As illustrated in this recent article in Wired, email tracking services and their counterparts, anti-tracking services, have been rapidly gaining ground on the web; to the point that 40% of all email being sent, and 99% of the majority of the emails you receive (newsletters, marketing materials, notifications and transactional emails) are now being tracked. View Full Post
Some notable stats showed up in the recently-released 2017 Veracode State of Software Security report: while “nearly a third (29 percent) of survey respondents indicated that they are actively pursuing digital transformation projects [and] … a further 29 percent stated that they are either planning for or considering digital transformation projects for the future,” there still seems to be a significant knowledge gap among business leaders with respect to the threats that prominent cyberattacks pose to their organizations. View Full Post
According to a recent Genpact study: Nearly two-thirds of consumers (63%) are worried that Artificial Intelligence is going to make decisions that will impact their lives without their knowledge Less than one-third (30%) are at least “fairly comfortable” with the idea of companies using AI to access their personal data Almost three-quarters (71%) say they don’t want companies to use AI that threatens to infringe on their privacy – even if it improves the customer experience As AI continues its inevitable expansion into consumer interactions, it’s important to develop strong, transparent and well-communicated privacy policies and practices around the data being accessed by the AI engines – especially before GDPR enforcement takes effect in May of next year. View Full Post
Per the Freedom of Information Act, US citizens have the right to access information from the federal government. We can visit to search the more than 197,000 current datasets currently indexed on the site. While the intent is to leverage that data for the public good, there’s also an enormous amount of information available that could be used by bad actors to gather information about individuals, like the physicist in this article. View Full Post
The United States Computer Emergency Readiness team (US-CERT) operates within the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC), protecting America by responding to major incidents, analyzing threats, and exchanging critical cyber security information with trusted partners around the world.   View Full Post
A good lesson for technology providers: if security researchers reach out to you, acknowledge them as quickly as possible, especially when they’ve discovered a critical vulnerability. If you work with them to remediate the issue, you may be able to get a patch out before they feel the need to publish the vulnerability for the greater good – so that those affected are aware of the problem, and can try to mitigate the risk with compensating controls. View Full Post
Free and Open-Source Software (FOSS) is computer software that can be classified as both free software and open-source software. Anyone who wishes to use FOSS is freely licensed to use, copy, study, and change the software in any way, and the source code is openly shared so that people are encouraged to voluntarily improve upon the design of the software.  View Full Post