Education: CISSP (1996)
Highlights of your career? The Stephen Cobb Guide to PC and LAN Security (1992); The first anti-spam router (2001); Privacy for Business (2002)
Position and history at ESET? Joined ESET: 2011. Current title: Senior Security Researcher
What malware do you hate the most? State sponsored.
Favorite activities? Reading and writing, and some arithmetic.
What is your golden rule for cyberspace? Don’t put anything on the Internet you wouldn’t want your mother to see.
When did you get your first computer and what kind was it? 1982 KayPro II portable computer with dual floppy drives, weighing 26 lbs or 12 Kg.
Favorite computer game/activity? Reading Wikipedia.
The annual Cyber Boot Camp in San Diego aims to develop the skills, mindset, and moral code required defend networks against criminal abuse. Here are just seven of the many lessons students learned at this year’s event.
Every June, a select group of students from high schools and middle schools in San Diego County, California, get five days of intense education in the art of defending computer systems.
Risk analysis is the first step towards managing risks, particularly when it comes to cyber risks. This recorded webinar introduces and explains key concepts, with links to several useful risk assessment tools.
Security research is published in many forms. For example, there are live and recorded webinars that cover a range of cybersecurity topics.
It’s National Small Business Week in the U.S. and, because properly protecting the digital assets of your small business could be vital to its success, here’s a cybersecurity survival guide.
OFAC will soon be enforcing economic and trade sanctions against individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security or economic stability.
Major themes of the 2015 RSA Conference: the degree to which the deployment of digital devices is outpacing our ability to deploy humans with the necessary skills and knowledge needed to secure data and systems.
Lenovo’s installation of a security-breaking app called Superfish on some computers has customers justifiably angry, but some folks are now unnecessarily confused by false positive detection.
Is America’s new Cyber Threat Intelligence Integration Center a step forward? Or a duplication of the National Cybersecurity and Communications Integration Center at DHS?
Tax Identity Theft Awareness Week? Yes, tax ID fraud is a real threat to your finances in America today. Putting your tax refund in jeopardy is just one of the impacts.
January 28 is Data Privacy Day, an international acknowledgment of the importance of privacy in an increasingly data-driven world. The key themes of Data Privacy Day this year are: Respecting privacy, Safeguarding data, Enabling trust.
Blackhat, the hacker movie directed by Michael Mann and starring Chris Hemsworth, could spread awareness of digital threats. If it is a learning opportunity, what are the lessons?
Wearable technology and other health-related devices were big at the 2015 Consumer Electronics Show (CES) earlier this month. This recorded webinar explains why these and related technologies present big challenges for data privacy and security.
Cybercrime: there’s too much of it, and we need to do more to deter it. With the President of the United States now making frequent references to “doing more about cybercrime” now is a good time to look at what steps must be taken.
Cybersecurity and cybercrime are a hot political topic in America these days, but a history of ignoring warning signs suggests a lack of commitment to acting on the rhetoric.
Presenting a recorded webinar that seeks to answer this question: How is the landscape changing for cybersecurity and what do businesses need to know to protect themselves?
Are hacking victims “hacking back”? That question was recently posed in headlines like this one from Bloomberg: FBI Investigating Whether Companies Are Engaged in Revenge Hacking. The Marketplace reporter, Ben Johnson, speculated that 2015 might be the year of “hacking back” when he asked me about revenge hacking.
The recent hacking of Sony Pictures offers valuable lessons in cybersecurity from which every company and consumer can learn.
The Target hack that was revealed one year ago today brought new levels of awareness to the problem of cybercrime. Today we review the case and its impact. To go straight to the lessons learned, click here. The Big One: Target “Nationwide retail giant Target is investigating a data breach potentially involving millions of customer
Home Depot says it was hacked to the tune of 56 million payment cards. What is behind the current wave of cybercrime? This recorded presentation offers answers and some defensive strategies for organizations at risk.
The privacy and security of medical records is a matter of concern to many Americans now that most are now stored electronically, but is there cause for concern? And who is most concerned?
The risks of using government use of malicious code in cyber conflict are examined in this paper by Andrew Lee and Stephen Cobb: Malware is called malicious for a reason: the risks of weaponizing code.
Internet surveillance by America’s National Security Agency (NSA) has been further exposed by two new developments: the analysis of leaked NSA surveillance reports and the XKeyscore targeting code. Will these stories increase the number of Internet users who say they are inclined to reduce their online engagement due to the activities of the NSA and GCHQ.
With EPIC filing an FTC privacy complaint against Facebook, which is already the subject of a Consent Order due to a previous privacy settlement, the social network could be facing a hefty fine for emotion-based manipulation of the Newsfeed for research purposes.
The top three teams from the fifth annual Mayors’ Cyber Cup will attend Cyber Boot Camp at the headquarters of ESET North America for five days of hands-on security training and lectures from IT experts, law enforcement, and career advisors.
Encryption is essential to cyber security today, with encryption of personally identifiable information (PII) being a top priority for organizations large and small, to protect customers and avoid fines and penalties after data breaches.
On the one year anniversary of Edward Snowden’s public revelations of mass surveillance conducted by the U.S. National Security Agency we look back on the impact, even as we face the prospect of more revelations to come.
FBI names as “Most Wanted” the leader of cyber criminal gang based in Russia and Ukraine responsible for both GameOver Zeus and Cryptolocker schemes, as law enforcement agencies crack down on cyber crime infrastructure.
Some users of Apple iPhones, iPads and Macs have been getting strange wake up calls and unsettling messages demanding a ransom for access to their devices. Now is the time to make your i-stuff is locked down, even if you don’t live in Australia.
Welcome to the new ESET blog: We Live Security. In fact, We Live Security is a lot more than a blog: it contains the same great content you have enjoyed on blog.eset.com, but also includes new features and a wider range of content. For example, here’s a podcast talking about the new site, one of
Have you been wondering what trends in security and privacy ESET researchers are predicting for 2014? The following is a sampling, a year-end snack plate if you will, featuring predictions from Aryeh Goretsky, Righard Zwienenberg, David Harley, Cameron Camp, Lysa Myers, and more.
What does the New Year hold for information security, malicious software, consumer privacy and cybercrime? Questions of this mature are posed by journalists toward the end of every year and, beginning about November, answers from security specialists start to appear in print. Indeed, ESET researchers in Latin America published a 20-page white paper on this
Sign up to our newsletter
The latest security news direct to your inbox
Add this code to your site