Content

Strategic insights on blockchain, AI, security, leadership, and career in an age of disruption.

The $285M Handshake: Why Trust is Your Biggest Security Risk
July 10, 2026·9 min read
Blockchain

The $285M Handshake: Why Trust is Your Biggest Security Risk

North Korea's Drift Protocol hack exploited trusted relationships, not code vulnerabilities. Learn how social engineering bypassed blockchain security and what it means for your defenses.

Recent Essays

All Content

681 posts

December 31, 2013

Updated for 2014: Online Classes for the Information Security Professional

Explore the latest online courses for information security professionals, featuring 11 top picks across computer security, in-depth topics, and InfoSec-related areas to enhance your cybersecurity skills.

December 26, 2013

Are Airline Kiosks The Next Fraud Vector?

Explore how airline kiosks might become the next target for credit card fraud, drawing parallels to the infamous Target breach. Learn about potential vulnerabilities and the implications for travelers.

December 04, 2013

Securing Amazon Web Services - Jay Schulman

The complete guide to securing Amazon Web Services.

September 21, 2013

Running Ghost on Heroku

Learn how to effortlessly deploy Ghost on Heroku with a few simple tweaks in your config.js file. Follow our step-by-step guide to set up, test, and push your Ghost blog live in no time!

July 25, 2012

4 Coursera Classes for the InfoSec Professional

Discover key Coursera classes for info security pros, including cryptography and risk management, along with unique offerings like equine nutrition, to broaden your skills and perspectives.

January 12, 2012

Why I Use Toto

If you scroll to the bottom of the page, the footer says "powered by toto." Toto is a minimalist blogging engine that runs on Ruby and is fully compatible with the Heroku platform.

January 04, 2012

Interviewing Security Professionals

I was reading a recent 37signals post about why they don't hire programmers based on puzzles or parlor tricks, and it got me wondering what strange tricks I played on the security professionals interviewing with me.

January 01, 2012

Write Down Your Passwords

The usual protocol when it comes to passwords is to create one that is hard to guess but easy to remember, because you shouldn't write it down. Yet I was still surprised to see a product specifically designed to write your passwords in.

December 16, 2011

Non Profit Wanted

Looking for a non-profit focused on helping other non-profits and charities with their information security issues, if you know of one.

November 08, 2011

A Refrigerator Has Never Been Hacked

Today's WSJ had an ad from the US Postal Service touting the security of a printed document over e-mail and the internet. Beyond the security of the printed letter, mail is great out-of-band communication with your customer.

October 05, 2011

Hacking Made Easier

NPR, along with a number of other media outlets, has been talking about new user-friendly hacking tools that let the average user be an elite hacker. I'm not an advocate for creating hacking tools, but I'd like to know what an attacker is going to use.

September 30, 2011

Keep It Simple

I had the privilege of hearing Harry Kraemer, former CEO of Baxter, present on leadership. One of his key tenets is Keeping Things Simple, and it applies directly to how security professionals sell security to the organization.

Jay Schulman — Plan for Thursday