ALERT: CyberAttack Underway Against US Gas Piplines May 6, 2012
Posted by Chris Mark in cybersecurity, Industry News, InfoSec & Privacy, Risk & Risk Management, terrorism.Tags: Chris Mark, cybersecurity, Gas Pipeline, ICS CERT, InfoSec, mark consulting group, security, terrorism
1 comment so far
According to stories on MSNBC, CNN, and other major outlets, “A major cyber attack is currently under way aimed squarely at computer networks belonging to US natural gas pipeline companies, according to alerts issued to the industry by the US Department of Homeland Security.” On March 29th, 2012 the US Department of Homeland Security issued 3 confidential Amber Alerts warning that the US was facing a: “gas pipeline sector cyber intrusion campaign” against multiple pipeline companies. The attacks, which began 4 months ago, are ongoing today. The Industrial Control Systems Cyber Emergency Response Team (ICS CERT), which is responsible for helping secure the nation’s industrial control systems said: (more…)
Porn, Steganography & Al Qaeda = Bad News May 2, 2012
Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management, terrorism.Tags: al qaeda, Chris Mark, cybersecurity, data security, InfoSec, mark consulting group, steganography, terrorism
add a comment
“Believe half of what you see and nothing that you hear”…Benjamin Franklin
Recently it was disclosed that German cryptographers had managed to decipher plans taken from an Al Qaeda operator who had a memory card confiscated. According to the story: “On May 16 last year, a 22-year-old Austrian named Maqsood Lodin was being questioned by police in Berlin. He had recently returned from Pakistan via Budapest, Hungary, and then traveled overland to Germany. His interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards. Buried inside them was a pornographic video called “Kick Ass” — and a file marked “Sexy Tanja.” “ As stated on Gary Kessler’s website: (more…)
Chris Mark Speaking in London- “Hactivists, CyberSpies, & Thieves: Risk & Data Centric Security” April 18, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management.Tags: Chris Mark, CISO Intelligence Forum, cybersecurity, http://ciso-intelligence.com/, InfoSec, mark consulting group, risk management, security
add a comment
On June 19th, Chris Mark (that is me;) will be hosting a workshop at the CISO Intelligence Forum: Energy in London, England. My particular workshop will be titled: “How to select a security vendor”. Not really..that was a bad joke 😉 (security geeks get it). The 1/2 day workshop will be titled: “Hactivists, CyberSpies, and Data Thieves: A Discussion of Risk & Data Centric Approaches to Security”. You can download the brochure here. While my own workshop is sure to be the most well attended (another bad joke), I do have to give some props to the other speakers. This event has some top shelf talent shelf talent speaking including speakers from the PCI SSC, Lanco, SOCA, and Northrup Grumman, among others. If you are looking for solid information on data security in the energy segment, this is the place to be.
Chris Speaking at Piracy Week Hamburg- April 23-26, 2012 April 17, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, Piracy & Maritime Security.Tags: Anti Piracy, Chris Mark, combating piracy week, cybersecurity, hanson wade, InfoSec
2 comments
I am off to Hamburg, Germany next week to speak at the 11th Annual Combating Piracy event sponsored by Hanson Wade. If you are in Germany, come by. Hanson Wade puts on some great events. I am speaking for Guardian Maritime Security on the topic of CyberSecurity in the Maritime Industry. Last year I spoke on deterrence theory and the Value of armed guards in the protection of vessels. Protection Vessels International (PVI) will be giving an update on the Evolving and Complex Tactics of Pirates.
As usual, some company will speak on “selecting a security vendor” in an attempt to win business. I would think for 4K Euros people would expect to hear more than a sales pitch from a struggling company…but…I digress.
I am actually excited about attending to catch up with some friends, talk to new clients and most importantly…eat at Subway. That’s right..there is a Subway sandwich store in Hamburg, Germany! Many people are unaware that Marine Corps Snipers and Subway have a long history together.
I may be taking a short hiatus while in Germany but will get back to writing as soon as I return.
(UPDATE)-“Interesting” Logic & Analysis – Verizon’s 2012 Data Breach Report April 17, 2012
Posted by Chris Mark in Industry News, InfoSec & Privacy, terrorism.Tags: anonymous, Chris Mark, CSOonline, cybercrime, hacktivism, InfoSec, mark consulting group, security, Verizon data breach report
2 comments
I received a very insightful comment from one of the Verizon authors and thought it prudent to share. I think this explanation is very helpful for companies looking at infosec controls. Here it is, in part(emphasis added): “You make a valid point about the fact that a determined attacker would simply try again if the first attempt failed. However, our finding that most breaches are avoidable through relatively simple controls doesn’t overlook this as you suggest. Our data show that most criminals aren’t determined to breach a particular victim and likely won’t try again if met with decent resistance. In fact, the extreme opportunistic nature of target selection means they likely won’t even be attacked w certain controls in place because automated probes will skip on down the street after jiggling the door handle a bit.“ You can read the full comment, in ‘comments’. The entire post is you continue reading. (more…)
Global Security, Privacy, & Risk Management 