Quotes About Security

Before the war on terror, the U.S. military had a well-earned reputation for the humane treatment of prisoners of war.

There were more than 1,200 government organizations and nearly 2,000 private companies working on counterterrorism, homeland security, and intelligence programs, the Washington Post found in 2010, and more than 850,000 people in America had top-secret clearances, producing 50,000 intelligence reports a year. The U.S. intelligence budget alone has at least doubled since 2001, and by 2013, stood at more than $70 billion a year,

Since 9/11, there's been a huge spike in biodefense spending, resulting in a slew of new Level 4 labs popping up across the country.

Sigma was started to protect and maintain the technological superiority of the United States.

The truth is often one's best shield.

We'll get security when people decide it's important enough. They say it's important, but the evidence is people don't think it's important enough to pay for. If it's important enough, vendors will pay attention to it. It doesn't matter what people say if they're not willing to spend extra for it, cash and cycles and memory and things like that.

He who is firmly seated in authority soon learns to think security, and not progress, the highest lesson in statecraft.

What a sense of security in an old book which time has criticized for us!

The gaping wound in America's national security is without a doubt, the unregulated dragnet surveillance capitalists.

A Nation State or Cyber-Mercenary won't hack e-voting machines one by one. This takes too long and will have minimal impact. Instead, they'll take an easier approach like spear phishing the manufacturer with malware and poison the voting machine update pre-election and allow the manufacturer to update each individual machine with a self-deleting payload that will target the tabulation process.

A single spear-phishing email carrying a slightly altered malware can bypass multi-million dollar enterprise security solutions if an adversary deceives a cyber-hygienically apathetic employee into opening the attachment or clicking a malicious link and thereby compromising the entire network.

A vulnerability in an organization's IoT microcosm is a taunt to exploit by malicious hackers.

After Congress passed SJ Res 34, we are no longer merely battling a cyber-kinetic war on all fronts, we are now in a state of perpetual cyber-kinetic-meta war, and there will be no end.

America's treasure troves of public and private data, IP, and critical infrastructure continues to be pilfered, annihilated, and disrupted, while an organizational culture of 'Participation Trophy Winners" managed by tech neophyte executives continue to lose one battle after the next.

Cyber hygiene, patching vulnerabilities, security by design, threat hunting and machine learning based artificial intelligence are mandatory prerequisites for cyber defense against the next generation threat landscape.

Cyber warfare is as much about psychological strategy as technical prowess.

E-Voting machines are nothing more than dilapidated, barebones PCs with zero endpoint security.

Few critical infrastructures need to expedite their cyber resiliency as desperately as the health sector, who repeatedly demonstrates lackadaisical cyber hygiene, finagled and Frankensteined networks, virtually unanimous absence of security operations teams and good ol' boys club bureaucratic board members flexing little more than smoke and mirror, cyber security theatrics as their organizational defense.

Medical devices and EHR systems are notoriously vulnerable to remote compromise

Most IoT devices that lack security by design simply pass the security responsibility to the consumer, thus, treating the customers as techno-crash test dummies. James Scott, Senior Fellow, Institute for Critical Infrastructure Technology

Security by design is a mandatory prerequisite to securing the IoT macrocosm, the Dyn attack was just a practice run

Senator Markey's Cyber Shield Act can work! Start the conversations with the basics: Use a QR code that attaches to a dynamic database that runs an artificial intelligence algorithm to calculate the score. Let's not make this more difficult than it is.

The day an organization realizes they've been hacked they'll hire a forensic team to analyze the network only to identify the reality that they were hacked months or years ago, they just didn't know it.

The Frankensteined architectonic IoT microcosm of the prototypical critical infrastructure organization renders an infinite attack surface just begging to be exploited.