The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Tag: Business

June 26, 2016

Brexit: What’s Next for Privacy, Policing, Surveillance?

http://www.databreachtoday.com/brexit-whats-next-for-privacy-policing-surveillance-a-9225 Now we’re getting over the “how could that do THAT!” shock stage and starting to think what the operational, rather than just the…

May 30, 2013

Confusion over Physical Assets, Information Assets – Part Two

So I need to compile a list of ALL assets, information or otherwise, NO! That leads to tables and chairs and powerbars. OK so…

February 16, 2013

The #1 Reason Leadership Development Fails

http://www.forbes.com/sites/mikemyatt/2012/12/19/the-1-reason-leadership-development-fails/ I wouldn’t have though, based on the title, that I’d be blogging about this, but then again one can get fed up with…

August 30, 2012

Marketing Is Dead – Harvard Business Review

http://blogs.hbr.org/cs/2012/08/marketing_is_dead.html Of course you have to have a catchy title, but what this really says is … in today’s increasingly social media-infused environment, traditional…

August 9, 2012

How to build an asset inventory for 27001

How do you know WHAT assets are  to be included in the ISO-27K Asset Inventory? This question and variants of the “What are assets…

May 25, 2012

Why Info Sec Positions Go Unfilled

http://www.infosecleaders.com/2012/05/career-advice-tuesday-why-info-sec-position-go-unfilled/ There are many holes in this, but I think they miss some important points. First is setting IT HR to look for Infosec….

August 7, 2011

Using ALE … inappropriately

Like many forms of presenting facts, not least of all about risk, reducing complex and multifaceted information to a single figure does a dis-service…

July 1, 2011

Compliance? What Compliance?

Sometimes I wonder why we bother … The Securities and Exchange Commission doesn’t just enforce the rules that govern Wall Street. When asked, it…

January 6, 2011

What drives the RA? Need or Fashion?

A colleague in InfoSec made the following observation: My point – RA is a nice to have, but it is superfluous. It looks nice…

May 19, 2010

The Classical Risk Equation

What we had drilled into us when I worked in Internal Audit and when I was preparing for the CISA exam was the following…

February 28, 2010

The FBI risk equation

It seems that to make better cybersecurity-related decisions a senior FBI official recommends considering a simple algebraic equation: risk = threat x vulnerability x…

December 27, 2009

Throwing in the towel

I was saddened to hear of an InfoSec colleague who met with overwhelming frustration at work: After two years of dealing with such nonsense,…

October 6, 2009

About creating Corporate IT Security Policies

As I’ve said before, you should not ask yourself what policies to write but what you need to control.  If you begin with a…

September 16, 2009

The Glass Half Full

Image by Getty Images via @daylife Optimist: The glass is half full Pessimist: The glass is half empty Cost Accountant: The vessel is too…

July 24, 2009

One In Two Security Pros Unhappy In Their Jobs

http://www.darkreading.com/security/management/showArticle.jhtml?articleID=218600434 Well? Are you? You’d think most professionals in a hot industry like IT security would feel content and challenged technically and creatively in…

July 23, 2009

The Need for Social Engineerig in InfoSec

Image via Wikipedia When I took my undergraduate Engineering degree the attitude of my professors was that if we had chose engineering as our…

April 28, 2009

Swine Flu Issues – insufficient discrimination

The trouble with some people is that they make some deceptively reasonable comments that don’t stand up under critical analysis  With an ailing economy…

February 5, 2009

Benchmarked: Ubuntu vs Vista vs Windows 7

Image via Wikipedia http://www.tuxradar.com/content/benchmarked-ubuntu-vs-vista-vs-windows-7 Interestingly, even if not that relevant. And, of course, there’s the most important proviso of all: it is very, very…

November 27, 2008

People under extreme stress may behave unpredictably and have limited capacity for rational thought

“People under extreme stress may behave unpredictably and have limited capacity for rational thought”

November 11, 2008

Going Rogue

In this article at TechRepublic, Tom Olzak tries to address the issue of insider threat by talking about why your employees might ‘go rogue’. …

Posts navigation

1 2 Next

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

January 2021
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Bruce Schneier
  • CERT-CC
  • MSDN- Security
  • Microsoft TechNet – Security
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme