After a successful PhD defence in Leiden, the Netherlands.

At the office.

With Rod Beckstrom (on the left), former president of ICANN, at the ICANN meeting in Prague.

Blog

FinCEN BEC attacks report: Analysis

The Financial Crimes Enforcement Network (FinCEN) is a U.S. government institution responsible for collecting and analyzing financial information with the aim of combating financial crimes. In 2016, FinCEN issued an advisory to financial institutions on business email compromise (BEC) fraud. On the 16th of July 2019, FinCEN updated the 2016 advisory. In this article, we’ll examine the five main points of the updated advisory, namely, (i) the changes in the operational definitions of email compromise fraud, (ii) the inclusion of references to other victims of BEC,...
Read more 0

Can We Expect a U.S. Federal Consumer Privacy Law?

The EU General Data Protection Regulation (GDPR) came into effect on the 25th of May 2018. Shortly afterwards, the EU data protection authorities received more than 95,000 complaints from citizens. EU consumers became more willing to transact with EU businesses because they have the legal means to enforce their privacy rights. Thus, the enhanced privacy protection provided by the GDPR benefits both consumers and businesses in the EU. If you would like to read the entire article, please click here....
Read more 0

How to ensure Windows Server is GDPR-compliant

The General Data Protection Regulation (GDPR), an EU law regulating the processing of personal data, came into force on May 25th, 2018. Organizations who breach the GDPR may be subject to fines of up to 20 million euros or 4% of their annual global revenue turnover. Taking into account the importance of the GDPR and the severe sanctions, Microsoft has put forth new efforts to ensure compliance with the new law. According to Brad Smith, Microsoft’s president, Microsoft used the services of more than 1,600 of...
Read more 0

5 Common Myths About the GDPR

The EU General Data Protection Regulation (GDPR) entered into force on the 25th of May 2018. Since that time, companies have spent billions of dollars to ensure compliance with the new law. Just the top 500 U.S. companies spent about $7.8 billion to comply with the strict requirements of the GDPR. Despite the extensive media coverage of the GDPR, many myths still surround this rather new EU law. In this article, we discuss five of them. Myth 1: GDPR is an EU law that does not...
Read more 0

What do Linux system administrators need to know about the GDPR?

The General Data Protection Regulation (GDPR) is a European Union law that applies not only to EU companies, but also to all companies collecting and processing the personal data of EU residents. The sanctions for breaching the GDPR are enormous (up to $24 million or 4% of the annual global turnover, whichever is greater). It is not a coincidence that the U.S. top 500 companies are expected to spend $7.8 billion to comply with the GDPR. In this article, we will provide a brief overview of...
Read more 0

Is Kleros a Fair Dispute Resolution System?

Kleros' approach to arbitration is radically different to traditional court systems and alternative dispute resolution methods. Relying on cryptoeconomics, it provides crowdsourced jurors the incentive to arbitrate on various types of disputes. The goal is to bring fast, affordable and secure resolution to a number of disputes native of the Internet Age. Kleros promises to transform the field of dispute resolution in a way similar to how Wikipedia revolutionized encyclopedia publishing. Back then, few people expected that an encyclopedia written by anonymous people on the Internet could...
Read more 0

GDPR Trolls

Patent trolls are not a new phenomenon. They buy patents for the sole purpose of extorting and suing companies. Since patent-related litigation proceedings are complex and time-consuming, the fees for defending a patent claim in court proceedings may exceed one million U.S. dollars. Therefore, many legitimate companies (especially startups) prefer to pay the requested settlement fees instead of defending their rights. According to CNN, just within the period 1990 – 2010, patent trolls cost investors 500 billion U.S. dollars. Patent trolls can target a limited scope...
Read more 0

Consequences of the Late Announcement of Cyber-security Incidents

Cyber-security attacks that are becoming more and more common among various types and sizes of organizations may have serious effects on electronic communication networks, provision of services, and national security. Although significant breaches that affect many users or extensively disrupt the functioning of an organization usually receive extensive media coverage, smaller security incidents may remain unreported to the public. This can occur because of several reasons. For example, the affected organization may become aware of the incident later, it considers the incident insignificant (e.g.,...
Read more 0

Tips for Drafting Efficient Employee Information Security Policies

Employee information security policies impose obligations on employees of organizations which aim to reduce the risks of cyber-attacks. Such policies usually contain instructions on how to choose strong passwords, apply patches and updates, detect phishing schemes, protect sensitive information, and respond to information security incidents. There is an abundance of online materials about how to draft a comprehensive employee information security policy. However, many of those materials do not address the disadvantages of such policies. The purpose of this article is to provide tips on...
Read more 0

The Future of Information Security

In this article, we look at the current trends in the field of information security and present speculations as to what the future of the field would be. It should be noted that unpredicted emergence of disrupting innovations may radically change the existing information security landscape. Nevertheless, we may reasonably expect that the future of cybersecurity will be dominated by four trends, namely, use of Blockchain technologies (Section 2), expanding the role of artificial intelligence (Section 3), harnessing the wisdom of the crowd (Section...
Read more 0