Clik here to view.
10 Key Compliance Pitfalls — And How To Avoid Them
In a new Dark Reading report, Ed discusses common compliance pitfalls and how to avoid them; from the report synopsis: Today, it’s the rare business that doesn’t have some regulation on its radar,...
View ArticleClik here to view.
Insider Threats: Similar data, different conclusions
[Note: edited on 4/18 to fix ridiculous basic math error] Today, I came across two different surveys about insider threats. What was interesting to me is that the data was similar, but the...
View ArticleClik here to view.
Analysis of Security Firm Purchasing Supports Innovation Model
An interesting article today about the demographics of firms buying security companies. I came to it by way of Hack in the Box, which referenced analysis of it in CRN, but the actual original piece...
View ArticleClik here to view.
Interesting move by Mozilla re: certificate issuance
There was some coverage that I came across the other day that I thought was interesting about how Mozilla is considering rejecting TeliaSonera’s application for a new root certificate. At the core of...
View ArticleAndroid: A Second Career in Security?
This month, at TechNewsWorld, Ed covers ideas for how organizations might squeeze some extra value out of “scrapped” Android devices before they get sent to the great docking station in the sky: For...
View ArticleHacking the news for fun and profit?
So maybe you saw the other day that the AP’s Twitter account got hacked? Apparently someone broke in and posted this: ”Breaking: Two Explosions in the White House and Barack Obama is injured.”...
View ArticlePro-tip: The way to sell two-factor isn’t security… it’s convenience (maybe)
In the wake of the whole Twitter AP attack “thing” (we opined on it in this blog), there has been much discussion about multi-factor authentication (MFA) and whether the current authentication scheme...
View ArticleRIP Neil. You’ll be missed.
In case you haven’t heard, Neil Roiter passed away last week… He was a great man and one that we were proud to know. He’ll be very much missed. MATTAPOISETT — Neil Barry Roiter, 64, of Mattapoisett,...
View ArticleCriticism: A Security Chief’s Most Valuable Resource
This month, Ed discusses the value that candid feedback can have for the CISO: Feedback from the community we serve lets us know what we’re doing well, what we need to work on, and which stakeholder...
View ArticleLearn the basics of Bitcoin mining in less than 5 minutes
I think we can probably all agree that it’s important for security professionals to understand the basics of Bitcoin mining. Why? Because Bitcoin mining provides a direct pathway to turn captured CPU...
View ArticleEconomic effects of NSA PRISM compared to PLA’s APT-1
So unless you’ve been living under a rock, chances are you’ve seen the news about NSA’s “PRISM” program. If what we’ve been led to believe is as bad as we think (it might not be – see the “everything...
View ArticleAvoiding Unpleasant Cloud Surprises
In this month’s ECommerce Times article, Ed discusses the potential pitfalls of “surprise cloud” and what organizations can do about it: When cloud implementations are under the radar, there may not be...
View ArticleDoes BYOD Increase Risk? Part 1
So, the other day I came across an article on the ThreatPost which in turn references a survey from Rapid7 about the implications of BYOD on an organization’s security posture. It’s interesting...
View ArticleDoes BYOD Increase Risk? Part 2
OK, so the other week, I opened a line of questioning about whether or not BYOD increases risk in enterprise. It got to be fairly long, so I promised a return to the topic at some point. So now, here...
View ArticleClik here to view.
Are current security tools like rearview mirrors?
The other day, I had an opportunity to hear a fantastic presentation from VMWare’s George Gerchow. It was a great discussion (as his discussions usually are) and it cemented something in my mind that...
View ArticleFive cloud computing security concerns and the products tackling them
In this month’s column for SearchCloudSecurity, Ed looks at a few technology niche areas in enterprise that develop post-cloud: The abundant and rapidly increasing use of cloud services in the...
View ArticleClik here to view.
AMP Firehose Chicago
So you may remember that I had mentioned that I was going to be at Pete Lindstrom’s AMP firehose in NY a while back? Well, long story short, but I did go to it, and I did find it extremely valuable...
View ArticleThree strategies to align organizational compliance and security goals
To celebrate the 10th anniversary of Cybersecurity Awareness Month, Ed discusses strategies to align information security and compliance efforts in his column on SearchCompliance: This situation has...
View ArticleMusings on Internet of Things, AppSec, and BioMed
Today was an interesting day for folks who follow Internet of Things research. Specifically, ISACA has out a new survey that includes (among other things) some data about the perceived risks and...
View ArticleClik here to view.
Is there an inverse to Boehm’s curve?
So Diana posited something really interesting a few months ago and I’ve been meaning to blog about it ever since; it took a while to do it because (as you’ll see) it involved creating graphics and I’m...
View Article