Lohrmann on Cybersecurity

Shaun Henry, the FBIs top cyber cop and executive assistant director responsible for cyber, told the Wall Street Journal (WSJ) that we're not winning and that the current approaches being used by the public and private sectors are: "Unsustainable. Computer criminals are simply too good and defensive measures too weak to stop them."

Internet privacy has long been a hot-button issue. Central questions are being asked about who owns what data, how that data can be used by various companies to target individuals in marketing and whether users can opt-in or opt-out of various data-sharing approaches. Just as in other areas of life in America in 2012, these questions are often end up being settled in the courts.

I traveled to Eastern Europe last week to speak at two different one day cybersecurity conferences that are a part of a series of events known as the IDC IT Security Roadshow 2012.

Will new cybersecurity legislation pass in 2012? If yes, what will be included, what will be left out and which agencies or organizations will be in charge of various information sharing and monitoring roles? These are hot questions in DC right now.

But where do hackers live and spend their time? Beyond Black Hat Conferences around the world, where do hackers congregate online? As security pros scan the world-wide-web for the good, the bad and the ugly, we come across information, tools and methods that the majority of people dont know exist.

How many online social networks have you joined? I'm starting to wonder if there are too many social media sites that I participate in. Is a backlash coming?

FUD is a complicated topic. FUD can be your friend or your worst enemy. It can light a fire under cyber initiatives, or end a career. It can influence decisions in the middle of a crisis. Regardless of the story, FUD is important to master and thats not just hype.

It's that time of year when my email in-box starts filling up with invitations to events surrounding the RSA conference in San Francisco. Nevertheless, some of my best experiences have been at security and technology conferences near home.

Major technology vendors announced the formation of the Domain-based Message Authentication, Reporting and Conformance (DMARC) system today. This new email authentication framework should reduce the number of phishing scams that try to trick users into thinking emails are from someone else.

The Federal Trade Commissions website at www.onguardonline.gov remained down for a second day after it had suffered a security breach.

This is turning into a wild week for headline-grabbing cyber activity. Immediately following Internet protests of proposed new legislation to crack down on Internet piracy, the Department of Justice (DOJ) moved quickly to shut down one of the most popular websites known for illegal downloads called Magaupload.

On January 18, 2012, Wikipedia and a long list of other popular websites will go dark to protest the proposed Stop Online Piracy Act (SOPA).