Lohrmann on Cybersecurity

By Jan. 1, 2018, government contractors who work for the Department of Defense (DoD) or the intelligence community are mandated to comply with a NIST special publication 800-171. In addition, these security guidelines from NIST provide a meaningful road map for other government organizations and contractors regarding cybersecurity protections. Here’s an exclusive expert interview that offers details to help.

Another major data breach stunned the world in November, but this incident was unique in several ways. What can we all learn from the Uber data breach? Here’s an industry roundup of security analysts’ lessons learned from Uber, as well as my top takeaways for all of us.

What's really going on with data breaches, hackers and cybersecurity? The online world is dramatically changing all around us, so how can we understand recent hacking events? Football can help, here's why.

How can you stay secure online (and offline) as you shop this holiday season? Whether at home or work, whether braving the mall crowds on Black Friday or surfing the Net on Cyber Monday, what should you watch out for? Here’s a roundup of some of the best advice I’ve seen from credible sources.

What actions do organizations need to take to prepare for cybersecurity incidents? The National Institute of Standards and Technology (NIST) has answers in Special Publication 800-184, titled: 'Guide for Cybersecurity Event Recovery.' Here’s an exclusive interview with one of the authors.

A new survey by Gemalto indicates that 96% of enterprises and 90% of consumers lack confidence in the security of Internet of Things (IoT) devices. The majority of 1,050 IT and business decision-makers and over 10,500 consumer respondents favor more government regulations to protect data across the IoT ecosystem.

Hurricane Maria brought unprecedented devastation to Puerto Rico, and the majority of residents are still without power. Nevertheless, with new federal aid and some of the world’s top technology leaders getting involved, the hope for a better tomorrow is now returning.

The Department of Homeland Security (DHS) has mandated that all federal executive branch agencies implement Domain-based Message Authentication, Reporting and Conformance (DMARC) to improve email security. In the same directive, DHS also mandated better Web security protections be put into place. I believe state and local governments should follow the lead of their federal counterparts and make implementing DMARC a priority. Here’s why.

Where can public-sector organizations go to find best practices regarding people, process and technology? How can governments successfully partner with the private sector in repeatable ways? Some of the best answers come from the National Association of State Chief Information Officers (NASCIO).

There is a new debate about the old topic of working from home. What’s trending: a revisit of the pros and cons of telework. Should we go back to the way we were, with more time spent in offices, or do something else? Let’s explore.

We have witnessed headline-grabbing data breaches at Equifax, the Securities and Exchange Commission (SEC) and Deloitte in the past month. Many other global companies and governments have seen massive security incidents over the past few years. There are endless lessons learned, but very few talk about this cyber blind spot that impacts us all.

Hacking back has been in the news a lot in 2017, with new proposed legislation that would legalize forms of a more “active defense” for companies. When added to the flurry of ‘hack back’ activity that is below the public radar right now, it seems likely that some form of legalization is inevitable. Let’s explore.