May 1, 2015 Can We Secure the ‘Internet of Other People’s Things’? http://www.eweek.com/security/can-we-secure-the-internet-of-other-peoples-things.html I think that title expresses the problem very well.
August 4, 2014 14 antivirus apps found to have security problems http://www.theregister.co.uk/2014/07/29/antivirus_blood_splattered_as_biz_warned_audit_or_die Let us pass over the “All A are B” illogic in this and consider what we’ve known all along. AV doesn’t really work;…
April 25, 2014 OpenBSD forks, prunes, fixes OpenSSL http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/#ftag=RSS86a1aa4 Interesting, eh? At the very least, this will apply a ‘many eyes’ to some of the SSL code and so long as the…
May 14, 2013 Does ISO 27001 compliance need a data leakage prevention policy? On one of the ISO-27000 lists I subscribe to I commented that one should have a policy to determine the need for and the…
August 6, 2011 Fwd: How Quality Drives the Rise and fall of hi-tech products http://sloanreview.mit.edu/the-magazine/2011-summer/52403/how-quality-drives-the-rise-and-fall-of-high-tech-products I’m dubious. On the one hand I recall a book titled “In Search of Stupidity“, which I strongly recommends reading, its about the…
September 23, 2010 Third-party code putting companies at risk Image via Wikipedia http://www.infoworld.com/d/developer-world/third-party-code-putting-companies-risk-302 This opens: The use of third-party code in applications represents a big security risk for companies, according to a study…
March 15, 2007 Separation of Duties: InfoSec, IT and Audit A colleague who had the opportunity to restructure the role of his InfoSec department asked for advice about defining the roles and duties and…