WHAT IS PROACTIVE CYBER DEFENSE?
It’s not hard to understand the concept of proactive cyber defense: acting in anticipation of an attack against a computer or network. The goal is getting in front of attacks by
November 1, 2020
Category: cybersecurity
What is Cloud Workload Protection?
Cloud usage is increasing rapidly. Analysts forecast growth of 17 percent for the worldwide public cloud services market in 2020 alone. This proliferation comes on top of already widespread cloud adoption. In
September 13, 2020
Solving Data Privacy Once and For All
The way online services are setup today implies that the only technical means to provide a more personalized experience to customers is to collect as much as possible personal data
December 24, 2019
Unpredictions for 2020 in Cyber Security
The end of the year tradition of prediction is becoming a guessing game as the pace of innovation is increasing towards pure randomness. So I will stop pretending I know
December 20, 2019
The ACCEPTABLE Way to Handle Data Breaches
LifeLabs, a Canadian company, suffered a significant data breach. According to this statement, the damage was “customer information that could include name, address, email, login, passwords, date of birth, health
December 19, 2019
Spanning the Chasm: The Missing Link in Tech Regulation – Part 1 of 2
Mark Zuckerberg was right when he wrote in his op-ed to the Washington Post that the internet needs new rules – though naturally, his view is limited as a CEO
April 21, 2019
What Will Happen When Machines Start Lying to Us
The mere thought of a computer lying to you about something has boggled my brain ever since I heard it from a friend professor on a flight as an anecdote
January 10, 2019
My Ten Cyber Security Predictions for 2019
Well, 2018 is almost over and cyber threats are still here to keep us alert and ready for our continued roller coaster ride in 2019 as well. So here are
December 21, 2018
How to Disclose a Security Vulnerability and Stay Alive
In recent ten years, I was involved in the disclosure of multiple vulnerabilities to different organizations and each story is unique and diverse as there is no standard way of
December 18, 2018
The Emerging Attention Attack Surface
A well-known truth among security experts that humans are the weakest link and social engineering is the least resistant path for cyber attackers. The classic definition of social engineering is
March 16, 2018
The First Principle of Security By Design
People create technologies to serve a purpose. It starts with a goal in mind and then the creator is going through the design phase and later on builds a technology-based
November 2, 2017
Risks of Artificial Intelligence on Society
Random Thoughts on Cyber Security, Artificial Intelligence, and Future Risks at the OECD Event – AI: Intelligent Machines, Smart Policies It is the end of the first day of a
October 27, 2017
Accountability – Where AI and Blockchain Intersect
Recently I’ve been thinking about the intersection of blockchain and AI. Although several exciting directions are rising from the convergence of these technologies, I want to explore a specific one:
October 24, 2017
Thoughts on The Russians Intervention in the US Elections. Allegedly.
I got a call last night on whether I want to come to the morning show on TV and talk about Google’s recent findings of alleged Russian sponsored political advertising.
October 10, 2017
Some Of These Rules Can Be Bent, Others Can Be Broken
Cryptography is a serious topic — a technology based on a mathematical foundation posing an ever-growing challenge for attackers. On November 11th, 2016, Motherboard wrote a piece about the FBI’s
May 21, 2017
Searching Under The Flashlight of Recent WannaCry Attack
Random thoughts about WannaCry Propagation The propagation of the WannaCry attack was massive and mostly due to the fact it infected computers via SMB1, an old Windows file-sharing network protocol.
May 19, 2017
Presentation at the Netexplo Observatory 2017 Event at Unesco
I had the privilege to present at the Netexplo Observatory event at Unesco with a presentation about the danger of AI if and when it will be adopted by cyber
May 11, 2017
A Cyber Visit to London
CDA I had a super interesting visit to London for two cyber-related events. The first was a meeting of the CDA which is a new collaboration effort among the top
February 28, 2017
United We Stand, Divided We Fall.
If I had to single out an individual development that elevated the sophistication of cybercrime by order of magnitude, it would be sharing. Codesharing, vulnerabilities sharing, knowledge sharing, stolen passwords,
December 12, 2016
Right and Wrong in AI
Background The DARPA Cyber Grand Challenge (CGC) 2016 competition has captured the imagination of many with its AI challenge. In a nutshell, it is a contest where seven highly capable
August 8, 2016
Cyber-Evil Getting Ever More Personal
Smartphones will soon become the target of choice for cyber attackers—making cyber warfare a personal matter. The emergence of mobile threats is nothing new, though until now, it has mainly
April 25, 2016
Is It GAME OVER?
Targeted attacks take many forms, though there is one common tactic most of them share: Exploitation. To achieve their goal, they need to penetrate different systems on-the-go. The way this
May 6, 2015
Exploit in the Wild, Caught Red-Handed
Imagine a futuristic security technology that can stop any exploit at the exact moment of exploitation—regardless of the way the exploit was built, its evasion techniques, or any mutation it
April 29, 2015
Time to Re-think Vulnerabilities Disclosure
Public disclosure of vulnerabilities has always bothered me and I wasn’t able to put a finger on the reason until now. As a person who has been involved personally in
April 14, 2015
Most cyber attacks start with an exploit – I know how to make them go away
Yet another new Ransomware with a new sophisticated approach http://blog.trendmicro.com/trendlabs-security-intelligence/crypvault-new-crypto-ransomware-encrypts-and-quarantines-files/ Pay attention that the key section in the description on the way it operates is “The malware arrives to affected systems
April 6, 2015