Tony Martin-Vegue
Tony Martin-Vegue is a 20-year technology industry veteran who started out as a Windows 3.1 phone support technician and worked his way up by running network cabling through ceilings, winning (and losing) in the late-1990s – early 2000s dot-com bubble and leading network operations teams. In the more recent past, Tony has worked in the financial services sector helping firms establish frameworks for enterprise risk assessments, developed advanced threat modeling tools, educated on risk analysis techniques and consulted on security for large-scale IT projects. Tony currently works at a large global retailer leading their cyber-crime program by researching emerging threats, assessing risk and fighting fraud.
Tony holds a Bachelor of Science in Business Economics from the University of San Francisco and holds many certifications including CISSP, CISM and CEH.
Tony lives in the San Francisco Bay Area, is a father of two and enjoys swimming and biking in his free time.
The opinions expressed in this blog are those of Tony Martin-Vegue and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.
What I learned from resetting over 300 passwords
After the password manager company LastPass announced a data breach of account credentials, I decided to change the password on all the accounts I've ever created - over 300. In the process I made many discoveries about the state of...
Lessons from the Heartland Payment Systems data breach, redux
In 2009, Heartland Payment Systems suffered what was until recently the largest data breach in recorded history, at the hands of a skilled and malevolent hacker. After the attack, the company went on the offensive, implementing...
What combination locks teach us about encryption weakness
Last week, an interesting story made the rounds on social media about a researcher named Samy Kamkar who discovered a flaw in Master-brand combination locks and was able to open the lock in eight tries or less. It’s a great discovery...
Vulnerability scan vs. penetration test vs. risk analysis: What's the difference?
An often overlooked, but very important process in the development of any Internet-facing service is testing it for vulnerabilities, knowing if those vulnerabilities are actually exploitable in your particular environment and, lastly,...
Security BSides San Francisco, 2015 conference review
The annual security conference, Bsides San Francisco, was held on April 19 and 20. It was an exciting and action-packed event with talks from some of the best up-and-coming industry speakers. This is a general review of the event as...
Are we witnessing a cyber war between Russia and Ukraine? Don't blink - you might miss it
The term “cyber war” is often misused and misunderstood, but there is a clear and concise definition with a high bar of what constitutes one. The ongoing War in Ukraine, also known as the War in Donbass, meets the standard of cyber...
How to survive security conferences: 4 tips for the socially anxious
One of the world’s largest security conferences, RSA 2015, is right around the corner. Security professionals from all over the world will be in San Francisco that week, and this will arguably be the single best chance all year for...
Cyber what? (part 2 of 2)
Words beginning with “cyber,” such as “cyber war” and “cyberspace” are entering our everyday lexicon. Politicians use the terms to describe an ambiguous threat from another country and security vendors use the terms to get you to buy...
Cyber WHAT? (part 1 of 2)
Words beginning with “cyber,” such as “cyber war” and “cyberspace” are entering our everyday lexicon. Politicians use the terms to describe an ambiguous threat from another country and security vendors use the terms to get you to buy...
Not all data breaches are created equal – do you know the difference?
System intrusions affect companies in different ways and a huge factor when assessing risk is the type of data exposed. There are many different types of data that can be leaked and the three most common are examined.