The Open Web Application Security Project (OWASP) is focused on improving the
security of software. Their mission is to make software security visible, so
that individuals and organizations worldwide can make informed decisions
about true software security risks and their OWASP Top 10 provides a list of
the 10 Most Critical Security Risks. For each risk it provides a description,
example vulnerabilities, example attacks, guidance on how to avoid and
references to OWASP and other related resources. Many of you are familiar
with their Top 10 Most Critical Web Application Security Risks. They provide
the list for awareness and guidance on some of the critical web applications
security areas to address. It is a great list and many security vendors point
to it to show the types of attacks that can be mitigated.
Now the Internet of Things (IoT) has its own OWASP Top 10.
Did you see what the NFL is doing this year with sensors?
Earlier this month they announced a partnership with Zebra Technologies, a
company that provides RFID chips for applications from ‘automotive assembly
lines to dairy cows’ milk production.’ This season there will be sensors
in the player’s shoulder pads which will track all their on field
movements. This includes player acceleration rates, top speed, length of
runs, and even the distance between a ball carrier and a defender. Next year
they’ll add sensors for breathing, temperature and heart rate. More stats
than ever and... (more)
Do you avoid stores that have had a credit card breach?
You are not alone. About 52% of people avoid merchants who have had a data
breach according to a recent Lowcards survey. They surveyed over 400 random
consumers to better understand the impact of identity theft on consumer
behavior. 17% said they or a family member was a victim of identity theft
over the last year with half the cases being credit card theft. 94% said they
are more concerned or equally concerned about ID theft. They estimate that
there were 13.5 million cases of credit card identity theft in the United
It is only fitting that the 20th anniversary of the Gartner Hype Cycle has
the Internet of Things right at the top of the coaster.
IoT is currently at the peak of Inflated Expectations. The Gartner Hype Cycle
give organizations an assessment of the maturity, business benefit and future
direction of more than 2,000 technologies.
The theme for this year’s Emerging Technologies Hype Cycle is Digital
As you can see, being at the top really means that there is a ton of media
coverage about the technology, so much so that it starts to get a little
silly. Everyone is talking... (more)
Yet another retailer has confessed that their systems were breached and an
untold number of victims join the growing list of those who have had their
data was stolen. This one could be bigger than the infamous Target breach. I
wonder if some day we’ll be referring to periods of time by the breach that
occurred. ‘What? You don’t remember the Target breach of ’13! Much
smaller than the Insert Company Here Breach of 2019!’ Or almost like
battles of a long war. ‘The Breach of 2013 was a turning point in the fight
against online crime,’ or some other silly notion.
Don't MIss Peter Si... (more)