CIPHER Blog

Welcome to our Blog!

We Have Prevention Bias

One can say that there are three stages of information security operations:  Prevention, Detection, and Response.  Of the three, it is usually prevention that gets the most attention. It recalls the old saying, “an ounce of prevention is worth a pound of cure.”...

read more

ACDC Is Cyber ‘Stand Your Ground’ Legislation

Representative Tom Graves (R-GA) released federal legislation in February 2017 (with updates in May) called the “Active Cyber Defense Certainty Act,” or ACDC. It’s intended to make it legal for victims of hacking attacks to “hack back” as a means of defense. To...

read more

Ransomware Attack Encrypts Data on All Windows Versions

This morning, a ransomware-type attack occurred on several companies in Europe. The systems at Telefónica's headquarters in Madrid appear to have been the initial targets of this attack and news reports indicate that 85% of the company's computers were infected and...

read more

Does your IR plan lead you in every direction but the right one?

Does your IR plan lead you in every direction but the right one? Stop what you are doing. Pull out your written Incident Response plan (if you have one at all). Now, think about this. When is the last time it was physically touched? Is it actually, literally, dusty?...

read more

Keep Your Kids Safe on the Internet

Technology is something taken for granted by kids. The so called Millenial Generation was born inserted in a world where portable multimedia communication is common sense. Ask any teenager if they can imagine a world without social networks, apps, tablets or...

read more

(Don’t) Enter Your Password

Social networks, email, online shopping, cloud storage, both in the corporate and private world, there are many services used daily that request logins and passwords for access, and in most cases, users opt for the convenience of using the same data. In recent years,...

read more

SWIFT Hack

You may have seen in the media over the last couple of weeks’ references to hacks and the SWIFT financial network. So for those of you not overly familiar with banking and finance, what is SWIFT and why should it concern you? SWIFT, or to give it its full title, the...

read more

PCI DSS 3.2 – What are the changes?

Overview It has certainly been a busy time for the PCI Security Standards Council over the last year with the release of version 3.1 and now the draft release of version 3.2 of PCI DSS. This is no bad thing as it shows that the PCI Council is adapting its approach to...

read more