‘Security policies’ are yet another aspect of Information security that is all around us – but we are hardly aware of it. We will see the meaning of security policy, the reasons for having security policies and some examples of security policies in this post.
A security policy in a nut shell is a document that lays out in detail how an organization is planning to safeguard its business and technological assets.
‘Biometrics’ is gaining more recognition in today’s world – thanks be to popular organizations embracing it. What is ‘Biometrics’ and what are the different types of biometrics? Read on to find out:
Biometrics – Definition:
Biometrics is uniquely used to identify a person by making use of the distinct characteristics of a person. According to the Michigan State University Biometrics research group, “The field of biometrics examines the unique physical or behavioral traits that can be used to determine a person’s identity”. These unique traits can be fingerprints, palm scan, hand geometry, retina scan, iris scan, keyboard scan to name a few of them.
With the New Year upon us, it is but natural to write about my thoughts on the security trends that might shape 2018! 🙂 So, here goes:
This might be life’s greatest quote but it holds good for the Infosec industry as well. Equifax, eBay, Uber, University of Oklahoma, Washington State University were all victims of data breaches of 2017.
These data breaches compromised personal data and 2018 will be yet another year, which steals more personal data. More organizations will lose their precious data or the data will be at the mercy of yet another ingenious way to grab it!
3. ‘Bitcoin’ and other cryptocurrencies:
Will ‘Bitcoin’ hold its sway and continue its meteoric rise? From a humble value of 1000$(for 1 Bitcoin) in the beginning of 2017 to a massive rise of 15,000$(for 1 Bitcoin) by the end of 2017, Bitcoin sure did raise a few eyebrows. It is quite a possibility that the rise will continue and ‘Bitcoin’ and other cryptocurrencies will be a game changer in the Infosec industry in 2018.
4. Ransomware, fileless malware… what next?
Viruses,phishing emails,Trojan horse were already on the prowl than, that new attacks came to the fore in 2017. We heard new security jargon like ‘ransomware’ and ‘fileless malware’ in 2017 and were scrambling to read all about it , understand it and see if were affected by it in any way.
2018 will continue to see newer types of attacks and newer security lingo thrown around as hackers get smarter. The more a technology or product is used – the higher the possibility it will be exploited in a novel manner for personal gains.
5. Data privacy
Data privacy continues to be a lost issue with every new device monitoring our conversation, location, likes, dislikes. There is a huge electronic virtual dictionary being built on us with the digital footprint that we are constantly leaving. This will continue into 2018 and beyond!
These are the five points that I think might shake the InfoSec world in 2018!
With most of us(or is it ‘all’ of us?!) being being plugged onto electronic devices like cell phones, laptops, tablets, IPads all the time, it is but necessary that we need a ‘digital detox’ from time to time. What is a ‘Digital Detox’ you may ask…well, read on to find out more…
What is ‘Digital detox’?
‘Digital Detox’ is when we divorce all our digital assets and keep away from it at least for a day in a month.
Is anything even possible without our smartphone and the countless apps that are on it? From bill payments, to booking tickets and ordering groceries – there is an app for everything and we are completely dependent on them.
Considering that social media rules our life, and we are always in a crouched position at any place in life(it maybe the grocery store, in the car, in India – we are in a crouched position even in our scooters!) it could also mean keeping away from Facebook, Whatsapp,Snapchat, Instagram, Twitter etc.
It will also mean keeping away from emails and not responding to the millions of emails that clutter our office work space.
What are its simple advantages?
Giving our self a ‘digital detox’ will definitely help us in the following ways:
And most importantly dropping less digital bits about us(at least for a day!) all around the virtual world which is probably the greatest advantage that a digital detox will give us!
How do we do it?
Why not try it today? 🙂
As the year draws to a close, here are my best technical posts of 2017:
2. Cyber diplomacy:
3. What is ‘Deep web’?
4. Conflict Resolution at the Work place:
5. Java 8:
Warm wishes for a great New Year!
It seems every other day has a new headline regarding ‘Bitcoins’. I am sure most of us give a casual glance at this word and wonder where it will go next. From a humble value of $1019 on January 1,2017 the value of Bitcoin has soared to $16,860 till date. This type of meteoric rise will obviously roll a few eyes! 🙂
I had already written about Bitcoins in my earlier post “Introduction to Bitcoins“. Let’s refresh briefly:
What is Blockchain?
‘Blockchain’ is the underlying technology that supports Bitcoin. In simple terms, blockchain is a global ledger. Sending and receiving bitcoins are some example of transactions. A group of transactions will be considered as a ‘block’ which when approved is added to the ‘chain’. This chain cannot be deleted or changed. It is continously added and maintained by all nodes in the network.
Without a regulating authority like a bank, ‘blockchain’ has kept the Bitcoin journey alive for the past 8 years!
Future of Bitcoin:
I am no Bitcoin analyst and I do not have the crystal ball, but I can certainly state a few things! 🙂
Whether the cryptocurrencies will stand the test of time, the underlying blockchain technology will definitely shake things up in the technology world and will most likely outlive ‘Bitcoin’!
Most of the world’s top universities including Stanford university, Princeton university and e-learning portals like udemy, Coursera have taken notice and started courses in Blockchain.
‘Malware’ is short form for ‘malicious software’. ‘Malware’ encompasses viruses, worms, Trojan horse, ransomware etc
Examples of malware include: Wannacry ransomware
Destruction produced by malware: computers will freeze, the computer can be used to launch attacks, the computer will crash, your data will be maliciously deleted etc.
No sooner do we start looking for jobs in the InfoSec industry, we encounter the question “Do you have any certifications?” This post will delve into the most popular certification – the CISSP.
As social media rages ahead so do other forms of sophisticated attacks. Information Security was a term that was barely used about 20 years ago. Yet, it has begun to play a major role today and will continue to do so in the future. The demand for Security professionals has also exponentially increased and the way to step into the most sought after career is to be certified.
Employers will look for a proper mix of certification and experience to short list prospective candidates. Employees will climb up the information security ladder faster if they are certified. What is the CISSP certification? Let’s find out:
The CISSP certification
‘CISSP’ is ‘Certified Information Systems Security Professional.
(ISC)2 is the ‘International Information Systems Security Certification Consortium’ and is one of the most prevalent and widely accepted standards for Information Security certification. (ISC)2 delivers the CISSP certification.
Achieving the CISSP certification is the gold standard for all security professionals. It is the first credential accredited by the ANSI/ISO/IEC Standard 17024:2003. A person who has the achieved the CISSP certification will command international respect.
The requirements for appearing for the exam are as follows:
The different domains of the CISSP exam and their weightage are listed below:
|Security and Risk Management||16%|
|Communications and Network Security||12%|
|Identity and Access Management||13%|
|Security Assessment and Testing||11%|
|Software Development Security||10%|
Duration: 6 hrs
No. of questions: 250
Pattern: Multiple choice and “advanced innovative questions”
Passing grade: 700 out of 1000 points
Benefits of the CISSP certification:
Since the CISSP certification is what most employers look for in prospective employees of information security, it is “THE” certification to achieve. It is the most sought certification in an employee.
Since the field is a dynamically changing one unlike most other professions CISSPs must recertify every three years and maintain their certification too.
For professionals, who have achieved the CISSP gold standard and are wondering “What next?” there are other CISSP concentrations like CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP.
(ISC)2 is all set to introduce the CAT(Computerized Adaptive Testing ) for all CISSP English tests worldwide from December 18, 2017. This is expected to reduce the exam duration from 6 hrs to 3 hrs. The total number of questions to be answered will also drop from 250 to 100.
Just a few years ago(or must have been many,many years ago! :)) , I remember being mesmerized by my father. It was like I was in a trance and there was an invisible magic wand giving me directions to do or not do things! Such was our relationship, it seemed to resemble a Pied piper and his followers!! 🙂
I am sure we see this in many houses – fathers being extra special to the little or(big!) girl in the house and the mother going the extra mile for the son in the house! Traditional thinking has it that daughters have a magnetic attraction towards their fathers(and vice versa) and sons are more inclined towards their mothers(and vice versa here too!) But is it really true that way or is it that we are brought up thinking that way?
While it may be true in many cases, not all relationships work that way. What will happen where when it is an all girl household or an all boy household? Will all the girls be clinging to the father leaving the mother alone or will all the boys be clinging onto the mother,leaving the father alone? It doesn’t sound fair, does it?
As I have grown and matured in parenting, I have seen many mothers being close to their daughters and many sons being close to their fathers as well. It really is up to each parent and their eagerness to take part in the parenting challenge.
Mothers and daughters relationship will continue to evolve over the years. As the girl transitions from a little girl into a teenage beauty and beyond, there are quite a number of things that can be taught only by a mother. Teenage years, ’empathy'(word picked from Satya Nadella’s ‘Hit Refresh’ :)) cooking, handling family relationships,finances may be some of things that the mother can share her expertise with her daughter.
Father and sons might not come off as the giggly, fun relationship but they will mature over the years provided there is ample input from the father’s side. Finances, business and professional attitudes,care may be some of the things that a father can share with his son.
But again, there is no hard and fast rule as to what is to be taught by a father and what is to be taught by a mother.
Whether it is a son or a daughter, it might be quite fair to say, as parents – we all have the responsibility to bring them up well as we can. No passing the buck to mothers for sons and fathers for daughters!