Perspective. My
Computer Security students will not be surprised. NOTE: Imagine how
the volumes will increase as the Internet of Things is
fully implemented...
Enterprises
Generate 10,000 Security Events Per Day on Average: Report
According
to a new report provided by threat protection vendor Damballa, the
devices in an average company’s network are generating an average
of 10,000 security events per day, with the most active generating
roughly 150,000 events per day.
Compiled
from analysis of 50% of North American ISP Internet traffic and 33%
of mobile traffic, along with large volumes of traffic from global
ISPs and enterprise customers, the report found that large, globally
dispersed enterprises were averaging 97 active infected devices per
day and leaking an aggregate average of more than 10GB of data per
day.
“Such
figures illustrate how daunting it is for security staff to manually
trawl through mountains of alerts in order to discover which (if any)
constitute a real and present threat,” the Damballa explained in
its Q1 2014 State of Infections Report
(PDF).
… According
to a recent jobs study from Burning Glass Technologies, demand for
cyber-security professionals remained high in 2013. Burning Glass
identified 209,749 national postings for cyber-security jobs in 2013,
and determined that the average salary
for a cyber-security posting was $93,028, according to the
report, which was compiled by reviewing job postings across 32,000
online sites daily.
(Related) (You can
download a PDF version free.)
At
the Nexus of Cybersecurity and Public Policy
by Sabrina
I. Pacifici on May 13, 2014
“We depend on
information and information technology (IT) to make many of our
day-to-day tasks easier and more convenient. Computers play key
roles in transportation, health care, banking, and energy.
Businesses use IT for payroll and accounting, inventory and sales,
and research and development. Modern military forces use weapons
that are increasingly coordinated through computer-based networks.
Cybersecurity is vital to protecting all of these functions.
Cyberspace is vulnerable to a broad spectrum of hackers, criminals,
terrorists, and state actors. Working in cyberspace, these
malevolent actors can steal money, intellectual property, or
classified information; impersonate law-abiding parties for their own
purposes; damage important data; or deny the availability of normally
accessible services. Cybersecurity issues arise because of three
factors taken together – the presence of malevolent actors in
cyberspace, societal reliance on IT for many important functions, and
the presence of vulnerabilities in IT systems. What steps can policy
makers take to protect our government, businesses, and the public
from those would take advantage of system vulnerabilities? At
the Nexus of Cybersecurity and Public Policy offers a wealth of
information on practical measures, technical and nontechnical
challenges, and potential policy responses. According to this
report, cybersecurity is a never-ending battle; threats will evolve
as adversaries adopt new tools and techniques to compromise security.
Cybersecurity is therefore an ongoing process that needs to evolve
as new threats are identified. At
the Nexus of Cybersecurity and Public Policy is a call for action
to make cybersecurity a public safety priority. For a number of
years, the cybersecurity issue has received increasing public
attention; however, most policy focus has been on the short-term
costs of improving systems. In its explanation of the fundamentals
of cybersecurity and the discussion of potential policy responses,
this book will be a resource for policy makers, cybersecurity and IT
professionals, and anyone who wants to understand threats to
cyberspace.”
There are benefits to
being a large contributor to Presidential campaigns beyond “civic
pride.”
EPIC
Obtains Letter Concerning DOJ Non-Investigation of Google Street View
by Sabrina
I. Pacifici on May 13, 2014
“Pursuant
to the Freedom of Information Act, EPIC has obtained the
closing letter from the Department of Justice to Google attorneys
in the Street View matter. The letter briefly mentions Google’s
interception and collection of private Wi-Fi communications across
the United States over several years. The disclosure of the activity
occurred after a European
data protection authority discovered
that Google’s “Street View” vehicles also captured private
Wi-Fi data. More than 12 countries subsequently investigated
Google’s programs, and at least 9 countries found Google guilty of
violating their laws. The letter from the DOJ states that US
officials were aware that Google’s “equipment collected ‘payload’
data, including contents of e-mail and Internet addresses typed by
users,” but the Department “decided not to seek charges”
against Google for violating the Wiretap Act. The Ninth Circuit
recently affirmed
a federal court’s decision to allow a class action lawsuit against
Google to move forward for wiretap violations stemming from the
Street View program. For more information, see EPIC:
Investigations of Google Street View
and EPIC:
Joffe v. Google.”
Don't we model this
stuff? Would it have been cheaper to raise the bottom of the tax
brackets? (i.e. No tax due if you earn less than “X” – and
adjust “X” for inflation.) Probably wouldn't allow the
bureaucrats to add thousands of new employees...
IRS
paid $13b in bogus credits, inspector says
The Internal Revenue
Service paid more than $13 billion in tax credits last year to people
who may not have qualified, a government investigator said Tuesday.
The agency’s
inspector general issued a report Tuesday saying the improper
payments for the Earned Income Tax Credits program were between $13.3
billion and $15.6 billion. That’s about a quarter of all EITC
payments, which are supposed to go to low-income working families.
… Using IRS
statistics, the inspector general’s report provided an estimated
range of improper EITC payments from 2003 through 2013. The report
says the IRS paid out at least $124.1 billion in improper payments
during the period, and perhaps as much as $148.2 billion.
This might help our
students...
Learn
Everything About Social Media From These 4 Websites & Blogs
Having a Facebook
account in the 21st century is almost like having a landline in the
80s. An accepted, ordinary part of everyday life. There’s even a
phrase to describe those who have grown up in this wonderful, wired
era: digital natives. But even though most people can craft a status
update, few actually possess a detailed, intimate knowledge of how
social media works.
… Whatever your
circumstances, you need to check out these four blogs and websites.
They’ll turn you into a better social media user, guaranteed.
For my Computer
Forensics students?
– is a free web site
intended to provide budding researchers a sample of what can be done
with digital photo forensics. Using algorithms, researchers can
determine if a picture is real or computer graphics, if it was
modified, and even how it was modified. Following the disclosure of
these algorithms, many people began recreating them. “Foto
Forensics” is one of them.
For my students. If
nothing else, this has some potential for gaming...
– lets you leave
messages in locations for your friends to discover. When your
friends reach the location where you have sent a Drop, they will
receive your message, like a virtual sticky note. Set an Upcoming
Location to tell your friends where you are headed, so they can leave
Drops for you to discover when you arrive. Drop is a whole new way
to stay connected.
No comments:
Post a Comment