Articles by Victor Wheatman On Current Matters


October 5, 2014

By Victor Wheatman

Almost daily, we hear about security breaches with millions of personal data records compromised, requiring companies to notify those affected, and to provide free credit and identity theft monitoring services. Invariably, local newscasters finish their reports advising viewers to "change their passwords."  Easily said. 


March 24, 2014

By Victor Wheatman 

The term "cyberwar" is bandied about, especially when global tensions perk.  Then, zero-day attacks,  Distributed Denial of Service (DDoS), ransomware, assorted malware and other attacks are lobbed about between warring factions to try to disrupt things, steal identities and grab intellectual property.  These attacks are not "war" but more "crime" and "annoyance."   After all, no one is getting killed and physical facilities are not being blown up.  Not usually anyway.


January 27, 2014

By Victor Wheatman

Hey, here's a good idea: let's have the part of facilities management that deals with the physical security of the office park, the factory, and the government facility work with the folks that handle IT Security. Let's put those folks together in a room, see where there's overlap, eliminate duplication of effort and maybe even save money by flattening the overall "security" management system. It's all "Security."   Yeah, that should work. Bring them together.


January 14, 2014

By Victor Wheatman

There is growing concern over the security of SCADA (supervisory control and data acquisition systems), one of the Internet of Things topics discussed at the Amphion Forum conference recently held in San Francisco.


November 25, 2013

By Victor Wheatman

So, how did you do this year with your security budget requests?  And how does the plan look for next year?  With information security representing a competitive arms race with the bad guys, you want enough funding to insure you are practicing commercially reasonable security, and to support mission critical business strategies.


November 20, 2013

By Victor Wheatman

In the continuing stream of revelations about reported NSA hacking to protect national interests comes more news. Data moving between data centers operated by the world's largest Internet email companies allegedly was intercepted and collected for analysis because the encryption protections on the data was bypassed. The prevailing theories about how the NSA apparently did this varies. 


November 6, 2013

By Victor Wheatman

Maybe it's just me, but many market analysts tend to be skeptical about the latest shiny new thing promising the "complete solution" in security and other technology initiatives. Skepticism is fueled by the constant stream of overlapping tools, enhancements and nuanced products promising to do something "more;" but with functionality that ultimately may become features in other products. Some organizations want and need to stay ahead of the adoption curve and pay attention to market moves by new and established vendors.


October 22, 2013

By Victor Wheatman

Want to bypass a car's immobilizer theft-protection system or hack critical medical devices such as insulin pumps and pacemakers? 

Did you know that the next generation of airline control systems is designed to efficiently improve air travel, but the reportedly does not use encryption on its communications links, and is also missing authentication mechanisms meaning false signals could be introduced to create airborne confusion. 

These systems - modern automobiles, air control systems, along with power plant controls, sophisticated and connected medical equipment, many household appliances and other devices were once isolated, but now they are increasingly connected and interconnected as part of the "Internet of Things." 


October 22, 2013

By Victor Wheatman

So whoopie-do, the new iPhone has a fingerprint reader to unlock the phone as a market differentiator,  and to open new authentication applications and developer opportunities - assuming Apple opens up the appropriate APIs.  This is based on the technology  Apple bought last year when it acquired AuthenTec which has encryption technology, fingerprint sensors and identity management software. 

And already, hackers, taking a clue from 1970s spy movies, managed to fool the reader using the simplest of techniques: they lifted a registered fingerprint from a drinking glass, presented it to the reader, and voila! You're in!  (BTW, whatever happened to the requirement it be a "live" finger?)

The Human Factor: Gain new insight into the ways attackers exploit end-users' psychology​​

About Security Current | Privacy Policy | Subscribe to our newsletter