Category: riskassessment

Auto Added by WPeMatico

The NSA on the Risks of Exposing Location Data

Posted on By infossl
cybersecurity, geolocation, military, nsa, riskassessment, risks, Security technology, smartphones, tracking

The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Most users rely on features disabled by such mitigations, making such safeguards impractical. Users should be aware of these risks and take action based on their specific situation and risk tolerance. … Read More “The NSA on the Risks of Exposing Location Data” »

The Unintended Harms of Cybersecurity

Posted on By infossl
academicpapers, cyberattack, cybercrime, cybersecurity, riskassessment, risks, Security technology

Interesting research: “Identifying Unintended Harms of Cybersecurity Countermeasures“: Abstract: Well-meaning cybersecurity risk owners will deploy countermeasures (technologies or procedures) to manage risks to their services or systems. In some cases, those countermeasures will produce unintended consequences, which must then be addressed. Unintended consequences can potentially induce harm, adversely affecting user behaviour, user inclusion, or the … Read More “The Unintended Harms of Cybersecurity” »

Andy Ellis on Risk Assessment

Posted on By infossl
psychologyofsecurity, riskassessment, risks, Security technology

Andy Ellis, the CSO of Akamai, gave a great talk about the psychology of risk at the Business of Software conference this year. I’ve written about this before. One quote of mine: “The problem is our brains are intuitively suited to the sorts of risk management decisions endemic to living in small family groups in … Read More “Andy Ellis on Risk Assessment” »

On Cybersecurity Insurance

Posted on By infossl
academicpapers, cybersecurity, insurance, riskassessment, risks, Security technology

Good paper on cybersecurity insurance: both the history and the promise for the future. From the conclusion: Policy makers have long held high hopes for cyber insurance as a tool for improving security. Unfortunately, the available evidence so far should give policymakers pause. Cyber insurance appears to be a weak form of governance at present. … Read More “On Cybersecurity Insurance” »

Risks of Password Managers

Posted on By infossl
passwords, passwordsafe, riskassessment, risks, Security technology

Stuart Schechter writes about the security risks of using a password manager. It’s a good piece, and nicely discusses the trade-offs around password managers: which one to choose, which passwords to store in it, and so on. My own Password Safe is mentioned. My particular choices about security and risk is to only store passwords … Read More “Risks of Password Managers” »

What Happened to Cyber 9/11?

Posted on By infossl
bombs, cyberattack, cyberterrorism, fear, riskassessment, Security technology, terrorism

A recent article in the Atlantic asks why we haven’t seen a”cyber 9/11″ in the past fifteen or so years. (I, too, remember the increasingly frantic and fearful warnings of a “cyber Peal Harbor,” “cyber Katrina” — when that was a thing — or “cyber 9/11.” I made fun of those warnings back then.) The … Read More “What Happened to Cyber 9/11?” »

Terahertz Millimeter-Wave Scanners

Posted on By infossl
police, riskassessment, scanners, Security technology, terrorism, tsa

Interesting article on terahertz millimeter-wave scanners and their uses to detect terrorist bombers. The heart of the device is a block of electronics about the size of a 1990s tower personal computer. It comes housed in a musician’s black case, akin to the one Spinal Tap might use on tour. At the front: a large, … Read More “Terahertz Millimeter-Wave Scanners” »