93 Posts

David Strom

Security Evangelist

David is an award-winning writer, speaker, editor, video blogger, and online communications professional who also advises numerous startup and well-established technology ventures. He began his career as an in-house IT analyst and has founded numerous technology print and online publications, such as editor-in-chief of Network Computing magazine and as part of the launch team of PC Week's Connectivity section. David has written two books and spoken around the world at various conferences and been on national radio and television talking about network technologies. He continues to build websites and publish articles on a wide variety of technology topics geared towards networking, security, channel, PC enthusiasts, OEMs, and consumers. In addition to these activities, he consults to vendors and evaluates emerging technologies, products, strategies, and trends to help position and improve their technology products.

Written By David Strom

The Limits of Linguistic Analysis for Security Attribution

Linguistic analysis can provide clues to help security analysts trace the source of a cyberattack, but the method is inconclusive on its own.

A Primer on Cross-Site Scripting (XSS)

XSS is a prevalent web-based exploit in which threat actors inject malicious code into webpages to compromise data or facilitate phishing scams.

More Mobile Apps Means More Man-in-the-Middle Attacks

Mobile devices that contain unsanctioned apps are particularly vulnerable to man-in-the-middle attacks, especially when connected to unsecured Wi-Fi.

Don’t Wait for the Next WannaCry — Update Your SMB Protocol Before It’s Too Late

To defend your infrastructure against future exploits, it's critical to disable the insecure original version of the SMB protocol.

The New NIST Digital Identity Guidelines and What They Mean to You

With the most recent draft of its Digital Identity Guidelines, NIST revised many of its federal recommendations regarding passwords and access management.

The Hidden Privacy Issues With Windows 10: The Injection of Ads and How to Improve Your Online Privacy

While its latest editions both feature security enhancements, Windows 10 users should still follow these best practices.

The Increasing Sophistication of the Tech Support Scam

It may be the oldest trick in the book, but the tech support scam remains a popular method among fraudsters, according to a recent report.

How to Become a Successful CISO

A career as a CISO can be highly rewarding, but it's not all glitz and glamor. Security leaders must be tactful, strategic and communicative to succeed.

How to Hire Your Next CISO

Hiring a CISO is more about finding gaps, committing to new ideas and bringing those ideas to life than it is about finding the right person for the job.

It Is Time to Get Serious About Security Theater

Sometimes, the value of peace of mind outweighs the cost of solutions that merely create an illusion of security, also known as security theater.