issues, and patent related issues. In your initial… Continue reading Legal Issues with Cryptography
The use of cryptography has traditionally been as

Published
Categorized as IT, Web

The CISO of the organization reaches out to you, the senior information security

The CISO of the organization reaches out to you, the senior information security officer, and tasks you with creating an agency-wide security awareness program. He states that he will give you all of his support to complete this project (remember, this is the first component of security awareness program). He hands you a security gap… Continue reading The CISO of the organization reaches out to you, the senior information security

Published
Categorized as IT, Web