Quantum computers powerful enough to break the strongest classical encryption are at least a decade away, but the time to develop quantum safe encryption is now. In this opinion piece, Thomas Pöppelmann, a Senior Staff Engineer, Security Architecture and Cryptography Research at Infineon Technologies talks about the steps NIST and companies like Infineon are taking to make that happen.
How does a flaw potentially affecting the integrity of printer management application get a “critical” severity rating and one affecting the integrity and operation of anesthesia machines get a “moderate” severity rating? It has to do with our evolving and still immature system of rating (and therefore thinking about) cyber risk.
College and university campuses are notoriously difficult to tame. In this one-on-one interview, I speak with Plamen Martinov, the Chief Information Security Officer for the Biological Sciences Division at the University of Chicago about how his organization has used NIST’s Cybersecurity Framework to create a security lingua franca at UChicago and improve the organization’s security posture.
There are plenty of standards that can be used to help secure The Internet of Things, but not much evidence that they’re being used, according to NIST, which calls on government and industry to settle on conforming standards for IoT products in a new report.
Podcast: Play in new window | Download (Duration: 53:13 — 60.9MB) | EmbedSubscribe: Android | Email | Google Podcasts | RSSIn this week’s edition of The Security Ledger Podcast we talk with security researcher and data spelunker Chris Vickery of the firm UpGuard about his discovery of a data trove containing consumer profiles on 123 million American households. Also: there’s a tough new standard for handling federal data come January 1st in the form of NIST’s 800-171 standard. And: Katie Moussouris joins us back in the studio to talk about what the updated Wassenaar Arrangement means for security researchers.