News Tagged "Register"
Page 2 of 2
It's how you respond that's key, says securo guru
Hacking attacks are more or less inevitable, so organisations need to move on from the protection and detection of attacks towards managing their response to breaches so as to minimise harm, according to security guru Bruce Schneier.
Prevention and detection are necessary, but not sufficient, he said. Improving response means that organisations stay on their feet even after they are hit by a serious security breach or hacking attack.
“A sufficiently motivated, funded and skilled hacker will always get in,” Schneier told delegates during a keynote at the IP Expo conference in London. The security guru added that criminals and hackers are now using the sort of tools and techniques that were once the sole purview of intel agencies…
Bruce Schneier is the man who literally wrote the book on modern encryption, publishing Applied Cryptography in 1994, and for the past 20 years has been an important and sometimes outspoken voice in the security industry.
He founded the firm Counterpane Internet Security (later sold to BT), and is also a board member of the Electronic Frontier Foundation and an Advisory Board Member of the Electronic Privacy Information Center.
More recently he’s been working on documents released by Edward Snowden on NSA activities and presented his findings at this year’s RSA conference in San Francisco. …
The good news? Strong crypto still works
RSA 2014 If you thought NSA snooping was bad, you ain’t seen nothing yet: online criminals have also been watching and should soon be able to copy the agency’s invasive surveillance tactics, according to security guru Bruce Schneier.
“The NSA techniques give about a three to five year lead on what cyber-criminals will do,” he told an audience at the RSA 2014 conference in San Francisco.
“These techniques for exfiltrating data aren’t magical, they are just expensive. Everything we know about technology is that it gets cheaper. So the notion of putting up a fake cell tower or wireless access point, of jumping air gaps, you’re going to see this stuff—it’s really just a matter of time.”…
Crypto guru urges creative thinking from security pros
Cryptography guru Bruce Schneier called for more creative thinking and a broader perspective as a means to tackle security problems.
For example, the music industry, faced with an explosion in online file-sharing, hired security pros to develop anti-piracy measures, such as digital rights management technology. But these inconvenienced punters while doing little or nothing to stem copyright infringement. A better approach was making songs affordable and easy to buy, a model that has since lined Apple’s deep pockets.
“This [the latter approach] is not something a security person would think up,” Schneier said at the RSA Europe conference. “Security professionals would be too focused on building a better door lock.”…
RSA 2012 Usually the bête noire of the annual RSA conference is the criminal hacking community, but security guru Bruce Schneier asserts that government, business, and the military may well pose a bigger threat to security professionals.
“The current risks to internet freedom, openness, and innovation don’t come from the bad guys — they are political and technical. I suppose I should call this talk ‘Layer eight and nine threats’,” he told his audience on Tuesday at RSA 2012.
Attempts at ill-conceived legislation are a major concern, he said. Outsiders trying to legislate something they have no understanding of (a “…
It’s a rare security book that can raise awareness without resorting to sensationalism, but Bruce Schneier’s recent title Beyond Fear is one of them. It covers the theory behind both good and bad security practices, though it’s not a manual. It does not explain how to make whatever you wish to defend more secure, but it will help you to think clearly about how to do that.
The book clearly defines the essential concepts and basic practices behind security in all areas of life. Indeed, computers and networks hardly come up. It’s the universal principles that Schneier is concerned with here, and he illustrates them with numerous everyday examples from the airport to the ATM to the local supermarket…
Contestant would do it again 'in a second'
Last month we reported the triumph of two Belgian academics in the US encryption standard contest. But how was the contest organised? If you’re not interested, stop reading now.
In the early seventies the US government put out a call for an encryption algorithm. It had no response. A year later in 1973 they tried again and got one response, from IBM. Then followed a bit of politicking, but by 1975 DES was born.
DES was initially a FIPS (Federal Information Procurement Standard), but was quickly adopted around the world as the de facto standard for encryption…
Sidebar photo of Bruce Schneier by Joe MacInnis.