Red Team Blue Team

Purple Teaming: How To Play Cybersecurity War Games Properly

Cybersecurity strategists love quoting ancient Chinese military strategist Sun Tzu, who wrote the book on warfare. “If you know others and know yourself, you will not be imperiled in a hundred battles,” he said. “If you do not know others but know yourself, you win one and lose one.” Companies should think about that when […]

Read more
Get Ready For GDPR

North Americans: Get Ready For GDPR

In May 2018, the most significant privacy regulation ever will take effect. The General Data Protection Regulation (GDPR) is an EU measure, but US and Canadian companies who think it doesn’t affect them are in for a rude awakening. GDPR affects anyone storing sensitive data about anyone in an EU member state, putting most larger […]

Read more

ShadowBrokers Go Out With A Whimper

Note: Story updated on April 17 to reflect second dump of Shadowbrokers files. The ShadowBrokers hacking group made two more splashes this month, resulting in both a ripple and a wave. Firstly, it released the password for the archive of NSA hacking tools that it originally tried to sell off last August, causing a collective ‘meh’ […]

Read more
If you won't patch your software these guys will

If Vendors Won’t Patch Their Software, This Firm Will

What happens if you’re a vendor that’s slow to patch a known flaw? It’s possible that someone else may step in and do it for you. That’s what has been happening for the past few months with products from vendors such as Adobe and Microsoft. Most recently, Slovenian security consulting firm Acros Security stepped in […]

Read more

The hacker who came in from the cold

A former Canadian hacker is back in the limelight – this time, with a documentary preaching cybersecurity, and a top film festival slot. So how did Michael Calce get from there, to here? Back in 2000 when Calce was 15, he was better known as Mafiaboy. He became infamous for discovering a common weakness in […]

Read more

Security standards for the blockchain

In the future, your data may be secured not by some central gatekeeper, but by a vast, distributed set of participants, each holding some or all of it. Blockchain technology is the new frontier of cybersecurity, but it’s also the Wild West of information architecture. What efforts are being made to standardize it? The blockchain […]

Read more
Cybersecurity training is broken

Video: Cybersecurity training is broken. Here’s how to fix it.

User awareness training isn’t working. It hasn’t worked for a while. There are good reasons for this, and as cybersecurity threats mount, it would be good for security pros to understand them. SecTor sat down with several experts at its tenth annual conference in October 2016 and asked them what was wrong. Here’s what they […]

Read more
Single Biggest Cybersecurity Measure

Video: Your Single Biggest Cybersecurity Improvement

There are, at the time of writing, 331 days until the new year. That’s’ a lifetime in cybersecurity. What major goals are you hoping to achieve in your cybersecurity practice before then? SecTor sat down with six experts to get their recommendations for the single priority to focus on in 2017. Here’s what they had […]

Read more
Can we balance security with user convenience

Video: Why users are at war with their systems

Your next major cybersecurity threat may come not from ransomware or an open telnet port, but from a paper cup. In the wrong hands, it can become a deadly weapon. The latest in our SecTor video series shows how. Every day, users are at war with their computers and software. The very systems that are […]

Read more
What Makes a Good CISO

Video: What Makes a Successful CISO?

  What makes a successful Chief Information Security Officer (CISO)? It’s a job title that has only existed for a relatively short time. At SecTor 2015, keynote speaker Trey Ford mentioned that many CISOs were in the job for the first time and feeling their way around the role. A year later at SecTor 2016, […]

Read more
Wassenaar Agreement - should information be weaponry?

What The Wassenaar Arrangement means for cybersecurity pros

Should information be treated like weaponry? The world isn’t sure – and it’s causing cybersecurity companies and researchers real headaches. Hopes for a key resolution on export controls were dashed after annual talks concluded in December – and that leaves some key questions unresolved. The talks were part of the Wassenaar Arrangement, an agreement between […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required