5 Ways to Harden Election Technology

Voting machinery needs hardware-level security. The stakes are the ultimate, and the attackers among the world’s most capable.                                                                            […]

TPM-Fail: What It Means. What to Do About It.

On November 12, 2019 researchers led by a team at Worcester Polytechnic Institute, disclosed details of two new potentially serious security vulnerabilities — dubbed TPM-Fail — that could allow attackers to steal cryptographic keys protected inside two types of Trusted Platform Modules (TPMs). Because millions of deployed systems probably have the TPM-Fail vulnerability, the scope of exposure is […]

Malware, Not Missiles / Supply-Chain Security

By Julia Pack, United States Air Force Academy The recent tragedies of two Boeing 737 MAX-8 passenger jets crashing, despite pilots’ efforts to save them, set off a global alarm about the vulnerability of large, sophisticated aircraft to a flaw in a single subsystem. Cyberattacks on aircraft may well be more cost-effective for hostile entities than […]

The 3 CyberSecurity Rules of Trust

A security CTO’s guidelines to making better decisions about cybersecurity. Rule 1: “All things being equal, trust as little as possible.” Rule 2: “Use evidence and experience to measure trustworthiness.” Rule 3: “Distrust proportionally to the level of risk.”