September 20, 2016 UN privacy head slams ‘worse than scary’ UK surveillance bill http://www.theregister.co.uk/2015/11/10/un_privacy_head_slams_uk_surveillance_bill/ Two points in this caught my attention. Cannataci also argued forcefully that mass surveillance was not the way to handle the threat from…
November 8, 2015 The fatal flaw in IT Risk management Is interviewing is a much better method that self-certifications and a checklist, if time and resources allow. Two points: In the ISO-27001 forum, my…
June 25, 2015 Another reason to have a policy not to eat at your operations I’ve worked in places where the policy was that you’re not allowed to bring a camera in; that was before cell phones, I admit,…
June 25, 2015 Another reason to have a policy not to eat at your desk Hackers Can Use Pita Bread to Steal Laptop Encryption Keys, Say Researchers Embedding such devices in something edible only means it will end up…
May 31, 2015 Misnomer I’ve written before how government agencies misuse terminology associated with information security but it seems to persist and continues to mislead. The latest is…
May 1, 2015 Cyber general: US satellite networks hit by ‘millions’ http://www.forensicmag.com/news/2015/04/cyber-general-us-satellite-networks-hit-millions-hacks I wonder what they consider to be a hack? The wording in the in the article is loose enough to mean that if…
August 8, 2012 Steve Wozniak: Cloud Computing Will Cause ‘Horrible Problems In The http://www.businessinsider.com/steve-wozniak-cloud-computing-will-cause-horrible-problems-in-the-next-five-years-2012-8 Perhaps The Woz isn’t the influence he once was, and certainly not on Wall Street and the consumer market place. The unbounded RAH-RAH-RAH…
November 30, 2011 On the HP Printer Hack The hack to make the HP printers burn was interesting, but lets face it, a printer today is a special purpose computer and a…
August 9, 2011 His Bipolar made him do it http://compliancesearch.com/compliancex/current-affairs/his-bipolar-made-him-do-it/ An accused hedge fund fraudster’s mother is showing support, by claiming her son is not to blame for defrauding investors out of over…
July 2, 2011 The Question of Residual Risk value People keep asking questions like If the risk equation I use is Impact * Probability, when it comes to calculating the residual risk value…
April 19, 2011 Congressman blames U.S. unemployment crisis on iPad http://www.zdnet.com/blog/apple/congressman-blames-us-unemployment-crisis-on-ipad/9968?tag=nl.e539 In it U.S. Representative Jesse Jackson Jr (D-IL) blasts Apple and Steve Jobs claiming that the iPad is responsible for killing thousands of…
August 20, 2010 Open source and commercial support In a discussion of Open Source vs Closed Source/Commercial … Voice 1: Maybe because they’re not customers? (in the paying for a service sense)…
January 25, 2010 About Social Networking policy Policy development is one of my areas of practice, so when a colleague on a mailing list asked about how to phrase policy to…
October 24, 2009 How Many Deaths? Here http://thecipblog.com/?author=3 I found this quote: “In order to be designated ‘critical information infrastructure’, how many deaths would the failure of a network have…
October 16, 2009 A Ralph Nader for the 21st Century? http://www.chron.com/disp/story.mpl/business/steffy/6666406.html […] Hanni, who lives in California, is the founder of the Coalition for an Airline Passengers Bill of Rights, the group that’s spearheading…
September 9, 2009 Judges Punish Wall Street as Regulators Just Talk About Reform http://www.bloomberg.com/apps/news?pid=20601109&sid=a5wZ95KdSuJQ This is something we should *ALL* be aware off, not least those that think legal and world economic stuff is off topic. We…
August 26, 2009 Where do they get these numbers? From the Journalistic Approach to Statistics Department … The source of this warmongering is http://www.darkreading.com/security/intrusion-prevention/showArticle.jhtml?articleID=219401410 and Kelly Jackson Higgins uses the dramatic title “Message…
August 18, 2009 8 Dirty Secrets of the IT Security Industry – CSO.com Bill Brenner wrote an article that covers some security consulting in general and PCI DSS in particular. Do make note of points 1,3, and…
July 23, 2009 The Need for Social Engineerig in InfoSec Image via Wikipedia When I took my undergraduate Engineering degree the attitude of my professors was that if we had chose engineering as our…
July 2, 2009 Security Posture Assessment resources No, I don’t think this is a good start. Its ignores such fundamentals as policy, change management, awareness, management reporting, risk assessment and risk…