If Chinese hackers were rummaging around WHOI, what would they have been looking for?
Kevin Wolf, assistant secretary at the Commerce Department:
We have no idea what we are going to do.
Mark Foulon, Former Undersecretary of Commerce:
It has become clear that Internet access in itself is a vulnerability that we cannot mitigate. We have tried incremental steps and they have proven insufficient.
The budget to support the US government's cybersecurity efforts is $14 billion for fiscal 2016, about 10 percent more than the $12.5 billion the government budgeted for 2015. Despite this increased spending, the US is still vulnerable to attack.
In 2014, American venture capitalists poured $1.77 billion, a record amount, into private security start-ups, topping the previous record of $1.62 billion invested in 2000, at the height of the dot-com bubble, according to Dow Jones VentureSource.
[Within five years] it will be impossible to get security certification if you're not running in the cloud ...
Daniel Thomas, Alastair Beresford, and Andrew Rice:
The market for Android security today is like the market for lemons. There is information asymmetry between the manufacturer, who knows whether the device is currently secure and will receive security updates, and the customer, who does not.
When you say the word 'wormable' to a crisis manager, it activates some latent response DNA.
In case you need an OpenSSL anecdote to scare your co-workers with ...
It's a good time to be in a fear-based industry.
Hacking impudent opponents doesn't come cheap.
Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state. To protect the integrity of our methods and processes, we often won't be able to explain how we attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion.