Latest News

Bruce Schneier: It’s Time to Start Prioritizing IT Security

Cyberattacks are getting more frequent, sophisticated and successful. Can organizations adapt security choices to cope better?

Nobody would disagree that IT security is necessary.

At minimum, it's needed to satisfy relevant government and industry compliance regulations, along with your insurance company, investors, suppliers, customers and other business partners. At most, it also protects your data and systems from much-dreaded cyberattacks.

Read More →

Bruce Schneier: Get Ready for More "Organizational Doxing"

Bruce Schneier has been writing about security issues on his blog, his blog, Schneier on Security, since 2004, and in a monthly newsletter since 1998. He writes books, articles, and academic papers. Currently, he is the Chief Technology Officer of Resilient Systems, a fellow at Harvard's Berkman Center, and a board member of Electronic Frontier Foundation.

What do you see as the greatest cyber risks today?

I don't like ranking risks, and I worry that concentrating on the 'greatest' risk obscures all of the other risks. Basically, the big cyber risks are what everyone is talking about.

Read More →

Infosec Influencers: An Interview with Bruce Schneier

This week, as part of our new 'Infosec Influencer' series, I had the pleasure of sitting down with Bruce Schneier, an internationally renowned security technologist and one of The State of Security's Top Influencers in Security You Should Be Following in 2015. He has written 12 books, including Liars and Outliers: Enabling the Trust Society Needs to Thrive, not to mention published hundreds of articles and essays. His blog has is read by over 250,000 people, and he is regularly quoted by the press. Additionally, he regularly testifies before Congress and is an advisory board member for EFF and EPIC, among other organizations.

Read More →

Is iPhone Banking Safe? An Expert Answers

iPhone and mobile banking can feel like setting foot in the jungle: You don't know what's in there, but you suspect a lot of it's not good. We hear a lot of terms thrown around when it comes to iPhone banking security: 128 bit encryption, two factor authentication, security dongles—and a lot of scary anecdotes about millions of credit card account numbers being stolen from this or that company. Getting to the bottom of whether iPhone banking is safe can be confusing at best. So is iPhone banking safe?

Read More →

Bruce Schneier: IT Teams Need Cyberattack Response Planning More Than Prevention

Corporate and government IT teams have been rushing to prevent the kind of large-scale cyberattack experienced recently by Sony Pictures, Blue Cross, Anthem, Target, Home Depot and the U.S. Department of the Interior, among others. In each of these cases, hackers from locations around the globe were able to gain access to computer networks housing sensitive information, accounts, and personal data, such as the social security and credit card numbers of consumers and employees. The consequences of such security breaches can be devastating.

Read More →

Bruce Schneier: David Cameron's Proposed Encryption Ban Would 'Destroy the Internet'

A highly respected cryptographer and security expert is warning that David Cameron's proposed ban on strong encryption threatens to "destroy the internet."

Last week, the British Prime Minister told Parliament that he wants to "ensure that terrorists do not have a safe space in which to communicate."

Strong encryption refers to the act of scrambling data in such a way that it cannot be understood by anyone without the correct key or password — even law enforcement with a warrant, or the software manufacturer itself. It's used in some of the most popular tech products in the world, including the iPhone, WhatsApp messenger, and Facebook.

But amid heightened terror fears, Cameron says "we must look at all the new media being produced and ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on."

The Prime Minister first indicated that he would try and clamp down on secure communications that could not be decrypted by law enforcement even with a warrant back in January, in the aftermath of the Charlie Hebdo shootings in Paris. His comments sparked an immediate flurry of condemnation from privacy and security activists, but his recent statements show he's not backing down.

Read More →

I Read “Data and Goliath” Because of Barbara Fister

I'm interested how we choose the books we read. Here is my request to you. Please keep track of, and share with our IHE community, how you select your books.

For one of the recent books that I read I can definitely share my book selection process.

Read More →

Video: Army Cyber Institute

Bruce Schneier gave a brief (one-minute) statement on cybersecurity.

Watch the Video on YouTube

Read More →

This Security Expert Reckons Mass Surveillance Doesn't Stop Terror Attacks

  • Felix Macherez
  • Vice
  • June 26, 2015

This interview originally appeared in French on VICE France.

Today's terrorist attack in the Rhône-Alpes region of France, involving the decapitation of a man, has been met with widespread horror and condemnation. So have those in Tunisia, killing 28, and another in Kuwait killing 25. These horrific events are sure to fuel discussion about how to stop this kind of atrocity happening again.

Following January's Charlie Hebdo attacks in Paris, the French government decided to expedite a new surveillance law.

Read More →

Video: Keynote: Data and Goliath

Bruce Schneier gave a keynote address at the Norwegian Developers Conference in Oslo.

Watch the video on Vimeo.com

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.