Articles

 

  • Protecting Our (Digital) Way of Life

    I'm going to list three companies, and I'll ask that you write down the first word that comes to mind as you hear the names: Google. Boeing. Xerox. (I'll pause here, and hum a few bars of the Jeopardy song while you answer.)

  • SOC Analysts on Steroids

    Back in 1998, I wrote a text book called . . . now get this: Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response.

  • Solidifying Email Security

    Sometimes when I need a vivid phrase for describing a cyber security solution in my writing, I'll review the advertising slogans for products that do similar things in non-computing settings.

  • On Software Correctness and Security

    When I was in graduate school, my favorite book was Selected Writings on Computing: A Personal Perspective, by Edsger W. Dijkstra (Springer-Verlag, 1982). Organized as a printed compendium of Dijkstra's best EWD articles - perhaps the earliest blog posts - the book remains a delightful read.

  • Questions for Executives on Cyber

    During my career, it's been my honor to have served alongside some of the most capable and talented corporate executives in the world.

  • Detecting Malicious Imitators

    Over half a century ago, the great MIT researcher Joseph Weizenbaum created a seminal computer program called ELIZA. Named after the Pygmalion character, the software was designed to interact with a human in a way that would give the impression that ELIZA was, in fact, also a living being.

  • To Tell the Truth (Bio Edition)

    For the past seven decades, Americans have enjoyed a television game show called To Tell the Truth. On the show, three contestants appear before four celebrities who try to determine which was the 'actual person' portrayed in a description that was given to the panel.

  • Real-Time Interference for Cyber

    Here are some practical recommendations from an expert on playing defense that I found today in a document on the Internet: To be sound in our defense, we must be able to adjust our defense.

  • Decentralized Authentication for a Passwordless World

    The year was 2013, and Apple had just released iPhone 5S with Touch ID, a fingerprint sensor feature that made unlocking devices as easy as touching glass. Young Brooklyn-born tech entrepreneur, George Avetisov, well-versed in eCommerce and cryptocurrencies, began to connect the dots between the threats he was seeing on the Internet each day-to-day with the exciting advances in biometrics and identity-related protections. Thus was born HYPR.

  • Fresh Cyber Solutions from a Familiar Brand

    Like many of you nerdy parents reading this, I too respected that modern rite of passage for my kids: That is, I took them on a slow procession along Route 101 in Silicon Valley in the hopes of igniting some latent entrepreneurial flame. If you haven't taken your budding tech founders there yet, I recommend it - much as a hoops coach would suggest taking the kids to see Steph Curry, in the hopes that maybe they'll start practicing their darn shooting.

  • Unified Personal ID Validation

    While the U.S. First Army was blasting tank routes through the Hurtgen Forest in late 1944, Private Joseph Matuska felt enemy shrapnel hit across his entire body.

  • Rejected WSJ OpEd: Why the U.S. Needs a Cybersecurity Coordinator

    As a now thirty-three-year veteran of the cybersecurity industry, having served in a variety of senior roles supporting industry, academia, and government, I was surprised to learn that Mr. Rob Joyce was stepping down from his important role as the U.S. Cybersecurity Coordinator.