CompTIA Launches Emergency Response Team for Cybersecurity

CompTIA has created an Emergency Response Team to provide real-time guidance to solution providers experiencing a cybersecurity incident or service disruption. The new Emergency Response Team (ERT) is a group of dedicated CompTIA members who have either experienced a security incident or can provide guidance to solution providers that have been victimized. As a volunteer-led […]

CompTIA Launches Emergency Response Team for Cybersecurity

CompTIA Report Finds Steady Progress on the Cybersecurity Front

Changing approaches to cybersecurity have led to slow but steady progress in defense and protection, but competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA. A majority of business and technology professionals feel that the overall state of cybersecurity is improving, both generally and within their organizations, according to […]

CompTIA Report Finds Steady Progress on the Cybersecurity Front

NCA Receives 200K Grant from Craig Newmark Philanthropies for HBCU Cybersecurity Program

The National Cybersecurity Alliance (NCA) has received a significant boost in funding from Craig Newmark Philanthropies in the form of a $200,000 grant. The grant will support ongoing initiatives within NCA’s Historically Black Colleges and Universities (HBCU) Cybersecurity Career, Mentoring and Scholarship Program, as students return to school. Launched in 2022, the ‘See Yourself In […]

NCA Receives 200K Grant from Craig Newmark Philanthropies for HBCU Cybersecurity Program

National Cybersecurity Alliance Kicks Off 2nd Annual HBCU Career Program

The National Cybersecurity Alliance (NCA) is kicking off the 2nd year of the Historically Black Colleges and Universities (HBCU) Cybersecurity Career Program “See Yourself In Cyber.” “See Yourself In Cyber” aims to change the narrative around cybersecurity careers by showing students that there is a role in security for everyone and multiple pathways to a […]

National Cybersecurity Alliance Kicks Off 2nd  Annual HBCU Career Program

Call for Proposals Open for ISC East and West

The Security Industry Association (SIA) and ISC Security Events are seeking proposals from subject matter experts for the SIA Education at ISC conference programs at ISC East 2023 and ISC West 2024. ISC East 2023 will take place Nov. 14-16 at the Javits Center in New York City, and ISC West 2024 will be held […]

Call for Proposals Open for ISC East and West

It’s a New Year

Over the past several weeks, people much smarter and more creative than I have made predictions on what 2023 will bring to the AV world. These are always fun to read and keep score of throughout the year. Rather than make predictions, I tend to think about what the important issues will be throughout the […]

It’s a New Year

Lessons From Uber: How NOT to Respond to a Cybersecurity Incident

After suffering a major data breach six years ago, you would think that a company like Uber would be ready for more cyberattacks, but here we are. How did we get here? [insert flashback music] It was late 2016. Cyberattackers quietly breached the security perimeter of Uber networks and accessed the personal data of 57 […]

Lessons From Uber: How NOT to Respond to a Cybersecurity Incident

Make a Disaster Recovery Plan

Last month I wrote about cybersecurity in schools and what steps we can take to prevent attacks from happening. I wrote in the blog that there are many things we can do to harden our security and to make our institutions less of a soft target. Yet, as I pointed out in that piece, chances […]

Make a Disaster Recovery Plan

#HootHoot Meeting Owls Security Vulnerabilities Have Been Patched, Have Yours?

In January 2022, cybersecurity researchers at Modzero reported a handful of security vulnerabilities to Owl Labs regarding their 360-degree videoconferencing Meeting Owl, Meeting Owl Pro, Meeting Owl 3, and Whiteboard Owl. Owl Labs has since released patches for these vulnerabilities. (The below is the Meeting Owl 3, as shown at InfoComm 2022.) The security patches […]

#HootHoot Meeting Owls Security Vulnerabilities Have Been Patched, Have Yours?

Part 2: What I Learned About the Industry by (Not Attending ISE or InfoComm, But) Watching 2,000 Product Videos

Part 2: AV-Over-IP, Software-Based AV and AI This is part 2 of an article about all the things I noticed from ISE and InfoComm this year, two shows to which I didn’t go, but as the editor in charge of video titling for rAVe [PUBS] for both, I did watch pretty much every video the […]

Part 2: What I Learned About the Industry by (Not Attending ISE or InfoComm, But) Watching 2,000 Product Videos

Security Could Be Success or Failure for Schools

In December 2021, Lincoln College in rural Illinois suffered a devastating ransomware attack. The attack shut down all systems, including those for recruitment, retention and fundraising. While the college had preexisting fiscal problems due to the pandemic, this ransomware attack proved to be too much for the college to navigate. In the spring of 2022, […]

Security Could Be Success or Failure for Schools

BenQ Adds More Security InstaShow WDC30

BenQ has added more security to its InstaShow WDC30, including Wi-Fi 6 encryption, ISO EAL6+ and FIPS 140-3, in order to meet the stringent security requirements of U.S. government agencies, financial institutions and other organizations with high-risk data. Wireless meetings can contain highly sensitive and confidential data and intellectual property that can be leaked or […]

BenQ Adds More Security InstaShow WDC30

Log4j Could Drive New Business for AV

In late December, a flaw in software that is ubiquitous around the world was reported, and it sent cybersecurity pros into a frenzy and turned the hairs of technology pros gray. There are countless articles about this vulnerability, so I am not going to go deep into the technology of what occurs. Here is what […]

Log4j Could Drive New Business for AV

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 2

What motivates a hacker or group of cyberattackers? The answer is typically money. For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. The Colonial Pipeline ransomware attack in May of 2021 caused […]

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 2

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 1

Why did the pipeline get shut down if the hackers only attacked the business end?  For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security. By now, most people heard about the Colonial […]

SecuringAV: The Colonial Pipeline Ransomware Cyberattack — Part 1

SecuringAV: The Christmas Morning Bombing in Nashville

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure, and cyber-physical security. In my last SecuringAV column about the SolarWinds hack attack, I asked rAVe readers an open-ended question: If extremists think that Big Tech is […]

SecuringAV: The Christmas Morning Bombing in Nashville

White Paper: Securing Command and Control Centers With Cyviz

THIS IS A PROMOTED POST By Jason Rowley Vice President Federal, Cyviz It’s no secret that governments face more challenges than ever before. Information technology is advancing rapidly — and governments at all levels must be even quicker to protect operational networks and citizens from cybersecurity threats. Command and control centers need content visualization technologies […]

White Paper: Securing Command and Control Centers With Cyviz

Lessons From the SolarWinds Hack

In mid-December, news broke about a massive cyber breach that occurred through SolarWinds software. There is a chance (I hope not) that many in the AV community briefly looked at this, decided it was an IT issue and moved on. If you did, I think that was a mistake — and want to tell you […]

Lessons From the SolarWinds Hack

Securing AV: The SolarWinds Attack of 2020 (Actually 2019)

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure, and cyber-physical security. While most Americans are still processing the recent attack on the United States Capitol building, many cybersecurity researchers and professionals believe the real […]

Securing AV: The SolarWinds Attack of 2020 (Actually 2019)

Kayye’s Krystal Ball: 2021 Edition

Welcome to my 21st annual Kayye’s Krystal Ball! I love writing this annual predictions article — it’s both humbling and rewarding. It requires me to stop and research anything new, evaluate the potential impact it will have and then articulate it in a way that matters to readers. If you’re a regular reader of my […]

Kayye’s Krystal Ball: 2021 Edition

I Watched Zoom’s Security Updates Webinar. Here Are the Takeaways.

On Wednesday, I watched Zoom’s 45-minute “Get The Latest Product News From Zoom” webinar. When I received the lead, I figured it would be related to Zoom 5.0, the latest upgrade to Zoom and the result of its 90-day security-enhancement plan. Quick plug: Earlier on, this same day, rAVe held a one-on-one session with Zoom’s […]

I Watched Zoom’s Security Updates Webinar. Here Are the Takeaways.

Giant Security Update to Zoom Rolls Out Starting Today

Today Zoom announced security enhancements with the upcoming general availability of Zoom 5.0, a key milestone in its 90-day plan to proactively identify, address and enhance the security and privacy capabilities of the Zoom platform. By adding support for AES 256-bit GCM encryption, Zoom will provide increased protection for meeting data and resistance against tampering. […]

Giant Security Update to Zoom Rolls Out Starting Today

Updated: How Zoom’s Recent Success Has Put Them Square in the Security Spotlight

P.T. Barnum is credited for saying,”There’s no such thing as bad publicity.” You may have heard other variations of this old saying, such as “There’s no such thing as bad press.” Does this apply to recent headlines about Zoom? If you have lost track, I will do my best to summarize and put it all […]

Updated: How Zoom’s Recent Success Has Put Them Square in the Security Spotlight

Cloud-Based Signage Software Company Enplug Completes SOC 2 Type 2 Audit

Enplug today announced successful completion of its SOC 2 Type 2 audit. This concludes an intensive six-month audit by Coalfire, an independent cybersecurity firm, to objectively measure Enplug’s adherence to key trust factors of secure data processing and storage. Many digital signage vendors talk about the importance of security, yet Enplug is among the very […]

Cloud-Based Signage Software Company Enplug Completes SOC 2 Type 2 Audit

Barco Announces Critical Security Update to ClickShare, Addressing Vulnerability Discovered by “Ethical Hackers”

Barco announced this week that a security vulnerability was discovered within its ClickShare product, which is fixed with an update available immediately, ClickShare update 1.9.1. This vulnerability was discovered by security consultants F-Secure through a process known as “ethical hacking.” “In October of this year, consultants from reached out and shared that they had managed […]

Barco Announces Critical Security Update to ClickShare, Addressing Vulnerability Discovered by “Ethical Hackers”

Data Privacy Issues in Higher Ed

Management guru Peter Drucker is often quoted as saying, “If you can’t measure it, you can’t improve it.” I have long believed in this philosophy and work with my teams to make sure we are setting goals and measuring our success. While I think Drucker was right, he lived and worked in a much different […]

Data Privacy Issues in Higher Ed

Cybersecurity Advice (for the AV Industry) from Robert Mueller

By Paul Konikowski On June 24, 2019, former Special Counsel Robert Mueller III testified before the House Judiciary Committee and the House Intelligence Committee about his team’s Report on the Investigation into Russian Interference in the 2016 Presidential Election. Throughout most of the day, Mueller kept his answers brief and referenced the report. Oftentimes, he […]

Cybersecurity Advice (for the AV Industry) from Robert Mueller

Friction, SB-327 and Zoom’s Terrible, Horrible, No-Good Week

Last week was an eventful one for Zoom. In less than twenty-four hours, we had: The revelation of multiple security vulnerabilities in the popular Zoom conferencing software A [now updated] defensive statement by Zoom, dismissing concerns related to same Public outcry A reversal of course and introduction of an immediate patch for one vulnerability and […]

Friction, SB-327 and Zoom’s Terrible, Horrible, No-Good Week

Cybersecurity Lessons Learned from Zoom, Logitech and Draper

By Paul Konikowski, CTS-D Last week was a big week for cybersecurity news pertaining to the audiovisual industry. Vulnerabilities in Zoom’s Mac desktop client were disclosed, hijacking flaws in Logitech’s Unifying USB dongles hit the mainstream and Draper, Inc. announced that its computer systems and communications networks were being held hostage by ransomware. Let’s take […]

Cybersecurity Lessons Learned from Zoom, Logitech and Draper

Imminent Disaster  —  The Looming AV Threat

I want you to imagine a 46″ flat panel display. This display is in a staff cafeteria on the 30th floor of an office building. Wall-mounted. It is not an extravagant display, probably 1080p… not even smart (gasp!). You’ve seen one just like it, looping special events and other corporate propaganda. Now I want you […]

Imminent Disaster  —  The Looming AV Threat

Cybersecurity and the Problem with OEMs

Last year, Crestron was the focus of some cyber activists who found vulnerabilities in Crestron touch controllers that could theoretically allow someone to use touch screens to spy on the person in the same room. This was covered in a class at a hacktivist conference called DEFCON and subsequently was written up in WIRED Magazine. […]

Cybersecurity and the Problem with OEMs

Security: Start from the Beginning

Security has arisen as a significant issue over the past several years in the AV industry. Several high profile issues have made people question what they should be doing about security. I (and others) have written about it, trying to give our readers some thoughts about where to start. As I read more about security […]

Security: Start from the Beginning