2014: The Year Extortion Went Mainstream - Brian Krebs - Krebs on Security
Extortion has been around for a while, but it looks like it might be the hot new strategy for online criminals to make money. The idea is that you get a letter in the mail requesting that you pay the extortionists in bitcoins or have your business or person languished online via negative publicity. Of course there’s also the good ol crypto locker malware that encrypts your hard drive and holds all your data hostage until you pay. Fun times.
The 5 Biggest Cybersecurity Myths, Debunked - Peter W. Singer and Allan Friedman - WIRED
Interesting list about the five cyber security myths:
- Cybersecurity is unlike any challenge we have faced
- Every day we face "millions of cyber attacks"
- This is a technology problem
- The best (cyber) defense is a good (cyber) offense
- "Hackers" are the biggest thread to the internet today
You may not agree with all of them, but they should at least make you think about several issues involving information security.
The State of Metric Based Security - Gavin Millard - Infographic
Metrics are something I’ve always wanted to get into. This infographic doesn’t discuss how to do metrics, but instead looks at who is doing metrics and to what effect. Good read if you want to see how companies are viewing metrics within information security. I’m planning on having a future podcast about the topic.