Posts By Jean-Paul Bergeaux

Jan 14, 2015 By Jean-Paul Bergeaux In Blog

There’s a Dirty Little Secret of Virtual Appliances

Nearly all innovative products start as appliances.  There are many good reasons for this, but two stand out.  One is that an appliance controls the environment the product has to live in.  This saves a significant amount of quality assurance testing against multiple different types of environments, but more importantly ensures that the...

Read More

Jan 08, 2015 By Jean-Paul Bergeaux In Blog

Phishing over the phone?

The other day I got a call from a man who, in broken English, said to me, “You are being hacked right now!” I knew right away what this was, but I thought I’d play it out a bit.  I said, “Right now?  As we’re talking?” “Of course, yes,” he said, claiming he worked for “Microsoft Windows” and that my PC was sending him...

Read More

Dec 23, 2014 By Jean-Paul Bergeaux In Blog

Lessons from recent news in cyber security (Part 2)

Last week I established the need to really get Email phishing under wraps.  This needs to be attacked from both from a technology perspective and from a user perspective.  The first step is getting your senior management–beyond the security team and even beyond the CISO–on board with more intensive user education and training .  If senior...

Read More

Dec 09, 2014 By Jean-Paul Bergeaux In

Lessons from recent news in cyber security

The recent news surrounding cyber security has been hard to keep up with. Just a few examples include the discovery of the ShellShock vulnerability, breaches at Home Depot, Kmart and Dairy Queen, and APT (Advanced Persistent Threat) operations believed to be executed by nation-states, such as Operation Archangel* and Operation SandWorm. And...

Read More

Nov 25, 2014 By Jean-Paul Bergeaux In

Is Your Agency Ready for Cyber Analytics?

According to the U.S. Computer Emergency Readiness Team (US-CERT), in 2013, federal agencies were the target of 46,160 cyber attacks – an increase of 33 percent over the previous year. The growing sophistication of cyber threats against government agencies underscores the need for a more proactive defense posture. GovExec, in partnership with...

Read More

Nov 11, 2014 By Jean-Paul Bergeaux In

Cyber espionage is getting real. And public.

In the last week, cyber espionage went from whispered but unconfirmed stories to publically confirmed incidents of national significance. Three major breaches of the Federal Government have been revealed in the news lately, first by DHS, then the White House and now USPS.  In the past, these types of hacks were only rumors in the intelligence...

Read More

Sep 30, 2014 By Jean-Paul Bergeaux In Blog

Public Cloud Usage for Federal agencies – The Three Most Compelling Use Cases

Federal use of cloud resources has begun to mature, and with this maturity Federal organizations have started to hone-in on the best uses of private and public cloud resources for them.  While private clouds have had strong adoption, with the environment more-or-less completely under the control of the agency, it is only recently that the most...

Read More

Sep 25, 2014 By Jean-Paul Bergeaux In

Patch your BASH systems NOW!

A new vulnerability that NIST has now identified as CVE-2014-6271 is being compared to Heartbleed for severity and scale. The name “SHELL SHOCK” is being thrown around as a nickname and it was originally posted on seclists.org here and here. The ramifications are much larger than the simple identification as security expert Kenn White...

Read More

Aug 22, 2014 By Jean-Paul Bergeaux In Blog

DHS, OPM Suspend Work with Government Contractor Suffering Cyber Breach

With targeted state sponsored “sniper” [http://cyberattackdefenders.com/blog/the-wmds-and-snipers-of-todays-cyber-wars/] attacks growing more common, the mass spray of unsophisticated botnets is merely a distraction in today’s cyber security war.  At SwishData, we’re focused on helping organizations defend against targeted “sniper”...

Read More

Aug 07, 2014 By Jean-Paul Bergeaux In Blog

Relief for the Overworked Cyber Warriors

The cyber warrior community is filled with lots of innovative tools to take on the bad guys. I’m sure they would admit that they have some problems. What’s your problem? I hear a lot from customers that the biggest concern is the cross-comparing threats across different tools. Double Trouble In most Security Operations Centers (SOCs), if...

Read More