September 8, 2018 Policy Vs Procedure When discussing ISO27000, my friend Gary Hinson wrote: The terms in the triangle or pyramid shape are generally listed in the reverse sequence, the…
November 1, 2016 Online Ad Industry Threatened by Security Issues http://www.databreachtoday.com/online-ad-industry-threatened-by-security-issues-a-9488 Most people use ad blockers because they’re irritated with some of the intrusive ways ads are presented. But there are also compelling security…
September 20, 2016 UN privacy head slams ‘worse than scary’ UK surveillance bill http://www.theregister.co.uk/2015/11/10/un_privacy_head_slams_uk_surveillance_bill/ Two points in this caught my attention. Cannataci also argued forcefully that mass surveillance was not the way to handle the threat from…
September 19, 2016 Some thoughts on the performance of SSD RAID 0 arrays My Friend Alan Rocker and I often discuss ideas about technology and tradeoffs. Alan asked about SSDs for Linux: > I haven’t been following…
September 14, 2016 Everything old is new again http://www.databreachtoday.com/whitepapers/seven-reasons-micro-segmentation-powerful-to-have-painless-to-add-w-2704 What’s the saying “Those who forget history are doomed to repeat it over again“? Weren’t we doing this with routers and … well…
September 11, 2016 Everybody wants in on ‘Cybersecurity” Embed from Getty Images Intel Sets McAfee Free … http://www.databreachtoday.com/blogs/intel-sets-mcafee-free-p-2244? … becoming what Intel bills as one of the world’s biggest “pure-play cybersecurity companies.”…
September 2, 2016 The Hidden Curriculum of Work http://www.strategy-business.com/blog/The-Hidden-Curriculum-of-Work I think part of the problem I have in dealing with the current generation of head-hunters and corporate recruiters is that they focus…
July 2, 2016 Nobody wants to pay for security, including security companies https://www.linkedin.com/pulse/nobody-wants-pay-security-including-companies-beno%C3%AEt-h-dicaire In theory, consumers and businesses could punish Symantec for these oversights by contracting with other security vendors. In practice, there’s no guarantee that…
June 26, 2016 Brexit: What’s Next for Privacy, Policing, Surveillance? http://www.databreachtoday.com/brexit-whats-next-for-privacy-policing-surveillance-a-9225 Now we’re getting over the “how could that do THAT!” shock stage and starting to think what the operational, rather than just the…
March 22, 2016 Cyber risk in the business https://normanmarks.wordpress.com/2015/06/05/cyber-risk-and-the-boardroom/ The take-away that is relevant : Cyber risk should not be managed separately from enterprise or business risk. Cyber may be only one…
February 18, 2016 Purpose unclear. Why are the FBI *really* trying to subvert encryption? Tim cook says Apple will fight a federal order to help the FBI hack an iPhone. Â An earlier version of this page has…
January 6, 2016 We’re mobile addicts but we just don’t want new smartphones http://www.zdnet.com/article/research-were-mobile-addicts-but-we-just-dont-want-new-smartphones/ For whatever value of “Mobile” is applicable in context, yes. A lot of what I see is students in the library with their…
November 8, 2015 The fatal flaw in IT Risk management Is interviewing is a much better method that self-certifications and a checklist, if time and resources allow. Two points: In the ISO-27001 forum, my…
July 10, 2015 The 11 tiniest, most powerful computers your money can buy http://www.geek.com/chips/the-11-tiniest-most-powerful-computers-your-money-can-buy-1627324/ I have my doubts about many things and the arguments here and in the comments section loom large. Yes, I can see that…
July 5, 2015 Cyber, Ciber or Syber? Occasionally, people do ask: What exactly do you mean by “cyber securityâ€? Or “cyber†for that matter. Please explain. “Steersman Security”? It seems to…
June 25, 2015 Another reason to have a policy not to eat at your operations I’ve worked in places where the policy was that you’re not allowed to bring a camera in; that was before cell phones, I admit,…
June 25, 2015 Another reason to have a policy not to eat at your desk Hackers Can Use Pita Bread to Steal Laptop Encryption Keys, Say Researchers Embedding such devices in something edible only means it will end up…
May 31, 2015 Misnomer I’ve written before how government agencies misuse terminology associated with information security but it seems to persist and continues to mislead. The latest is…
May 10, 2015 Why Silicon Valley Will Continue to Rule https://medium.com/backchannel/why-silicon-valley-will-continue-to-rule-c0cbb441e22f The historical, cultural and economic context described here sums up why efforts to replicate ‘the valley’ in other countries, other places, according to…
May 9, 2015 Tracking kids via microchip ‘can’t be far off,’ says expert http://www.kens5.com/story/news/2015/05/07/tracking-kids-via-microchip-cant-be-far-off-says-expert/70986060/ Dickerson said she though one day, “I microchip my dog, why couldn’t I microchip my son?” I think there’s something despicable about treating…