The InfoSec Blog

The InfoSec Blog

System Integrity: Context Is Everything

  • About The Author
  • Master Index
  • Presentations
  • System Integrity

Tag: quality

May 1, 2015

Can We Secure the ‘Internet of Other People’s Things’?

http://www.eweek.com/security/can-we-secure-the-internet-of-other-peoples-things.html I think that title expresses the problem very well.

August 4, 2014

14 antivirus apps found to have security problems

http://www.theregister.co.uk/2014/07/29/antivirus_blood_splattered_as_biz_warned_audit_or_die Let us pass over the “All A are B” illogic in this and consider what we’ve known all along. AV doesn’t really work;…

April 25, 2014

OpenBSD forks, prunes, fixes OpenSSL

http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/#ftag=RSS86a1aa4 Interesting, eh? At the very least, this will apply a ‘many eyes’ to some of the SSL code and so long as the…

May 14, 2013

Does ISO 27001 compliance need a data leakage prevention policy?

On one of the ISO-27000 lists I subscribe to I commented that one should have a policy to determine the need for and the…

August 6, 2011

Fwd: How Quality Drives the Rise and fall of hi-tech products

http://sloanreview.mit.edu/the-magazine/2011-summer/52403/how-quality-drives-the-rise-and-fall-of-high-tech-products I’m dubious. On the one hand I recall a book titled “In Search of Stupidity“, which I strongly recommends reading, its about the…

September 23, 2010

Third-party code putting companies at risk

Image via Wikipedia http://www.infoworld.com/d/developer-world/third-party-code-putting-companies-risk-302 This opens: The use of third-party code in applications represents a big security risk for companies, according to a study…

March 15, 2007

Separation of Duties: InfoSec, IT and Audit

A colleague who had the opportunity to restructure the role of his InfoSec department asked for advice about defining the roles and duties and…

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

Popular Pages

  • The Classical Risk Equation
  • Separation of Duties: Infosec, IT and Audit
  • “Cybercrime” is still Crime and “Cyberfraud” is still Fraud
  • Risk Analysis makes no sense … Does it?
  • Are *you* ready to give up yet?
  • Why InfoSec Positions go unfilled
  • Security
  • Risk
  • ISO27K
  • Rants and Raves

Categories

Archives

Calendar of Posts

July 2022
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Sep    

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Security Links

  • Schneier on Security
  • Gary Hinson
  • Martin McKeay
  • The Security Team
  • DHS Daily Report
  • SANS Security Alerts
  • Brian Krebs
  • Stupid Security
  • Kill-HUP.com
  • Bruce Schneier
Copyright The InfoSec Blog. All rights reserved. | Powered by WordPress & Writers Blogily Theme