InfoSec to Remote or Not? That is the question.

Lately, I've been hearing of more and more companies "reigning-in" their Cyber Security professionals. At first impression this may seem like a no-brainer. But may be more backlash against the casual and laze faire behavior of a small group of abusive remote workers than anything. This begs several questions:

1. Is it more efficient?

2. Are workers (especially of certain generations) more satisfied?

3. Does it provide companies access to better talent?

4. Do on-prem workers have the same access as remote SysAdmins in this de-perimeterized enterprise landscape?

5. Do today's modern collaboration tools enable all job functions of on-prem workers?

"Clients in this area don't grok telework.  They think it's evil." - Mark McCulough

BSides Knoxville 2016: CryptoMalware Talk

Had a great time presenting at BSides Knoxville 2016: CryptoMalware: The persistent, ubiquitious threat:

*update*
ICYMI: Watch the YouTube video of my presentation: https://www.youtube.com/watch?v=6dP5Zt49uA8

I'm greatly looking forward to next year!

Moving from RansomWare to LeakWare

One of the trends I have observed on the Cyber Security threat landscape is the movement from "Ransonware" like CyrptoLocker, TeslaCrypt and CryptoWall to a new category of malware I am calling "LeakWare." This is a distinct category of malware that needs its own category, defenses and and special attention.

Simply defined, we can expect LeakWare will hold a user or company's data for ransom (maybe, probably) and if the ransom is not paid the data will then be leaked to the world via sites like pastebin, wikileaks, and others. The aim here is to up the ante beyond merely data loss to data exposure. Imagine the Sony-like impact of this potentially life/business-ending exposure. This will merit new and special attention to defense and prevention further driving the market for new and innovative technologies to guard against this and previously-seen  similar threats.