Monday, October 16, 2017

Like water for flowers

Legend says that there was a boy who had always wanted to live in a house full of plants and flowers. He bought and bought until he had the house full of pots. It was beautiful; it looked like a tropical garden. But in a few days the leaves became dry and whitered, and every week the plants died. Worried, he went down to the flower shop and asked the clerk who asked, "How many times do you water them? And he replied, "Water? No one had told me to water them."

In cybersecurity world all businesses want a lush garden, with fertile trees and abundant flowers. But many forget that there´re basic needs that require broader strategies than had hitherto. In the interview of the week we talked about David Mahon, Executive Director of Strategy at CenturyLink.


Friday, October 13, 2017

In times of crisis

Experts say that in times of crisis new opportunities arise and that not everything is dark clouds. It appears some clear if one stops for a while to think. Many of the companies we know today have been born in times of recession. Divorces go down and reconciliations grow. The repair shops are full. The birth rate rises. The sales last all year round. There is always some way to peer out some gleam of light in the dark days.


But while half the world is trying to see the positive side of a crisis, the other half tries to profit from the misery of others. In situations of chaos there is always someone who knows how to capitalize. The world of cybersecurity is not in crisis but it´s true that it receives many attacks and every day come to light new terrible news about large companies that have not been able to protect themselves enough. During this week, several have been the cases that have benefited from this time of instabilities.


Wednesday, October 11, 2017

Heart trouble

Imagine the scene: you feel chest pain and one day, going to work, you fall collapsed in the middle of the sidewalk. There is no doubt, it´s a heart attack. After the incident, and after listening carefully to the recommendations of your doctor, you decide to incorporate sugary drinks into your diet, start smoking and go to the amusement park on your day off. Because the risk is there but, why are we going to pay attention to the recommendations? It may seem crazy but, to this day, this is what happens with many companies and cybersecurity.


Today is the one-year anniversary of the most famous DNS attacks. Just a year ago the Dynamic DNS server received a massive attack that left large platforms like Netflix, Airbnb, Amazon, CNN, New York Times, Twitter and several more inaccessible. This attack drew attention to what was already a reality: most companies had inadequate defenses in terms of DNS. Once this was done, hope was set for the change, but thanks to the study of the week, it´s disconcerting to see that, despite what the "cybersecurity doctors" recommended, the companies decided to continue taking risks.


Monday, October 9, 2017

Beyond criticisms

As Bill Gates said "We all need people to let us have feedback. That's how we can improve”. It's easy to say but criticism, while constructive, is not always as easy to hear as it sounds. However, the best way to grow and improve is to know how to fit the contributions of others. In the interview of the week we talked about David Shearer, CEO in (ISC) 2. For those who don´t know it (ISC) 2 is the world's leading institute dedicated to the education and certification of professionals in Information Security and Cybersecurity. Being a great institution is not surprising that they also face criticism, the difference is that they know how to manage it correctly.


In the networks they are still talking about the Annual Congress held by the (ISC) 2 from 25 to 27 September. The event has been a success but, not everything is great and it has faced numerous criticisms during the last few years. The main reproach lies in the repetition of themes, becoming for some a repetitive and redundant event. But Shearer doesn´t flatter himself and despite being clear about success, his voice doesn´t shake when he says he knows there are things to be improved: "We have to build better bridges between CTO and CIO communities, which are not considered as such in the cybersecurity sector. We have to get ahead of their vision by learning how things are done. We need to start taking part in your conferences". And today, the size of the audience is not as important as its diversity.


Friday, October 6, 2017

Stay afloat

April 10, 1912, Southampton. The harbor was full of people, no one wanted to miss the largest ship in the world. And no one knew the tragic end that was coming to "the unsinkable transatlantic." Yes, we´re talking about the Titanic. Even the most prepared boat can fail if security is not ready and a little prudence makes its appearance.

There are cases in which in spite of having sunk the ship still bubbles from the bottom of the sea. We have had a couple of months with a couple of cases that can´t disappear from our navigation map because there´s always something new that comes out afloat. We talk about Yahoo being on the news this week after its attack occurred in 2013, Equifax signing a multimillion dollar contract despite its leakage or the health sector that finally seems to be taken seriously. But when all these cases begin to be repetitive, it is better to remember that there´s nothing like seeing the next one stumble to not fall into the same stone.