The two main problems with signature and heuristic based anti-virus is the mutating hash and the fact that you first need a victim in order to obtain the signature. James Scott, Senior Fellow, Institute for Critical Infrastructure Technology James Scott More Quotes by James Scott More Quotes From James Scott E-Voting machines are nothing more than dilapidated, barebones PCs with zero endpoint security. James Scott Hacking a national election is simple. Exploit a vulnerability in the manufacturer's network, poison the tabulation software update with self-deleting malware and let the manufacturer send to their field reps and election consultants who update the election systems. James Scott I watch Fox news for the comedy, MSNBC when I need to be reminded that mind midgets exist and CNN when I want to check out the latest in media lies and special interest propaganda. On the other 364 days of the year I read the American transcendentalists, David Hume, Rene Descartes, Immanuel Kant, Niccolo Machiavelli and Diogenes of Sinope. James Scott It's time to wake up and smell the Mutating Hash! Signature Based Malware Detection is Dead James Scott James Scott, ICIT, Senior Fellow, Institute for Critical Infrastructure Technology, Cybersecurity , America , Hegelian dialectic style manipulation , society James Scott Real cybersecurity means that your Security Operations team is consistently pen testing your network with the same stealth and sophistication as the Russian nation state, the same desperation as China’s 13th Five Year Plan, the same inexhaustible energy of the Cyber Caliphate and the same greed and ambition for monetary payoff as a seasoned cyber-criminal gang. James Scott Security by design is a mandatory prerequisite to securing the IoT macrocosm, the Dyn attack was just a practice run James Scott The day an organization realizes they’ve been hacked they’ll hire a forensic team to analyze the network only to identify the reality that they were hacked months or years ago, they just didn’t know it. James Scott The most successful attacks by more sophisticated hackers tend to be strategically “indirect”. Why risk attacking Target directly and getting caught. Just hack the HVAC contractor and use their access to Target’s network James Scott There has been a failure in moral courage by the technologically astute to step in and lead, selflessly. There's always a product pitch at the end of whitepapers. We need to remove the product pitches and replace it with objective and viable action steps James Scott There needs to be a reset in cultural values to become more cyber hygienic and security-centric in regards to virtual connectivity James Scott We’re talking about the fate of our economy and the questionable resiliency of our Nation’s critical infrastructure. Why are experts so polite, patient, and forgiving when talking about cybersecurity and National Security? The drama of each script kiddie botnet attack and Nation State pilfering of our IP has been turned into a soap opera through press releases, sound bites and enforced absurdity of mainstream media. It’s time for a cybersecurity zeitgeist in the West where cyber hygiene is a meme that is aggressively distributed by those who have mastered it and encouraged to be imitated by those who have experienced it. James Scott When flimsy cyber defense fails, Format Preserving Encryption prevails James Scott Why all this fear and paranoia around Vault 7 and WikiLeaks? Solve the problem by demanding regulation that centers around Security by Design by technology manufactures, problem solved James Scott You'll have the right to be angry about Vault 7 only after you boycott dragnet surveillance data providers like Google, Microsoft, Skype, Facebook and LinkedIn. The true threat is coming from the private sector surveillance profiteers. James Scott Security-by-design is an indispensable prerequisite to the establishment of vital critical infrastructure resiliency. Each device vulnerable to adversarial compromise, inflates and bolsters the exploitable cyber-attack surface that can be leveraged against targets, and every enslaved device grants adversaries carte blanche access that can be utilized to parasitically entwine malware into organizational networks and IoT microcosms, and that can be leveraged to amplify the impact and harm inflicted on targeted end-users, organizations, and government entities James Scott A CISO's job is to streamline, harmonize and propagate cybersecurity and cyber hygiene throughout the organizational IoT microcosm and staff James Scott A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network. James Scott A vulnerability in an organization's IoT microcosm is a taunt to exploit by malicious hackers. James Scott After Congress passed SJ Res 34, we are no longer merely battling a cyber-kinetic war on all fronts, we are now in a state of perpetual cyber-kinetic-meta war, and there will be no end. James Scott
