In-brief: more than three years after it was first discovered, the Heartbleed vulnerability in OpenSSL continues to plague organizations worldwide. Why has it been so hard to fix? In this Industry Perspective, Patrick Carey of the firm Black Duck talks about some of the complicating factors that make vulnerabilities like Heartbleed so hard to eradicate.
In-brief: Far from ‘breaking’ the public key encryption (PKI) model, the Internet of Things is poised to turbocharge PKI adoption and revolutionize online identity, DigiCert CTO Dan Timpson writes.
In-brief: Gadi Evron recalls the denial of service attacks aimed at the government of Estonia in 2007 – one of the first recognized acts of ‘cyber war’ and a template for incidents that followed. Evron says there were many lessons in that incident – some of which the U.S. and its allies are still struggling to learn.
In-brief: companies that want to make life difficult for cyber criminals can start by moving valuable data off the front lines and finding ways to use less valuable information to verify the identity of their customers, writes Keir Breitenfeld, who works for Experian’s Fraud & Identity Solutions group.
In-brief: Cisco’s Marc Blackmer reports from the S4 Conference in Miami – one of the top gatherings of industrial control system security experts. Among the attractions this year: Justine Bone of the firm Medsec, the psychology of malicious insiders and a hackable “kegerator.”