Author: Richard Blech

The year 2018 saw the opening salvos of a Cold War. One side of the ongoing conflict is information technology companies, civil libertarians, privacy advocates, and academics. The other side is a multi-government coalition largely composed of law enforcement and intelligence agencies (and their private sector support infrastructure). In 2019 we will see that Cold War become hot. The world rarely bears witness to an irresistible force meeting an immovable object. But we’ll soon see a legislative and regulatory juggernaut crash headlong into a technological and civil libertarian mountain. The results will endanger every conventional notion of cybersecurity and distributed…

The role of a Chief Information Security Officer (CISO) revolves around risk.  Specifically, the CISO’s job is to identify, manage, and, where possible, mitigate risks in a manner consistent with the enterprise’s business goals.  The CISO continually evaluates the enterprise’s technical and information assets against the probability and consequence of any given attack, and, based on this quantitative analysis, allocates protective resources to those assets.  The CISO also promulgates, trains, and evaluates the implementation of personnel security best practices, ensuring that employees are thoroughly versed in the identification and avoidance of threats that can lead to a breach. While a…

Within IT, the skills shortage for various positions is fairly well known. There’s a hiring and education push for data scientists, IoT developers, and a host of other positions. An oftentimes overlooked but supremely important shortage is also occurring within cybersecurity. There’s a limited number of qualified people who understand the pressing need for improved cybersecurity and possess the right knowledge about best practices. This specific shortage is not just an inconvenience for companies and HR departments, it’s also a real risk for companies trying to protect their data, patents, and customer databases from breaches. Measuring the Shortage According to…

The looming General Data Protection Regulation (GDPR) poses a significant concern for U.S. firms, given the high standards outlined. The Gartner research predicts less than 50% of all the US companies that will be held to the rules will be fully compliant by the May 2018 implementation deadline. Within the upcoming GDPR requirements, companies will be required to safeguard data within their IT environments, including networks and various cloud resources. In order to fully safeguard their data, they will need strong encryption that covers multiple activities involving files and hardware, everything from sending sensitive content via email or using a…

Google announced a new beta capability on its Cloud Platform Blog: support for customer-supplied encryption keys –  “Bring Your Own Encryption Keys to Google Cloud Platform”  The feature lets users create and hold the keys, determine when data is active or “at rest,” and prevent anyone accessing their “at rest” data. Richard Blech, CEO and Co-Founder, at Secure Channels commented on the Google’s new User Encryption offering. Richard Blech, CEO and Co-Founder, at Secure Channels : “This is a marketing ploy by Google who is implying that using their custom encryption engine allows you, the consumer, to control your own encryption key(s) for Google’s…

Richard Blech, encryption security expert and CEO of Secure Channels commented on Wall Street Journal report on “Cryptographers Fight FBI on Mobile Security” Richard Blech, Encryption Security Expert and CEO of Secure Channels : “At the end of the day the FBI are behind a rock and a hard place. The government agencies are trying to stay ahead of other crimes not involving cyber-crime. You cannot have a backdoor that only the “good guys” can use, it will be exploited by the bad guys. Unfortunately, sensitive data is vulnerable if the agencies are left a backdoor, When all conversation fails,…

Richard Blech, CEO & Co-Founder, Secure Channels, on today’s news that a CIA-backed tech company found on the Web logins and passwords connected with the DOE, DoD, Dept. of Justice, Dept. of the Treasury, the CIA and the Director of National Intelligence. Richard Blech, CEO & Co-Founder, Secure Channels: “This is further demonstration of catastrophic, systemic failure.  And what will the hackers ultimately do with these credentials?  They will of course use them for secondary breaches with far greater implications.  Sooner or later, and it unfortunately appears that it will be sooner, highly organized, deeply funded hackers going to use these credentials to gain very…