Education: CISSP (1996)
Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)
Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher
What malware do you hate the most? State sponsored.
Favorite activities? Reading and writing, and some arithmetic.
What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.
When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.
Favorite computer game/activity? Reading Wikipedia.
Wearable activity tracking devices like those made by Fitbit were one of the hottest gifts this past holiday season and it appears criminal hackers were paying attention, ESET’s Stephen Cobb reports.
At a recent conference on “the future of wearables” I was asked to speak about security. I think my presentation surprised some people because I didn’t focus on the security of wearable devices themselves. This article summarizes what I said, with a link to my slides and some free resources you might find helpful. For
Virus Bulletin 2015 in Prague could be the biggest ever, a great place to discover the latest developments in malware protection and information security, and address issues like the infosec skills gap.
The Ashley Madison data breach has created fresh cybersecurity threats for all organizations. A company response plan is needed. Here’s what you need to know.
The cybersecurity skills gap is a security problem and in the US the National Initiative For Cybersecurity Education (NICE) is seeking to reduce that gap.
It’s not all about crashing cars and hacking guns: what’s hot at Black Hat 2015 USA (#BHUSA) and how to get the most from the event.
Recent aggressive hacks on companies underline the need for good risk analysis, situational awareness, and incident response. Just ask AshleyMadison, Hacking Team, and Sony Pictures.
As the cost of fixing security mistakes in Jeep Chrysler Dodge vehicles mounts, so does the need for manufacturers to weigh cybersecurity risks in the product development process, alongside features and benefits.
Information security could use some good news right now, something to offset the string of bad news about data breaches and system vulnerabilities; so how about this: “Cyber Criminal Forum Taken Down, Members Arrested in 20 Countries”.
Teaching computer security to highly motivated students at Cyber Boot Camp reveals a lack of basic computer science education in California Schools.
The annual Cyber Boot Camp in San Diego aims to develop the skills, mindset, and moral code required defend networks against criminal abuse. Here are just seven of the many lessons students learned at this year’s event.
Every June, a select group of students from high schools and middle schools in San Diego County, California, get five days of intense education in the art of defending computer systems.
Risk analysis is the first step towards managing risks, particularly when it comes to cyber risks. This recorded webinar introduces and explains key concepts, with links to several useful risk assessment tools.
Security research is published in many forms. For example, there are live and recorded webinars that cover a range of cybersecurity topics.
It’s National Small Business Week in the U.S. and, because properly protecting the digital assets of your small business could be vital to its success, here’s a cybersecurity survival guide.
OFAC will soon be enforcing economic and trade sanctions against individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security or economic stability.
Major themes of the 2015 RSA Conference: the degree to which the deployment of digital devices is outpacing our ability to deploy humans with the necessary skills and knowledge needed to secure data and systems.
Home Depot says it was hacked to the tune of 56 million payment cards. What is behind the current wave of cybercrime? This recorded presentation offers answers and some defensive strategies for organizations at risk.
The privacy and security of medical records is a matter of concern to many Americans now that most are now stored electronically, but is there cause for concern? And who is most concerned?
The risks of using government use of malicious code in cyber conflict are examined in this paper by Andrew Lee and Stephen Cobb: Malware is called malicious for a reason: the risks of weaponizing code.
Internet surveillance by America’s National Security Agency (NSA) has been further exposed by two new developments: the analysis of leaked NSA surveillance reports and the XKeyscore targeting code. Will these stories increase the number of Internet users who say they are inclined to reduce their online engagement due to the activities of the NSA and GCHQ.
With EPIC filing an FTC privacy complaint against Facebook, which is already the subject of a Consent Order due to a previous privacy settlement, the social network could be facing a hefty fine for emotion-based manipulation of the Newsfeed for research purposes.
Sign up to our newsletter
The latest security news direct to your inbox
Add this code to your site