Filter By:

Recent Podcasts


\ Blog 

September 18, 2017 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Poulin: The Economics of IoT Fear and Uncertainty

Information- (and now device-) security is an underappreciated field. It’s anti-climactic and difficult to justify the cost of building security in, bolting security on and implementing security controls for the operating environment. But it's up to us in the community to become early adopters and work with the manufacturers to make products as secure as possible for the general public. 

Read More »

August 14, 2017 | AppDev Frameworks
By Adam Shostack, IANS Faculty

 Shostack: Learning From npm's Rough Few Months

The node package manager (npm) is having a bad few months. Organizations need to look at their controls for identification, protection and detection around package management, and if they make a package manager, threat model the heck out of it. 

Read More »

August 8, 2017 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Poulin: What I Hacked this Summer in Vegas

Another July has come and gone, leaving the security community with a collective information hangover from Black Hat, DEF CON and BSidesLV. Hardware exploitation, IoT, machine-learning and blockchain emerged as some of the major themes from the conferences this year. 

Read More »

August 7, 2017 | Certifications and Training
By Kevin Beaver, IANS Faculty

 Beaver: Establishing Credibility Key to Infosec Success

One thing I've discovered over the years is that security has a credibility problem. It's nothing personal. It's just that other people aren't buying what we're selling until they’re convinced we are worth listening to. So, the question becomes: what are you doing to make sure that happens?

Read More »

July 25, 2017 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Poulin: You Mod it, You Own It?

If your toaster catches fire because of a design defect, you can sue the manufacturer. If your computer is compromised because of a software vulnerability, that’s your problem (remember that end-user license agreement you clicked through without reading?) The Internet of Things is the intersection of products and software, and the result is a muddied liability equation.

Read More »

July 21, 2017 | Mobile Access and Device Management
By Ken Van Wyk, IANS Faculty

 Van Wyk: Security Track Record for iPhone Not an Accident

It’s not just luck. Apple has managed to keep the iPhone (and its iOS brethren) safe from any major malware outbreak for 10 years. Building a multi-faceted security architecture that substantially raises the cost of successful attacks can be extremely effective. 

Read More »