securitystandards – SSL and internet security news

WPA3

July 12, 2018 infossl

passwords, secrecy, Security technology, securitystandards, wifi

Everyone is writing about the new WPA3 Wi-Fi security standard, and how it improves security over the current WPA2 standard. This summary is as good as any other: The first big new feature in WPA3 is protection against offline, password-guessing attacks. This is where an attacker captures data from your Wi-Fi stream, brings it back … Read More “WPA3” »

Securing Elections

May 10, 2017 infossl

nationalsecuritypolicy, Security technology, securityengineering, securitystandards, voting

Technology can do a lot more to make our elections more secure and reliable, and to ensure that participation in the democratic process is available to all. There are three parts to this process. First, the voter registration process can be improved. The whole process can be streamlined. People should be able to register online, … Read More “Securing Elections” »

Security and Privacy Guidelines for the Internet of Things

February 9, 2017 infossl

internetofthings, privacy, Security technology, securityengineering, securitystandards

Lately, I have been collecting IoT security and privacy guidelines. Here’s everything I’ve found: “Internet of Things (IoT) Broadband Internet Technical Advisory Group, Broadband Internet Technical Advisory Group, Nov 2016. “IoT Security Guidance,” Open Web Application Security Project (OWASP), May 2016. “Strategic Principles for Securing the Internet of Things (IoT),” US Department of Homeland Security, … Read More “Security and Privacy Guidelines for the Internet of Things” »

Effects of the 2011 DigiNotar Attack

December 29, 2016 infossl

breaches, certificates, hacking, infrastructure, Security technology, securitystandards

Nice article on the 2011 DigiNotar attack and how it changed security practices in the CA industry. Powered by WPeMatico

How Different Stakeholders Frame Security

October 24, 2016 infossl

academicpapers, internet, Security technology, securitypolicies, securitystandards

Josephine Wolff examines different Internet governance stakeholders and how they frame security debates. Her conclusion: The tensions that arise around issues of security among different groups of internet governance stakeholders speak to the many tangled notions of what online security is and whom it is meant to protect that are espoused by the participants in … Read More “How Different Stakeholders Frame Security” »

The Cost of Cyberattacks Is Less than You Might Think

September 29, 2016 infossl

academicpapers, costbenefitanalysis, cyberattack, cybersecurity, databreaches, externalities, nationalsecuritypolicy, nist, reputation, Security technology, securityengineering, securitystandards

Interesting research from Sasha Romanosky at RAND: Abstract: In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST) to develop a framework that would become an authoritative source for information security … Read More “The Cost of Cyberattacks Is Less than You Might Think” »