The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Tag: Consultants

June 21, 2011

In praise of OSSTMM

In case you’re not aware, ISECOM (Institute for Security and Open Methodologies) has OSSTMM3 – The Open Source Security Testing Methodology Manual – http://www.isecom.org/osstmm/…

December 27, 2009

Throwing in the towel

I was saddened to hear of an InfoSec colleague who met with overwhelming frustration at work: After two years of dealing with such nonsense,…

August 18, 2009

8 Dirty Secrets of the IT Security Industry – CSO.com

Bill Brenner  wrote an article that covers some security consulting in general and PCI DSS in particular. Do make note of points 1,3, and…

July 2, 2009

Security Posture Assessment resources

No, I don’t think this is a good start. Its ignores such fundamentals as policy, change management, awareness, management reporting, risk assessment and risk…

March 5, 2009

Couldn’t happen to a nicer buncha guys …

An independent security consultant describes how vulnerabilities in unpatched releases of the Zeus crimeware kit are being exploited by hackers in order to steal…

March 15, 2007

Separation of Duties: InfoSec, IT and Audit

A colleague who had the opportunity to restructure the role of his InfoSec department asked for advice about defining the roles and duties and…

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

June 2022
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
27282930  
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Brian Krebs
  • Stupid Security
  • Kill-HUP.com
  • Bruce Schneier
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme