In the News

Open source software security challenges persist, but the risk can be managed

Using open source components saves developers time and companies money. In other words, it’s here to stay. Here’s a look at what it will take to improve open source security. This year’s Equifax breach was a reminder that open source software and components pose a giant risk to enterprise security despite their many benefits, especially when not […]

How to Protect Your Child’s Privacy on Internet-Connected Toys

“We’re still in the wild, Wild West,” says John Dickson, a principal at Denim Group, a cybersecurity company in San Antonio, when it comes to connected products. VTech, which makes tablets, smartwatches, and other connected toys for kids, settled the complaint without admitting or denying any wrongdoing. Allan Wong, chairman and group CEO, said the […]

What Sort of Testing Do My Applications Need?

As you start to get an idea of what your application portfolio looks like, you then need to start determining the specific risks that applications can expose your organization to. This is typically done through application security testing – identifying vulnerabilities in an application so that you can make risk-based decisions about mitigation and resolution. […]

PODCAST: Will 2018 be the year of the CISO?

“What this means is that now the CISO has more hard core business rationale for spending,” Dickson opined. “In the good old days CISOs would say, ‘We have to do this or we might get hacked.’ It was it was an abstract threat and risk that, candidly, most execs had a hard time quantifying. “Now […]

White House weighs North Korean cyber retaliation

“The nuclear side, shooting a rocket over Japan — they’re all very in-your-face activities,” said John Dickson, principal of the Denim Group and a former U.S. Air Force officer. If North Korea wanted to make a point or exert power in a deniable way, Dickson said, the U.S. could expect to see more hacking activity. […]

DHS: Cyberattack greater threat than bombs

“They are definitely in the B team, but they have capabilities nonetheless,” said John Dickson, a cybersecurity expert and principal at Denim Group Ltd., a company in the business of software security. Dickson had been tracking North Korean cyber activity for years. “I characterize (North Korea) as having increasing capability – they are nowhere near […]