Paranoid Technology All things cybersecurity


Security Predictions (& Resolutions) for 2020

Our predictions from 2018, were still valid for 2019, so we skipped a year 😉 Since the decade has come to a close, sharing predictions for 2020 and beyond seems in order… starting with a strategic view of the trends and emerging business problems affecting CISOs today…

Predictions for 2020
1. Year of the IoT CISO – we did not reach Gartner’s 20 billion connected devices by 2020, but we are almost there… The attack surface is increasing rapidly – from personal wearables to medical devices to connected cars to toasters and more – as the proverb goes “where there’s entropy there is chaos” 😉 At least initially…


7 Scary Security Predictions (& Resolutions) for 2018

Information security has become a source of fear and uncertainty for many organizations, so this year’s scary security predictions are backed up by recommended New Year’s resolutions. If you’re unsure of how to action this advice, just talk to us.

  1. Artificial intelligence (AI) is dead, long live artificial intelligence – AI is an overused term and hard to achieve; the early stages of AI are mostly machine learning and a long way from nirvana. Information security leverages machine learning to detect and understand complex patterns of machine-2-machine (m2m) and machine-2-human (m2h) interaction. Machine learning outputs will be fed to decision support solutions, driving automated outcomes via complex workflow engines. Before this vision can be realized, full integration of security operations automation is needed. Right now the market remains fragmented and solves for specific problems; the vision is to create solutions that address security’s complexity while integrated with the many facets of business operations. Before making the move to “AI”, it’s important to get your own house in order:

No more Safe Harbor … now what?

evacuation-route-signThe recent EU ruling on Safe Harbor has US companies who do business in Europe scrambling to figure out what this means to their business, what the future holds, and where to go from here. Here’s a quick run down on what happened, how this came about, and what the implications are for your organization.

On October 6, 2015 the European Court of Justice (“ECJ”) invalidated the 15-year-old Safe Harbor program: a policy framework that allows US-based companies to freely transfer data between continents if they demonstrate compliance with an agreed-upon set of data protection principles. Austrian privacy activist Maximillian Schrems had challenged Facebook’s transfer of European users’ data to its American servers, citing the Snowden case and accusing Facebook of aiding US espionage efforts. And he won.


How Does Encryption on the Cloud Work?

There are two types of encryption on the cloud; server and client side.

Client side encryption is cumbersome (well security is not about convenience anyway...), it adds multiple steps for storing and viewing data, not to mention the time it takes to encrypt. Initially the service providers did not offer server side encryption, so everybody had their data stored in the clear...  In time with the regulatory requirements the companies that under the gun pushed for server-side (at-rest) encryption for their data and the cloud service providers had to react to this demand, the key criteria in


To the Cloud… or Not?

Even though it is based on an older technology (virtualization) with the advancements in computing hardware technology, the cloud became one of the hottest things on the Internet. It is cloud this, cloud that; the one that gets me the most is Microsoft's "to the Cloud" commercials.  The cloud is portrayed as a magical place where things happen by itself. What the.... ??!!

It is not so magical from a consumer’s standpoint, but from the infrastructure point of view it is like the Matrix within the Internet; it makes computing resources appear, disappear making computing more streamline and dynamic.