“What do you mean the backups don’t work? I thought you said backups would save us from a Ransomware incident?” Good backups are the #1 recommendation you will see in all “Ransomware Defence” guides. We have a problem in the industry. These “ransomware guides” are written by people who have never lived through a major Read More
Category: DoD, DDoS, and Denial of Service
Denial of Service Attacks (DoS)
BGP Security Workshop – Safeguarding the Internet’s Glue
BGP and DNS are the two critical protocols that glue the entire global network (the Internet). Without them, the Internet falls apart. The security, resiliency, and integrity Border Gateway Protocol (BGP) holds up the routing of packets end-to-end across the Internet. Threats to BGP systems are life-threatening, disrupting critical infrastructure people depend on for their
Executive Security Leadership – It is Not Hard!
Security Leadership is not hard. CxOs stress over the security threats to their business. A lot of that stress is generated by the press. Common sense Executive practices and leadership principles have guided organizations through extreme security-related business pressures. What guides the organization is obvious, clear the path for the team, trust the team, pull
Meaningful Security Conversations with your Vendors: Can vendors ever provide secure solutions?
It is critical to have meaningful security conversations with your vendors. Operators depend on their vendors to supply products and solutions that are secure. As all operators have experienced, “secure products” is almost always a vendor afterthought. This leads to an operational risk that in some cases turns deadly. In this session, we will explore
Protecting your Domain Names: Taking the First Steps
Protecting your domain names is often overlooked, ignored, and neglected. Everyone and everything on the Internet depends on the Domain Name System (DNS) being functional. The DNS has been a common vector for attacks in recent years. Attacking DNS will continue in the future. The 2019 DNSpionage Campaign and Sea Turtle attacks were wake calls
DNS is Under Attack – the Miscreant’s Offensive Playbook with a Defensive Counter
Our DNS is Under Attack is not something anyone wants to hear. DNS’s critical role known to the miscreants, DDoS Extortionist, DDoS Attackers, and other threat attackers. Taking out DNS is easier than trying to take down a website. Smart miscreants have a playbook of offensive DNS attack techniques that they can use against any
Realities of Today’s DDoS Security Risk
Focusing on the lessons from the 2020 – 2021 DDoS Extortion Campaigns DDoS Extortion will not go away. It is a cyclical International crime that can only be stopped with the DDoS Extortionist are arrested. In 2020, organizations woke up to a new wave of DDoS Extortion activities. These attacks caught organizations with the DDoS
Securing Your Network Using Shadowserver’s Daily Network Reports
Securing your Network using Shadowserver Reports helps organizations learn about this unique public benefit tool. What if there was a public benefit, free to use, security report that provided you a complete overview of your security risk? What if this tool allowed you to see what the bad guys are seeing on your network? What
Conference Talks, Workshops, and Webinars
Barry frequently presents at conference talks, workshops, and webinars. Barry enjoys working with peers to share, empower, and entertain with live interactive sessions. 40 years of public speaking experience is reflected in the list of talks below. Crafted conference talks tuned to the organizer’s audience. The general theme for all the talks is to help
DDoS Attack Preparation Workbook
Internet DDoS Attacks are a force of nature on the Internet. They are like earthquakes, hurricanes, floods, tornados, tsunamis, and all other disasters. Organizations need to prepare for a DDoS Attack the same way they prepare for severe weather and natural disasters. These guides have been crafted based on my personal experience (+25 years of