maliciouslink.com
Management | Malicious Link
https://www.maliciouslink.com/category/management
Speed of Patching Versus Breach Likelihood. August 31, 2015. I am a big fan of the Verizon DBIR. I was just reading this interview with Mike Denning. From Verizon on Deloitte’s web site about this year’s report. The whole article is worth reading, but I want to focus on one comment from Mr. Denning:. 8220;we can exclude ourselves from 99.9% of breaches by just ensuring we keep up with our patching. After all, we should be able to meet the goal of applying patches no later than, say, 11 months aft...Outsi...
securance.blogspot.com
Securance: July 2012
http://securance.blogspot.com/2012_07_01_archive.html
The action or means of securing; assurance, security. Monday, July 30, 2012. Is an interesting article. It is not about a hack in the 'OMG PWNED LULZ! Tradition. It's about a subtle deception. The 'attackers' - Anonymous most likely but it could have been anybody - spoofed the NY Times website:. The article appeared on a web page built to replicate the Times' popular website, right down to perfectly working links to the rest of the site. Information operations include changing your adversary's perception.
blogg.springflod.se
Intervju med CSO på Nordnet Bank | Springflod blogg: affärsmässig säkerhet
http://blogg.springflod.se/2014/06/13/intervju-cso-nordnet-bank
Stefan Pettersson bloggar om affärsmässig säkerhet för svenska företag. Intervju med CSO på Nordnet Bank. Posted on den 13 juni, 2014. 8221;Ett fo retag ska. Det där kravet är inte att leka med. Nä, vi banker kommer att ha ett ansenligt dokumentationsarbete framför oss. Jag känner till väldigt få banker som är särskilt processorienterade och ännu färre som har dem dokumenterade. 9001-certifieringar är vanliga inom industrin men jag tror inte att vidare många banker är där. Det a r att klara av att balans...
securance.blogspot.com
Securance: Subtlety is Key
http://securance.blogspot.com/2012/07/subtlety-is-key.html
The action or means of securing; assurance, security. Monday, July 30, 2012. Is an interesting article. It is not about a hack in the 'OMG PWNED LULZ! Tradition. It's about a subtle deception. The 'attackers' - Anonymous most likely but it could have been anybody - spoofed the NY Times website:. The article appeared on a web page built to replicate the Times' popular website, right down to perfectly working links to the rest of the site. Information operations include changing your adversary's perception.
securance.blogspot.com
Securance: May 2008
http://securance.blogspot.com/2008_05_01_archive.html
The action or means of securing; assurance, security. Thursday, May 1, 2008. I've always been fascinated by TEMPEST, even before I read Cryptonomicon. Today, Wired has a blog entry. Discussing a recently-declassified NSA paper. Subscribe to: Posts (Atom). A security nerd who likes to write. This blog is a collection of thoughts. Some of these thoughts support a course I teach; none should be construed as to be those of my employer. View my complete profile. Interesting People and Places.
5thsentinel.wordpress.com
My Experience using FAIR for Risk | fifth.sentinel
https://5thsentinel.wordpress.com/2011/09/22/my-experience-using-fair-for-risk
Just another WordPress.com weblog. September 22, 2011. My Experience using FAIR for Risk. Recently I decided to make use of the FAIR. Risk model to document how the threats have dramatically changed over the first 6 months of 2011. Besides always liking the concepts of the FAIR model, I thought the risk assessment paper I had to write would benefit with the focus on Threat Populations/Communities rather than using technology as a driver. Podcast. From some of the discussions on Monte Carlo simulation...
securance.blogspot.com
Securance: Format vs. Wipe
http://securance.blogspot.com/2012/06/format-vs-wipe.html
The action or means of securing; assurance, security. Saturday, June 30, 2012. Format vs. Wipe. I thought that the differences between a drive reformat and a drive wipe were well known, but apparently they are not:. Is the deletion/overwriting of the file table and data structures that allow an operating system to find things (files) on the hard drive. Wiping a drive -. Is the destruction of all data on a drive by writing a pattern of 0's, 1's or both to every sector on that drive. If I were to reformat.
securance.blogspot.com
Securance: The Original OODA Loop
http://securance.blogspot.com/2012/06/original-ooda-loop.html
The action or means of securing; assurance, security. Friday, June 22, 2012. The Original OODA Loop. Subscribe to: Post Comments (Atom). A security nerd who likes to write. This blog is a collection of thoughts. Some of these thoughts support a course I teach; none should be construed as to be those of my employer. View my complete profile. Format vs. Wipe. The Original OODA Loop. Interesting People and Places.
securance.blogspot.com
Securance: June 2012
http://securance.blogspot.com/2012_06_01_archive.html
The action or means of securing; assurance, security. Saturday, June 30, 2012. Format vs. Wipe. I thought that the differences between a drive reformat and a drive wipe were well known, but apparently they are not:. Is the deletion/overwriting of the file table and data structures that allow an operating system to find things (files) on the hard drive. Wiping a drive -. Is the destruction of all data on a drive by writing a pattern of 0's, 1's or both to every sector on that drive. If I were to reformat.
infosecramblings.com
Announcement
http://www.infosecramblings.com/category/announcement
Speaking at RSA: Winchester House Security: Why Enterprise Security Architecture Matters. January 16, 2013. Just a quick note to let you know that I will be speaking at RSA USA 2013 in February. I'm pretty excited about it. The title of my talk is Winchester House Security: Why Enterprise Security Architecture Matters. It's a quick 20 minute exploration of how we manage to end up in a place where:. We don't have a good idea how everything fits together. In some cases, we don't even know what we have.
SOCIAL ENGAGEMENT