In the News

Microsoft and other security experts see election hacking from Russia, China, and Iran

The hacking groups appear to be focused on creating fear, uncertainty, and doubt about U.S. elections systems, added John Dickson, principal at security vendor Denim Group. “When you are trying to undermine confidence across the entire election process, you have a wide aperture,” he told the Washington Examiner. “Nation-state actors are less interested in influencing […]

10 Election Security Predictions For The 2020 US Presidential Election

As I write, we have a hurricane pounding my home state of Texas and the COVID-19 pandemic continues to disrupt our personal and professional lives. In that context, it’s easy not to worry about secondary societal issues like the security of the November presidential elections. As a political science undergraduate, former intelligence officer and current […]

How security champions can help, despite working remotely

A security champions program is critical to maintaining an organization’s security culture, but during the COVID-19 shutdown, teams could find themselves working with one hand tied virtually behind their backs. Telework arrangements, online meetings, collaboration software and extensive smartphone use can keep an organization running, but they can’t recreate the casual interactions that are an underrated element […]

Twitter says hack targeted employees using ‘spear phishing’

John Dickson of the security firm Denim Group said the latest disclosure does not necessarily suggest a sophisticated attack from a nation-state. “They conned people over the phone,” Dickson said, saying it may have been possible to find targets through research on LinkedIn or Google. “This is like the original hackers from the 1980s and […]

#HowTo Make Security Expertise Accessible to Developers

Application security is difficult: it requires developers and, especially, development team managers to adjust and make security a priority alongside other, more traditional development priorities such as features and timelines. Additionally, developers don’t typically have secure design and coding expertise by default and this can cause some security knowledge challenges that must be overcome. Unfortunately, […]

Better Collaboration Between Security & Development

Security and development teams must make it clear why their segment of the development life cycle is relevant to the other teams in the pipeline.