SEARCH
Key Escrow By Any Other Name is Still Key Escrow
Ray Ozzie's Clear key escrow proposal for decrypting devices relies on a secure processor that doesn't yet exist.
Zero + Zero + Zero = Trusted?
There is renewed interest in the zero trust security model as everyone tries to make sense out of how to get better security through "no trust." CIOs and CISOs should be looking at thinking about how this security model relates to their organizations.
No Easy Fix for BGP Leaks
We forget that the Internet is pretty fragile and when something breaks, there is collateral damage. DNS hijacking and BGP leaks are two of the problems we haven't fixed yet, and there aren't any easy solutions.
Uber Evolves Bug Bounty Program to Reassure Researchers
Uber has updated its bounty program to provide security researchers with clarity on what good faith research looks like.
Manage Third-Party Suppliers with Personality Tests
Every supplier and third party vendor has different behaviors, abilities and knowledge. Developing a personality profile for each supplier can help organizations decide how much effort they need to spend managing that relationship as part of an effective infosec and privacy assurance program.