LADIES, here’s one for you: Diversity, or the lack thereof, in the cybersecurity field is not a new concern.
According to statistics from the US-based International Information System Security Certification Consortium (ISC²), a non-profit industry education and certification body, only a 10th of cybersecurity professionals in the world are women.
Important security research into hackable surveillance cameras has been quashed by a legal threat. Gianni Gnesa, a consultant at the Swiss cyber-security company, Ptrace Security was due to give a lecture on Thursday at Singapore's Hack in the Box conference. And he would have too, if his research didn't reveal that some of IP surveillance cameras have considerable vulnerabilities in them.
Thousands of routers mandated for use by a major Singaporean telco and operated by 'top enterprises" around the world are open to a remote zero day exploit that allows routers to be completely hijacked and is indefensible by most users.
Vantage Point Security senior security consultant Lyon Yang does not wish to disclose the name of the affected internet provider but says the ZHONE routers are required for subscribers to be able to connect to the service.
BECOMING a penetration tester – or a ‘hacker’ in less polite company – is a rare thing in this part of the world, as Asian parents often push their children to become doctors, engineers or bankers.
This makes Lyon Yang (pic above), senior security consultant with Vantage Point Security, pretty much an outlier.
With apologies to George R. R. Martin, the drama around legitimate security research is starting to rival anything the Starks, Lannisters and Targaryens could muster.
Hardly a month goes by without some white-hat bug hunter wedged between a vendor or government threatening legal or regulatory action against disclosures that would serve only to make something more secure. Clearly some points on this vendor-researcher-policymaker triangle just don’t get that subtlety.