The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Tag: failure

November 8, 2015

The fatal flaw in IT Risk management

Is interviewing is a much better method that self-certifications and a checklist, if time and resources allow. Two points: In the ISO-27001 forum, my…

May 31, 2015

Misnomer

I’ve written before how government agencies misuse terminology associated with information security but it seems to persist and continues to mislead. The latest is…

August 24, 2011

The real reasons for documentation – and how much

he documentation required and/or needed by ISO-2700x is a perenial source of dispute in the various forums I subscribe to. Of course management has…

May 28, 2010

“Impact” is not a Metric

I never like to see the term ‘impact’. Its not a metric. I discuss how length, temperature, weight, are metrics whereas speed, acceleration, entropy…

December 27, 2009

Throwing in the towel

I was saddened to hear of an InfoSec colleague who met with overwhelming frustration at work: After two years of dealing with such nonsense,…

October 26, 2009

The chief value of open source

Now this is interesting! With code visibility, you and your vendors become partners in trying to make something work. The vendor can’t over-promise, but…

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

January 2021
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Bruce Schneier
  • CERT-CC
  • MSDN- Security
  • Microsoft TechNet – Security
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme