ramblings on various information security topics
From the category archives:
Chris Hoff took his three young girls to Source Boston with him last week.
First, VERY COOL and it sounds like they had a good time.
Second, it started some thoughts in his head, some conversations with others and the creation of something that will be most excellent.
HacKid Conferences
From the website:
The idea really revolves around providing an [...]
{ 1 comment }
I post a lot of links in my daily bits post, but every once in a while I come across something that I think needs to be singled out. This is one of those occasions.
Graham Clueley of Sophos put up this post which I think is a must see. Not necessarily for those of us [...]
{ 0 comments }
I had a Monster.com account hanging out there for a few years. I wasn't looking for a new position so all the privacy controls were turned on. Along comes the second data breach in under two years. I decided I didn't need that account anymore. I know, closing the barn door after the horse is [...]
{ 1 comment }
According to a survey performed in 2006 by Cox Communications and the National Center for Missing and Exploited Children (NCMEC), 61% of children between the age of 13 and 17 have a personal profile on sites such as MySpace, Friendster, or Xanga. Half of them have posted pictures of themselves online.
That was 2006 folks. I’m [...]
{ 0 comments }
Today is the last day of RSA Europe 2008. I have really enjoyed being here and have attended some very interesting sessions which I will be posting about in the near future.
Today's agenda is shortened since the last keynote ends at 13:30. For those who are interested, here are the sessions I will be attending.
Lessons [...]
{ 0 comments }
In the article "Study: Global information security improves, but still imperfect", Angela Moscaritolo points us at a report recently released by PriceWaterhouseCoopers, "Safeguarding the new currency of business." The report is the findings of the 2008 Global State of Information Security Study®. Her article points out some salient issues found in the report, but I [...]
{ 0 comments }
Richard Stiennon says:
So, yes, there is good security awareness training. But I do not include teaching Bobby in reception how to avoid being taken in by Kevin Mitnick. It is futile and silly to expect your average employee to become paranoid enough to ward off social engineering attacks. Rather than invest in posters [...]
{ 3 comments }
Mike Rothman in his latest Pragmatic CSO Newsletter (I highly recommend subscribing) has a really good post up about our responsibility to ensure that user community understands why they should be adhering to established policies and not attempting to circumvent controls put in place to protect our organizations.
I left the following comment and now am [...]
{ 1 comment }
Scott Young over at PickTheBrain writes in this post about a couple of ways to improve the quality of the conversations we have with people.
He points to two basic rules that can help make conversations more meaningful.
The conversation is not about you.
You need to give trust to get trust.
I will leave it you to [...]
{ 0 comments }
