Brian Kime

Today, Microsoft announced that it has acquired Waltham, Massachusetts-based internet-of-things (IoT) and industrial control system (ICS) security vendor CyberX. While the purchase price was not disclosed, media reports are speculating that the purchase price was somewhere between $150–$165 million. Founded in 2013, CyberX has raised $48 million in venture capital, so this deal provides a good return to investors. CyberX’s core solution can monitor IoT and ICS environments […]

It is long overdue to secure the United States’ bulk power system supply chain. As early as 2007, researchers demonstrated how digitization of power systems introduces vulnerabilities that can cause physical damage. In 2015, intruders, likely sponsored or directed by the Russian government and known colloquially by the name Sandworm, breached multiple Ukrainian electric utilities and shut off power for hundreds of thousands of […]

Security awareness testing for employees should be realistic. Yet those overseeing phishing drills should be careful when using coronavirus-related messaging.

RSA Conference is an incredible opportunity for vendors to showcase their products and services to the security and risk community. Vendors, my shopping list does not include vaporware or snake oil. Everyone attending knows the internet is a scary place and threats are around every digital corner. Skip the scary statistics, and tell me how […]

Crystal City again hosted the eighth SANS Cyber Threat Intelligence Summit, with several hundred attendees. CTI Summit cochairs Rick Holland, Rebekah Brown, and Katie Nickels again planned a fun, entertaining, and very educational two-day event for threat intelligence professionals from around the world. If you’re a cyber threat intelligence analyst or vendor, I encourage you to attend and submit a presentation idea for 2021. CTI […]

The recent news concerning the hacking of Amazon CEO Jeff Bezos’ mobile phone demonstrates that corporate executives are perfectly legitimate collection targets for governments. Powerful individuals should expect to be targets of criminals, activists, and governments. Furthermore, anyone in failing relationships could be a target for a partner installing “stalkerware.” To address these emerging threats, […]

This month, I joined Forrester’s security and risk research team as a senior analyst covering cyber threat intelligence, digital risk protection, vulnerability management, and industrial control system (ICS) security. I am excited about joining the team and expanding Forrester’s existing research in threat and vulnerability management and securing the control systems that keep our manufacturing facilities, critical infrastructure, and communities safe and productive. In my opinion, […]