jump to navigation

Chris Mark Speaking at OpenEdge 2016 Partner Advisory Board May 27, 2016

Posted by Chris Mark in cyberespionage, cybersecurity, Uncategorized.
Tags: , , , , , ,
add a comment

OpenEdgeI am honored to have been asked to present as the keynote speaker at the OpenEdge 2016 Partner Advisory Board on June 6th, in Chicago, Il.  I will be speaking on the state of cybercrime today and provide a live demonstration of the Dark Web as well as a description of how cyber thieves steal and use payment card data.  It should be a fun event for everyone!  If you are an OpenEdge Partner please consider attending!

Chris Mark to speak at 2016 ISF Texas April 10, 2016

Posted by Chris Mark in Uncategorized.
Tags: , , , , ,
add a comment

ISF2016This week (10:30 am, April 14, 2016) I will be in the awesome city of Austin, TX speaking at the 2016 Information Security Forum. The ISF is: “…a free educational conference aimed at public sector Information Security Officers, Information Resources Managers, and IT staff throughout the State of Texas. The conference is hosted by the Texas Department of Information Resources (DIR) and will be managed by the Office of the Chief Information Security Officer (OCISO).”  The title of my presentation will be “Hackers, Slackers, and Thieves, understanding your adversary.”  If you are in Austin, please consider attending!

Lenovo caught (again) installing SpyWare and Malware on Computers! September 27, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , , , ,
add a comment

LenovoI just saw on TheHackerNews Security Blog on a link I picked up on LinkedIn.  If true (no reason to think it is not), this is truly bad business and shameful practices by Lenovo..AGAIN. Keep in mind that two years ago Lenovo (a Chinese company, BTW) was banned (Again..) from providing computers to the US Intelligence and defense services of  over spying issues.  They were first banned in 2006!  Then, in January 2015, Lenovo was caught…ONCE AGAIN..installing SuperFish malware onto refurbished laptops.  SuperFish has a serious vulnerability which makes it vulnerable to Man in The Middle Attacks (MitM).  Now, according to TheHackerNews Lenovo  was caught in August installing a rootkit into their computers.  This rootkit, known as the Lenovo Sevice Engine (LSE) installs into the BIOS on the computer.  According to TheHackerNews:

So what does this really mean for you…the consumer?  If you want to buy a Lenovo I would only ask that you email me as I have a great bridge for sale in Utah and would love to introduce you to some Ukrainian friends who love to give high interest loans.  Honestly, if you are going to buy a Lenovo after reading this, you probably deserve what you get.  I can tell you that I would never own a Lenovo again (had one in the 1990’s).  Fool me once…shame on you…fool me twice shame on me…fool me a third time?  Seriously?

Dupont’s Titanium Oxide Color Recipe- Stolen for Chinese Advantage July 22, 2015

Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management.
Tags: , , , , , , , ,
add a comment

Oddly (to me anyhow) this is the 2nd most  popular post on my blog!  It was written over 3 years ago but since it gets so much traffic I thought I should re-post.  Here it is in 2015!

Many mistakenly believe that only “high tech” secrets and intellectual property are targets for intellectual property theft.  In a clear example of how any propriety secret can be considered a target, a scientist (Tse Chao) who worked for Dupont from 1966-2002 (36 years!) pleaded guilty in Federal court on Thursday to committing espionage for a company controlled by the Chinese government.  Mr. Chao testified that he provided confidential information to Chines controlled Pangang Group. What did he steal? Among other things, the recipe for Dupont’s Titanium Dioxide.  What is TD used in?  Titanium Dioxide is the ingredient in many white products that makes the products white.  Products such as paint, toothpaste, and Oreo cookie filling!  Stealing the ingredients to Oreos shows just how low cyberthieves will go!   According to court documents: “DuPont’s chlorine-based process was eagerly sought by China, which used a less efficient and more environmentally harmful production method”

I have worked with a number of large companies who, when asked why they did not protect trade secrets, replied that they did not believe their industry or type of product was of interest.  Make no mistake.  If your company has a unique process, technology, or product, it IS of interest to many companies.  Unfortunately, the US Government has released reports that state that China is sponsoring much of the US and European cyber espionage.

photo from: http://www.titaniumexposed.com

Getting into Information Assurance Careers June 2, 2015

Posted by Chris Mark in Uncategorized.
Tags: , , , , , , ,
1 comment so far

March coverI have had a number of folks email me asking about becoming an InfoSec worker so I am writing this post to (hopefully) help those who are interested.  In 2001, I landed in InfoSec by pure luck and I have never looked back.  It is an amazing field and a great career path.  First..for some marketing.  According to the InfoSec Institute, the average CISSP Salary in 2014 is over $100,000 per year.  In 2013 there were 209,000 job postings for CyberSecurity Jobs and it is estimated that in 2015, there are 40,000 more jobs than people to take them.  In short, it is a very high demand field.

InfoSec?  CyberSecurity? Information Assurance?  WHAT?

It is even confusing to me sometimes.  At a high level I use the term Information Assurance as it encompasses all of the elements of protecting data.  This includes data security (protecting data), CyberSecurity (protecting the systems, and infrastructure), Privacy (appropriate use of information) and Compliance (ensuring your company complies with relevant regulations) and Risk Management (evaluating the security risk of your organization).  While this short post does not allow for a more comprehensive overview, these are the generic ‘pillars’ that we consider.

What types of Jobs are Out There? (more…)

%d bloggers like this: