Blogs

Showing Blog Posts: 11–20 of 33 by Gib Sorebo

  • The Evolution of What We Value and How Much

    by Gib Sorebo on August 19, 2013

    In the current controversies involving what our intelligence community is collecting about its citizens, the issue has frequently been framed as a balance of protecting the personal safety of people versus protecting one’s privacy. While delving deeper may reveal a false dichotomy, we nonetheless must acknowledge that such tradeoffs do exist. At the very least, we’ve come to expect and accept…

  • Bring Your Own Device (BYOD) for Control Systems?

    by Gib Sorebo on June 6, 2013

    I just finished attending Interop Las Vegas where I gave a talk entitled “BYOD Security and Privacy.” In walking the show floor and attending a variety of sessions, there was little doubt that Bring Your Own Device (BYOD) is a hot topic that cybersecurity professionals are struggling to get their arms around. The challenge is further magnified by the fact that this trend is less one of technology…

  • RSA 2013: The Culmination of Cybersecurity Month

    by Gib Sorebo on March 12, 2013

    It’s not unusual for cybersecurity vendors to time new product announcements and major initiatives to coincide with the RSA Security Conference. Similarly, major threat reports, such as Mandiant’s APT1 Report, are often released to gain maximum exposure at RSA. But now it seems the White House has gotten into the act with its release of the Cybersecurity Executive Order, or so the conspiracy…

  • Is Cybersecurity Training and Education the Answer?

    by Gib Sorebo on January 22, 2013

    As politicians fight over the right approach to addressing cyber threats, the consensus seems to be that more training and education are needed, particularly in the area of critical infrastructure. Many proclaim, somewhat accurately, that many cybersecurity weaknesses are the result of users clicking on links or opening files that they should not. Logically, then, those same users should be…

  • Can I Get Credit Monitoring for That Transformer?

    by Gib Sorebo on January 2, 2013

    As organizations struggle with cyber attacks and their after effects, more and more are looking to insurance policies to cover the damage. And that really begs the question of just what do a get with a cyber insurance policy? After all, we are bombarded with news stories of stolen customer information where the biggest cost, which some cyber insurance policies cover, is credit monitoring, a…

  • Is Application Whitelisting the Answer for a More Secure Critical Infrastructure?

    by Gib Sorebo on September 4, 2012

    For the last couple years, as anti-virus has continued to fail us with a detection rate often in the single digits, many have suggested that a better approach would be to not focus on the bad but on the good. The objective would be to identify what normal is and alert on everything that is not normal. While that is still a tall task, it is often an easier one than to identify every possible piece…

  • Better Information Sharing – Is It the Way to Better Critical Infrastructure Protection?

    by Gib Sorebo on July 24, 2012

    Last week I attended a breakfast seminar in D.C. titled “Exploring Models of Cybersecurity Threat Information Sharing for Critical Infrastructure” that was sponsored by Hunton & Williams and MITRE. While I’ve attending numerous other talks on information sharing, this one had a number of interesting insights that are worth noting. The panel first highlighted some of the challenges and then noted…

  • The Social Costs of Critical Infrastructure Failures

    by Gib Sorebo on July 16, 2012

    In his seminal work, Bowling Alone, Robert Putnam laments the growing decline in social trust in our society as evidenced by declines in social interaction, civic involvement, and nearly every kind of community activity. That had led to a wide variety of ills, from increased crime to lower economic output. More important, many of our major institutions depend upon citizen involvement for their…

  • Water Systems: Are Hackers Getting Thirsty?

    by Gib Sorebo on August 19, 2011

    In the realm of critical infrastructure security, it’s easy to get caught up in discussions about smart grid and even oil and gas pipelines. After all, they are making news on a regular basis, with reports of foreign spies infiltrating our electrical grid and smart meter hacks. Additionally, human error or natural phenomena has often been the culprit for explosions that have led to a loss of…

  • Is the oil industry due for a little cyber security attention?

    by Gib Sorebo on June 1, 2010

    The legal profession is often seen as having the rather dubious distinction of seeking to profit at the misfortunes of others or, more simply, of being ambulance chasers. As law graduate myself, I don’t dispute that many practicing lawyers get rather aggressive around accident sites. Nonetheless, much of the profession’s bad name derives instead from the highly valuable function they perform, …

This document was retrieved from http://www.rsaconference.com/blogs/by/21/sorebo on Sat, 19 Apr 2014 05:26:33 -0400.
© 2014 EMC Corporation. All rights reserved.