Walking the Tightrope of Security and Usability
Here at the RSA Conference 2016, the theme this year is Connect to Protect. It is a fitting theme for a gathering of security professionals, given the widespread adoption of...
Encryption
RSA Conference Brings Privacy out of the Shadows
As RSA Conference 2016 draws near, I’m excited to see that privacy is at last getting its day in the sun. This topic has often seemed like an after-market...
Hiding in Plain Sight: Malware’s Use of TLS and Encryption
Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP
Cisco Next Generation Encryption and Postquantum Cryptography
Cisco developed Next Generation Encryption (NGE) in 2011. NGE was created to define a widely accepted and consistent set of cryptographic algorithms that provide strong security and good performance for our customers. These are the best standards that
File Security With the Click of a Button
Securing our digital lives used to be simpler. Up until a few years ago, we primarily used email as a means for transferring or exchanging files between two parties. A handful of companies emerged to provide email encryption for those who needed it.
Open Sourcing FNR an Experimental Block Cipher
Traditional block ciphers work on fixed blocks of data—as an example, AES is well-defined for 128/192/256 bits. But one of the issues is the need for padding—so if you need to encrypt small amounts of data you may end with a huge difference in input
Taking Encryption to the Next Level: Enrollment Over Secure Transport Strengthens Adoption of Elliptic Curve Cryptograph
Enrollment over Secure Transport (EST) is a new standard (RFC7030) designed to improve the lifecycle management of digital certificates, a key element for secure communications. Cisco Engineer Max Pritikin coauthored the EST standard. We’re very
Safety first, business second, security none?
Based on 25 years of professional experience in various businesses around the globe, I can say that many industry verticals have a pretty good state of safety culture as it relates to the health and safety of their employees. This is especially true
Detecting Payment Card Data Breaches Today to Avoid Becoming Tomorrow’s Headline
A few months ago we discussed the various ways that consumer PII is compromised. The recent attacks against Target and Neiman Marcus illustrate the constant threat that payment card accepting retailers of all sizes face. Yesterday Reuters reported