The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Category: Human Factors

November 1, 2016

Online Ad Industry Threatened by Security Issues

http://www.databreachtoday.com/online-ad-industry-threatened-by-security-issues-a-9488 Most people use ad blockers because they’re irritated with some of the intrusive ways ads are presented. But there are also compelling security…

September 20, 2016

UN privacy head slams ‘worse than scary’ UK surveillance bill

http://www.theregister.co.uk/2015/11/10/un_privacy_head_slams_uk_surveillance_bill/ Two points in this caught my attention. Cannataci also argued forcefully that mass surveillance was not the way to handle the threat from…

September 11, 2016

Everybody wants in on ‘Cybersecurity”

Embed from Getty Images Intel Sets McAfee Free … http://www.databreachtoday.com/blogs/intel-sets-mcafee-free-p-2244? … becoming what Intel bills as one of the world’s biggest “pure-play cybersecurity companies.”…

September 2, 2016

The Hidden Curriculum of Work

http://www.strategy-business.com/blog/The-Hidden-Curriculum-of-Work I think part of the problem I have in dealing with the current generation of head-hunters and corporate recruiters is that they focus…

July 2, 2016

Nobody wants to pay for security, including security companies

https://www.linkedin.com/pulse/nobody-wants-pay-security-including-companies-beno%C3%AEt-h-dicaire In theory, consumers and businesses could punish Symantec for these oversights by contracting with other security vendors. In practice, there’s no guarantee that…

June 26, 2016

Brexit: What’s Next for Privacy, Policing, Surveillance?

http://www.databreachtoday.com/brexit-whats-next-for-privacy-policing-surveillance-a-9225 Now we’re getting over the “how could that do THAT!” shock stage and starting to think what the operational, rather than just the…

March 22, 2016

Cyber risk in the business

https://normanmarks.wordpress.com/2015/06/05/cyber-risk-and-the-boardroom/ The take-away that is relevant : Cyber risk should not be managed separately from enterprise or business risk. Cyber may be only one…

February 18, 2016

Purpose unclear. Why are the FBI *really* trying to subvert encryption?

Tim cook says Apple will fight a federal order to help the FBI hack an iPhone.   An earlier version of this page has…

January 6, 2016

We’re mobile addicts but we just don’t want new smartphones

http://www.zdnet.com/article/research-were-mobile-addicts-but-we-just-dont-want-new-smartphones/ For whatever value of “Mobile” is applicable in context, yes. A lot of what I see is students in the library with their…

November 8, 2015

The fatal flaw in IT Risk management

Is interviewing is a much better method that self-certifications and a checklist, if time and resources allow. Two points: In the ISO-27001 forum, my…

July 5, 2015

Cyber, Ciber or Syber?

Occasionally, people do ask: What exactly do you mean by “cyber security”? Or “cyber” for that matter. Please explain. “Steersman Security”? It seems to…

June 25, 2015

Another reason to have a policy not to eat at your desk

Hackers Can Use Pita Bread to Steal Laptop Encryption Keys, Say Researchers Embedding such devices in something edible only means it will end up…

May 9, 2015

Tracking kids via microchip ‘can’t be far off,’ says expert

http://www.kens5.com/story/news/2015/05/07/tracking-kids-via-microchip-cant-be-far-off-says-expert/70986060/ Dickerson said she though one day, “I microchip my dog, why couldn’t I microchip my son?” I think there’s something despicable about treating…

May 1, 2015

Cyber general: US satellite networks hit by ‘millions’

http://www.forensicmag.com/news/2015/04/cyber-general-us-satellite-networks-hit-millions-hacks I wonder what they consider to be a hack? The wording in the in the article is loose enough to mean that if…

April 30, 2015

U.S. Defense Secretary Carter emphasizes culture change needed to

http://www.scmagazine.com/ash-carter-spoke-at-stanford-university/article/411392/ Yes the government needs a culture change if it is to address its own and the national issues pertaining to security, technological, in…

November 19, 2014

Should all applicable controls be mentioned in documenting an ISMS?

In my very first job we were told, repeatedly told, to document everything and keep our personal journals up to date. Not just with…

August 4, 2014

14 antivirus apps found to have security problems

http://www.theregister.co.uk/2014/07/29/antivirus_blood_splattered_as_biz_warned_audit_or_die Let us pass over the “All A are B” illogic in this and consider what we’ve known all along. AV doesn’t really work;…

April 21, 2014

What Applicants Should Ask When Interviewing For An InfoSecurity Position

http://www.informationsecuritybuzz.com/applicants-ask-interviewing-information-security-role/ Well what would you ask? These seem to be the kind of questions that might be asked by someone with a strong technical…

January 25, 2014

Most CEOs clueless about cyberattacks

http://www.zdnet.com/most-ceos-clueless-about-cyberattacks-and-their-response-to-incidents-proves-it-7000025396/#%21 Perhaps that’s cynical and pessimistic and a headline grabber, but then that’s what makes news. What I’m afraid of is that things like…

December 30, 2013

Former Head Of Airport Security: ‘The TSA Couldn’t Save You From

http://www.businessinsider.com/problems-with-tsa-2013-12 Based on the demonstrated persistence of their enemies, I have a lot of respect for what Israeli security achieves. Back to Verb vs…

Posts navigation

1 2 … 6 Next

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

May 2022
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Brian Krebs
  • Stupid Security
  • Kill-HUP.com
  • Bruce Schneier
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme