Advertisement

http://insurancethoughtleadership.com/wp-content/uploads/2014/04/bg-h1.png

Kindle

Byron Acohido

Byron Acohido

Byron Acohido, one of the nation’s most respected cybersecurity and privacy experts, has stepped into a new role: editor-in-chief at IDT911. Acohido first began paying close attention to cybersecurity and privacy in 2004 as a technology reporter and web producer at USA Today. Acohido’s deeply reported, award-winning stories and videos chronicled the emergence of cybercrime and rise of unprecedented privacy issues in the Internet Age.

While at the Seattle Times earlier in his career, Acohido was awarded the 1997 Pulitzer Prize for Beat Reporting and 11 other national awards for investigative stories linking a defect in the rudder controls of Boeing 737 jetliners to a string of crashes that killed hundreds of people.

Acohido will direct IDT911’s news content generation and also be available as an expert commentator on privacy and security topics.

Acohido is a native of Hawaii. He graduated from the University of Oregon School of Journalism and also practiced journalism at the Herald, of Everett, WA, and the Dallas Times Herald. He taught college courses at the University of Alaska Anchorage as the Atwood Chair of Journalism. He is highly regarded in tech, journalism, government and academia as an author, analyst, instructor and public speaker dedicated to fostering fresh thinking and fruitful discussions about cybersecurity and privacy.

Recent Articles by Byron Acohido

Cybersecurity Holes in Connected Cars

The photo was jarring. A Jeep Cherokee stalled in a ditch after hackers remotely disabled its brakes. No one was hurt. The experiment in St. Louis was a coordinated hack designed and carried out by Charlie Miller and Chris Valasek, security researchers at Uber’s Pittsburgh-based Advanced Technologies Center. Miller and Valasek sought to prove a point […]

Understand the Nuts and Bolts of Cyber

Answering the growing demand for cyber risk insurance, many carriers have joined the market. But buying a policy for an organization, especially for the first time, can be a confusing process. Not only are insurance carriers inconsistent in the type of coverage they offer, but buying this type of insurance is different than the more […]

Machine Learning May Tip Balance on Cyber

Smart CSOs and CISOs are moving from post-incident to pre-incident threat intelligence. Instead of signature and reputation-based detection methods, they are looking at artificial intelligence innovations that use machine learning algorithms to drive superior forensics results. In the past, humans had to look at large sets of data to distinguish the good characteristics from the […]

Hackers Turn HTTPS to Their Advantage

Encryption is a two-edged sword. Over the past few years, the tech sector—led by Google, Facebook and Twitter—has implemented a form of encryption to help secure virtually all of our online searches, social media banter and mobile apps. When you search for something or use social media online, a robust form of encryption protects your […]

Huge Cyber Blind Spot for Many Firms

There is a large blind spot most organizations fail to recognize and protect—the mobile network. Today, employees use their mobile devices to access business-related information more than ever. According to recent Business Wire research, 72% of organizations have adopted Bring Your Own Device (BYOD) policies to some extent, and an additional 9% plan to do […]

Nigerian Scammers Have a New Target

Nigerian 419 scams have been around seemingly forever, seducing one victim at a time. But now some veteran 419 con men have shifted their focus to targeting small- and medium-size businesses for systematic thievery that pivots off how SMBs have come to rely on email as a payment tool. Classic 419 advance-fee scams trick one […]

Why More Attacks Via IoT Are Inevitable

The massive distributed denial of service (DDoS) attack that cut consumers off from their favorite web haunts recently was the loudest warning yet that cyber criminals can be expected to take full advantage of gaping security flaws attendant to the Internet of Things (IoT). For much of the day, on Friday, Oct. 21, it was […]

First Line of Defense on Cyber Risk

Anonymous theft and abuse of business data is a growing risk for many organizations. Most security initiatives aimed at this problem begin with piecemeal technical controls, such as trying to block and account for things like USB drives or mobile devices with software and policies. However, zeroing in on technical countermeasures first is looking at the problem […]

The Problems With Encryption

Newly released findings from the Ponemon Institute and A10 Networks reveal that nearly half of cyber attacks in the past 12 months used encryption to evade detection and distribute malicious software. These findings challenge how we think about the powerful technology we use to protect privacy, security and authenticity. They also demonstrate very effectively how […]

The Growing Problem of Ransomware

As senior security research engineer at security and compliance automation vendor Tripwire, Travis Smith spends his days studying the chess moves made by cyber criminals on the cutting edge. The hottest, most lucrative criminal activity of the moment is ransomware, the cyber detective says. The most common variant revolves around getting a victim to click […]

Why Connected Cars Are So Vulnerable

Connected automobiles are just like any Internet of Things device, in that they have an identifying address on a network and are susceptible to being targeted. Vehicles are built with several electronic control units (ECUs) that manage such systems as the infotainment setup. These systems require connection to a back end, typically, the automaker, which […]

What to Know About Battling Botnets

The persistent, pervasive badness on the internet is made possible by the existence of a vast, self-replenishing infrastructure of botnets. Cyber criminals go to great lengths to keep their botnets running at high efficiency. ThirdCertainty asked Tim Helming, director of product management at Domain Tools, to outline how and why botnets continue to thrive—and what the […]

Employee Benefits: ID Theft Coverage

Employers looking to dial up the correct mix of benefits to retain valued employees are increasingly including identity theft protection services as a perk. Research firm Willis Towers Watson predicts identity theft protection, offered by 35% of employers in 2015, could double to nearly 70% by 2018, making it the fastest-growing type of employee benefit over […]

5 Things to Know About ‘Hacktivism’

In July 2015, a hacker who goes by the name Phineas Fisher breached an Italian technology company, Hacking Team, that, ironically, sells spying and hacking software tools. Fisher exfiltrated more than 400 gigabytes from the company and declared his motive was to stop its “abuses against human rights.” “That’s the beauty and asymmetry of hacking: With […]

As IoT Expands, Risks Grow Even Faster

Get used to it. The Internet of Things is here to stay. In fact, IoT is on a fast track to make all manner of clever conveniences part of everyday commerce and culture by the close of this decade. Tech research firm Gartner estimates IoT endpoints will grow at a breakneck 32% compounded annual growth […]

Ransomware Threat Growing for Phones

There’s been a scary increase in successful ransomware attacks against large organizations this year. Specifically, hospitals have found themselves at the mercy of hackers who demand ransom payments to unlock critical system files. Recently, there have been signs that these criminals have moved on to universities, too. The University of Calgary admitted to Canadian media […]

How to Measure ‘Vital Signs’ for Cyber Risk

By now, senior directors at most organizations probably are cognizant of the proliferation of network breaches and fully grasp the notion that risk mitigation must be brought to bear. However, cybersecurity practitioners can be notoriously poor communicators. Many lack the jargon-free communication skills to present a clear picture of rising cyber exposures, one that can […]

Firms Must Redefine Cyber Perimeter

The rising business use of cloud services and mobile devices has opened a Pandora’s box of security exposures. Software as a service (SaaS) tools such as Salesforce.com, Gmail, Office 365 and Dropbox, as well as social media sites such as Facebook, LinkedIn and Twitter, are all being heavily leveraged by companies to boost productivity and collaboration. This SaaS […]

Paradigm Shift on Cyber Security

You’ll get no argument from anyone in the global cybersecurity community if you make this statement: “There needs to be a paradigm shift in the way organizations of all sizes view information security.” There are unmistakable signs that such a sea change is underway, driven by intensifying cyber exposures. But organizational change at a macro […]

How to Find Cyber Threats in Real Time

No matter how robust a company’s cyber defenses, the bad guys seem to find a way to get in. And when — not if — they do, it could take weeks, or even months, to detect them and assess the damage. Building off the premise that spending a lot of money “trying to prevent the […]

2 Novel Defenses to Hacking of Browsers

Cyber attackers continue to exploit a significant security gap found in a familiar tool used pervasively in all company networks: the common web browser. Mozilla Firefox, Google Chrome, Microsoft Explorer and Apple Safari all use an architecture that makes it relatively easy for an attacker to embed malicious code on an employee’s computer — and […]

Failures of Two-Factor Authentication

How can a bank — or any organization — become less secure in its attempts to become more secure?  Let me tell you. Security must do two things: protect and enable. If your security doesn’t enable people to do what they have to do, they will inevitably circumvent it, creating all sorts of exception conditions as […]

New Attack Vector for Cyber Thieves

It has become commonplace for senior executives to use free Web mail, especially Gmail, interchangeably with corporate email. This has given rise to a type of scam in which a thief manipulates email accounts. The goal: impersonate an authority figure to get a subordinate to do something quickly, without asking questions. The FBI calls this […]

Cyber, Tech Security Start to Merge

A convergence between the cyber insurance and tech security sectors is fast gaining momentum. If this trend accelerates, it could help commercial cyber liability policies create a fresh wellspring of insurance premiums, just as life insurance caught on in the 1800s and auto policies took off in the 1900s. The drivers of change are substantive. As […]

IRS Is Stepping Up Anti-Fraud Measures

The Internal Revenue Service is taking as long as 21 days to review tax returns, according to research from fraud prevention vendor iovation, a clear sign that Uncle Sam has stepped up anti-fraud measures. Even so, tax return scams that pivot off stolen identity data continue to rise for the third consecutive tax season. The latest twist: […]

How to Eliminate Cybersecurity Clutter

Earlier this year, defense contractor Raytheon spun out the cybersecurity services it had been supplying via Raytheon Cyber Products into a new business entity called Forcepoint. Forcepoint is also composed of security software vendor Websense and next-generation firewall vendor Stonesoft, both of which Raytheon acquired in the past year or so. See Also: Cyber Threats to […]

Chip Cards Will Cut Cyber Fraud — for Now

Visa has released data showing adoption of Visa chip cards by U.S. banks and merchants is gathering steam. But the capacity for Europay-Mastercard-Visa (EMV) chip cards to swiftly and drastically reduce payment card fraud in the U.S. is by no means assured. Just look north to Canada, where EMV cards have been in wide use […]

Spear Phishing Attacks Increase

Spear phishers continue to pierce even well-defended networks, causing grave financial wounds. Spear phishers lure a specific individual to click on a viral email attachment or to navigate to a corrupted Web page. Malicious code typically gets embedded on the victim’s computing device, giving control to the attacker. A recent survey of 300 IT decision-makers […]

Ransomware: Growing Threat for SMBs

Ransomware, a cyber scourge that appears on the verge of intensifying, poses an increasingly dire threat to small- and medium-sized businesses (SMBs) in 2016. In a ransomware attack, victims are prevented or limited from accessing their systems. Cyber criminals attempt to extort money by first using malware to encrypt the contents of a victim’s computer, then […]

Cyber Threats to Watch This Year

2015 was a year in which cyber criminals continued to innovate and expand their activities. As 2016 commences, look for insider threats to take center stage and for leading companies to respond. Meanwhile, cybersecurity and privacy issues will continue to reverberate globally. Here are a few predictions for the coming year: Cyber threats and elections– Threat […]

Expect More Cyber Turbulence in 2016

In February 2015, Anthem, the nation’s second-largest health care insurer, disclosed losing records for 80 million employees, customers and partners. That was followed a few weeks later by Premera Blue Cross admitting it lost records for 11 million people. Then in July 2015, the U.S. Office of Personnel Management began a series of mea culpas. OPM ultimately conceded that hackers […]

Use of Cloud Apps Creates Data Leakage

A large U.S. cable television company recently sought to better understand how its employees were using cloud apps to stay productive. Management had an inkling that workers routinely used about a dozen or more cloud file sharing and collaboration apps. An assessment by CipherCloud showed the employees actually were using 204 cloud services that posed […]

Firms Ally to Respond to Data Breaches

More companies than ever realize they’ve been breached, and many more than you might think have begun to put processes in place to respond to breaches. A survey of 567 U.S. executives conducted by the Ponemon Institute and Experian found that 43% of organizations reported suffering at least one security incident, up from 10% in […]

Scammers Taking Advantage of Google

Some 500 million people use Gmail and Google Drive. I’m one of them. Gmail and Google Drive are wonderful for communicating and collaborating. But it turns out they’re also ideal tools for hacking into your computing device. Bad guys on the cutting edge have discovered this. And their success so far indicates attacks manipulating Google’s […]

Predictive Tech Can Preempt Cyber Threats

In the ever-evolving landscape of cyber threats, for many organizations, simple detection and remediation is no longer enough. Some cybersecurity companies are now going one step further-providing predictive intelligence that can preempt threats. In September, Triumfant became the latest to enter this growing field, through a partnership with Booz Allen Hamilton. “If you’re just offering […]

Third Parties Pose Problems With Cyber

In today’s cyber world, business is done digitally. Trusted cyber relationships between partners must be formed to effectively conduct business and stay at the forefront of innovation and customer service. Having these trusted partnerships comes with a major drawback, however. Look at it from this perspective: If your organization is the target of a malicious […]

The Moneyball Approach to Cyber

It took a while for me to understand baseball: I didn’t get it until someone pointed out that I was watching the game when I should have been watching the season. Much of the game’s strategy snapped into focus — and the differentiation between game-day action and long-term success illustrates key lessons that information security […]

The Need for a Security Mindset

Keeping antivirus software protection current on all company-owned computing devices has become an essential business practice. That’s not a simple endeavor. ThirdCertainty recently sat down with Andy Hayter, security evangelist at antivirus vendor G Data Software, to discuss the intricacies of managing antivirus solutions effectively, particularly in small and mid-sized companies. (Answers edited for clarity […]

How to Keep Malware in Check

Firewalls are superb at deflecting obvious network attacks. And intrusion detection systems continue to make remarkable advances. So why are network breaches continuing at an unprecedented scale? One reason is the bad guys are adept at leveraging a work tool we all use intensively every day: the Web browser. Microsoft Explorer, Mozilla Firefox, Google Chrome […]

Your Device Is Private? Ask Tom Brady

However you feel about Tom Brady, the Patriots and football air pressure, today is a learning moment about cell phones and evidence. If you think the NFL had no business demanding the quarterback’s personal cell phone—and, by extension, that your company has no business demanding to see your cell phone—you’re probably wrong. In fact, your […]

Financial Malware Uses Macros to Infect

A new breed of financially focused malware has cropped up, using new tactics to evade detection and infect harder-to-compromise systems. The Dyre botnet has successfully compromised tens of thousands of victims in North America. Another banking trojan, Dridex, has successfully compromised thousands of systems in Europe and is increasingly targeting companies and users in the U.S. […]

Surveillance Cams: A Hacker’s Delight

It didn’t take much tech savvy for the creator of the website insecam.com to aggregate web links to more than 73,000 live surveillance cameras in 256 countries. The result: Anyone can use insecam.com to tap into any of these webcams and see what they’re pointed at, mostly in commercial properties. Each of these webcams uses […]

Phishers’ New Ruse: Trusted Tech Brands

Most of us don’t think twice about opening and maintaining multiple free email accounts where we live out our digital lives. And we’re getting more and more comfortable by the day at downloading and using mobile apps. Yet those behaviors can harm us. ThirdCertainty sat down with David Duncan, chief marketing officer for threat intelligence […]

Pros and Cons of ApplePay Security

ApplePay, the mobile payments service introduced by Apple in October 2014, could ultimately set the security and privacy benchmarks for digital wallets much higher. Even so, the hunt for security holes and privacy gaps in Apple’s new digital wallet has commenced. It won’t take long for both white hat researchers and well-funded criminal hackers to […]

Data Security Critical as IoT Multiplies

When this century commenced, delivering new technology as quickly as possible, with scant concerns about quality, became standard practice. Consumers snookered into buying version 1.0 of anything were essentially quality-control testers. How soon we forget. As we enter the age of the Internet of Things, companies are pushing out computing devices optimized to connect to […]

How to Measure Data Breach Costs?

Businesses typically have a hard time quantifying potential losses from a data breach because of the myriad factors that need to be considered. A recent disagreement between Verizon and the Ponemon Institute about the best approach to take for estimating breach losses could make that job a little harder. For some time, Ponemon has used […]

Yet Another Data Breach in Healthcare

CareFirst BlueCross BlueShield stepped forward on Wednesday to disclose yet another major breach of a health care insurer, this one affecting 1.1 million people. Hackers accessed a database to steal the names, user names, birth dates, email addresses and subscriber ID numbers of about 1.1 million current and former CareFirst customers and business partners. The […]

Unstructured Data: New Cyber Worry

Companies are generating mountains of unstructured data and, in doing so, unwittingly adding to their security exposure. Unstructured data is any piece of information that doesn’t get stored in a database or some other formal data management system. Some 80% of business data is said to be unstructured, and that percentage has to be rising. Think […]

Fraud: When Mom Is Your Worst Enemy

Mother’s Day is a special time to celebrate all those kisses and hugs, the rides to the mall, the doctors’ appointments, the countless soccer-basketball-baseball games, a special note tucked into a pocket or care package sent to camp. But remember, sometimes it’s what a person doesn’t do that matters, and some moms are just bad […]

‘Smart Cities’ Are Wide Open to Hackers

A monster storm is on a collision course with New York City, and an evacuation is underway. The streets are clogged, and then it happens. Every traffic light turns red. Within minutes, the world’s largest polished diamond, the Cullinan I, on loan to the Metropolitan Museum of Art from the collection of the British crown […]

Cloud Apps Routinely Expose Sensitive Data

An alarming number of cloud-based apps used by enterprise employees don’t encrypt data at rest or require two-factor authentication. And an astounding number of employees are still uploading highly sensitive data to the cloud and sharing files on unsecured platforms, according to the Cloud Adoption Risk Report Q4 2014 from cloud security vendor Skyhigh Networks. Security […]

2015 Is Watershed for Healthcare Hacking

Predictions that 2015 would be a watershed year for stolen healthcare records are bearing out. Health insurer Premera Blue Cross has disclosed that a cyber attack that commenced in May 2014 resulted in exposure of medical data and financial information of 11 million customers. Stolen records included claims data and clinical information, as well as financial […]

Stunning Patterns Found in the Dark Net

One of the most powerful technologies for spying on cyber criminals lurking in the Dark Net comes from a St. Louis-based startup, Norse Corp. Founded in 2010 by its chief technology officer, Tommy Stiansen, Norse has assembled a global network, called IPViking, composed of sensors that appear on the Internet as vulnerable computing devices. These […]

Geopolitical Goals for Healthcare Hacking?

Did China orchestrate the massive hack of Anthem, the nation’s No. 2 healthcare insurer, to steal intellectual property it needs to jump start a domestic healthcare system? That’s one scenario being discussed by the security community and would fit the pattern of not just China, but other nations, stepping up cyber attacks to pursue geo-political […]

Why Medical Records Are Easy to Hack

If hacked credit and debit card account numbers are like gold in the cyber underground, then stolen healthcare records, containing patient information, are like diamonds. Private details such as Social Security numbers, birth dates, physical descriptions and patient account numbers historically have been recorded on paper and stashed away in physical file folders and cabinets. […]

The Dangers Lurking in Public WiFi

Free WiFi access points (APs) are a great convenience for consumers and can be a productivity booster for business travelers. But they also present ripe opportunities for hackers. ThirdCertainty asked Corey Nachreiner, WatchGuard Technologies’ director of security strategy, to outline this exposure. 3C: What risks do consumers and business travelers take when using WiFi services in […]

How HR Can Stop Insider Data Theft

After Edward Snowden’s escapades, how could any company fail to take simple measures to reduce its exposure to insider data theft? Yet large enterprises remain all too vulnerable to insider threats, as evidenced by the Morgan Stanley breach. And many small and medium-sized businesses continue to view insider data theft as just another nuisance piled on to […]

Will 2015 Top 2014 in Security Exposures?

It’s hard to imagine how 2014 could be surpassed as the worst year for massive identity theft and data loss exposures. The news developments of 2014 were relentless and mind-numbing. Heartbleed and Shellshock rose to the fore as two of the nastiest Internet-wide vulnerabilities ever to come to light. Heartbleed exposes the OpenSSL protocols widely […]

Connect With Byron Acohido

  • Auto Insurance
  • Cyber
  • Healthcare
  • Personal Risk Management
  • Uncategorized