Welcome to the Netizen IT Threat Intelligence Newsletter. A complimentary service of Netizen Corporation, intended to help protect your business from the ever growing and ever changing threat of cyber attacks. Massive Data Breach Puts 4 Million Federal Employees’ Records At Risk“(Office of Personnel Management) says people’s names, social security numbers, dates and places of birth, and current and former addresses were hacked.” |
Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
recent posts
- The Difference Between Passing a SOC 2 Audit and Maintaining a SOC 2 Program
- Netizen: Monday Security Brief (6/15/2026)
- How Living-Off-the-Land Attacks Bypass Traditional Security Controls
- June 2026 Patch Tuesday: Microsoft Addresses 200 Flaws, Including BitLocker and HTTP/2 Zero-Days
- Netizen: Monday Security Brief (6/8/2026)
about
-
-
This presentation includes an overview of our “baked-in” approach to software security as well as our unique Continuous Innovation Management methodology that leverages our large partner network of private companies and academic institutions to develop cutting-edge solutions for software and security problems in commercial enterprise and government markets.
Want to learn more about how these proven methodologies can enhance and protect your organization’s critical systems and data? Contact us at NetizenCorp.com/contact or call toll-free (in the U.S.) 1-800-450-1773.
-
The stats helper has prepared a 2014 annual report for our Netizen Corp blog.
Here's an excerpt:
The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed around 12,000 times in 2014. If it were a concert at Sydney Opera House, it would take about 4 sold-out performances for that many people to see it.
-
Though this could be a revolution in bringing medical device functionality to the masses, there will inevitably be some serious security and privacy concerns that need to be addressed before adoption of a massive scale by enterprise users.
-
-
No longer can we use “security through obscurity” excuses to explain how so called “closed,” or compiled and obscured, software is more secure. Open source is the future, and is more adaptable and responsive to community demands and security issues. When in doubt, however, open source also allows companies such as ours full access to all code resources, which we can comprehensively scan and analyze, to ensure the most robust level of software security possible for critical environments.
-
-
Over the past 15 years or so, there has been a continued push, until recently, to cut information technology costs, especially in software development, to the bare bones through offshoring – the practice of shifting labor-intensive work to countries where very few, if any, minimum wage standards exist and average income per capita is a mere fraction of that in the U.S. However, what too few understand and what most who have made this mistake have learned is that the costs saved in lower hourly rates on the front-end are gained back (and then some) by having to often deal with a lack of communication, a misunderstanding of your requirements, and inherently poor quality put forth by underpaid and under-qualified personnel.
I say “until recently” above because things are gradually changing. Companies once tripping over one another to move their operations abroad have now been dealing with not only the aforementioned side effects but also the issues of rampant intellectual property theft and other security concerns. This is slowly, but steadily, creating a rebirth of on-shored work. We’ve even encountered offshored projects wherein code has been simply copied from one client to the next, even though each had paid for their own custom solution. While this could happen anywhere, there are far more protections in place locally to deter these activities.
You see, shipping your codebase and intellectual property to a minimum-wage vendor in another country is essentially asking for theft, especially in the case of small businesses without the global legal reach of the Fortune 500. It is all but assured that key pieces of your system, that you pay for, will be re-used for the benefit of the offshoring company, as we have seen many times. This is mainly due to the lack of legal oversight and avenues for legal remedy between countries. Using an on-shore developer is a crucial aspect in maintaining secure oversight of and protection for your intellectual property.
Beyond legal implications, there are often issues of quality assurance. When you pay pennies on the dollar for developers, you are getting the equivalent quality. If it sounds too good to be true when you find a “well qualified” company or individual for 1/5th the cost of an in-country counterpart, it is. These developers, in some countries abroad, work in the technical equivalent of sweatshop conditions at times where they are pushed to churn out barely-working, buggy code without thought of the long term supportability, security or quality.
After all, it’s not their problem once it’s delivered – it’s yours. You are ultimately responsible to your end-users for ensuring that the application delivered will not breach business-critical data. Without the adequate legal protections of using an in-country development team, there is no way to ensure you’re getting a quality result without additionally hiring a local quality assurance team. This would only serve to bring costs in line to where they would have been originally had an entire local team been utilized from the beginning. So why go the offshore route at all? Truth is, there are fewer and fewer reasons to do so and many companies are now realizing this. The old adage most certainly rings true here – you get what you pay for.
There is only one tried and true way to ensure the ultimate quality and security of your product, and that is to utilize a team of talented, background-cleared in-country developers and technicians who have a deep desire to obtain total client satisfaction and not a rigid goal to simply churn out more code, however poor or vulnerable, in questionable conditions. You need someone who will be available at your beck and call, a partner who understands the requirements of your project at every level and offers iron-clad protections for your intellectual property while guaranteeing prevention of common software vulnerabilities. That’s a level of White Glove Service you’ll only find locally.
-
Here at Netizen, we’ve blogged a lot over the past year about the value veterans bring to the table for any startup. We are proudly veteran owned and have a staff comprised of incredibly dedicated, talented employees of which over 80% are veterans of various branches, occupational specialties, ages and backgrounds. It is this aspect that we have attributed to much of our early success, and I’ll explain why.
In technology, especially information security, we all must continuously grow and learn to keep pace with the market and technological changes. No one knows this better than a military veteran. In the service, we are forced to constantly adapt to and overcome even the most seemingly insurmountable of obstacles on a daily basis. Education and training are a part of the core military lifestyle and most veterans bear this intense desire to constantly learn and adapt long after their service ends. It is a set of attributes which cannot be taught, but which must be lived in order to learn.
Veterans bring values of loyalty, dedication and honesty. In a world replete with fraud, waste and abuse, veterans are a unique breed of driven individuals that put the team first. Never leave a client unsatisfied, never leave a job poorly done, and never let your teammates down. In a cutthroat, individualist society these people tend to be relationship and mission driven. This has proven to be a cultural requirement for long term results instead of constantly chasing shortsighted gains at the expense of future stability.
There is also so much more to the military service than the labels of simple occupational specialties which the civilian world attempts to categorize them by. There are skills such as leadership, discipline, teamwork and other ethical values which cannot simply be learned in a classroom. These are skills sorely lacking in the corporate world, but abundant in the veteran community. The problem is, veterans are rarely given the chance to prove themselves because corporate recruiters, due to a complete lack of understanding, look no further than the veteran’s occupational specialty.
Point is, regardless if the servicemember was an aircraft mechanic or an infantry scout, there are skills well beyond those simple titles that are hard to quantify but critical to startup and corporate success. So, give a veteran a chance and your business will reap greater success because of it, as studies have repeatedly shown [link 1 link 2 link 3 link 4].
-
Some issues trigger a deeper response than others within communities. In the technology world, the education, opportunities and inclusion of women holds unusual resonance.
In the U.S., as Nick Kristof wrote, “schoolgirls are leaving boys behind in the dust.” After graduation, the narrative evolves further. As Claire Cain Miller wrote in the New York Times on Friday, “women now outnumber men at elite colleges, law schools, medical schools and in the overall work force. Yet a stark imbalance of the sexes persists in the high-tech world, where change typically happens at breakneck speed.”
Why the disparity in the world of Silicon Valley startups, venture capital and high technology? Why are so few women in Silicon Valley?
At least some of the issue runs deep, far back into the educational system. As Miller writes:
That attitude is prevalent among young women. Girls begin to turn away from math…
View original post 898 more words
Netizen Blog and News 