I’m getting a kick out of some fun videos put together by the fine folks at StaySafeOnline.org. Check them out and enjoy this awareness video: “Don’t be a Billy”
The demand for a trained and educated information security workforce here in the U.S. continues to grow. Creating a pipeline of information security professionals has to start early. A national campaign to develop the next generation of “Cyber Defenders” has been happening without the fanfare or kudos that it needs. The Collegiate Cyber Defense Competition [...]
This was pretty cool. Thanks to OnlineMBA and their post. Via: Online MBA
The CISO of Pennsylvania was apparently fired after discussing a breach while serving on a panel at the recent RSA conference. The removal appeared in several articles including this SCMagazine report. The information provided by Bob Maley was a clear description of a threat that some states may face, an appropriate discussion for this panel. [...]
I just read an article “Basic security measures do wonders” and it drove home a point that seems to have been lost with the inundation of terms such as “CyberWar” and “Advanced Persistent Threat”. While we spend a lot of time implementing new technologies or applying frameworks, we sometimes forget that applying basics and using [...]
Why is it that terms used in the information security profession is referred to as “gobbledegook” while in other professions it’s known as nomenclature. Every profession has its own jargon so for “experts” to label this as something unique to information security is rather unfair. “One problem is that computer “geeks” use jargon to cloak [...]
CNN recently broadcast a cyber-attack simulation meant to demonstrate the potential cascading effects of a widespread attack on our nation’s infrastructure. The exercise included former federal officials who played the role of key positions in the executive branch to show how the government would respond to the escalating incident. They even had a flashy headline: [...]
The Google “Aurora” incident illustrates an ongoing problem with the “media motivated” approach many organization take in regards to information security. A major event happens and there is a short-lived window of opportunity to ride the “it can happen to us” wave to secure some funding for the latest toy or gadget. Unfortunately, some executives [...]
I may as well get on the 2010 prediction bandwagon. 1. With the rush to get into the “cloud” businesses will sacrifice security for the promise of efficiencies. Attacks will be focused on the applications placed in the cloud, not necessarily the underlying OS infrastructure. I predict there will be a large compromise of information [...]
Social networking has enhanced collaboration for many companies but it creates a risk of employees sharing intellectual property or other strategically important company information with outsiders. This certainly places an increased burden on strategically aligned CSO’s who must balance the need for security with business goals and objectives. The Global State of Information Security survey [...]
Tandil Wordpress Theme designed by Wp Themes Planet and proudly powered by WordPress