Being an InfoSec Professional / Cybersecurity

The Engineers get busy: the Spectre/Meltdown patch roller coaster

The aspect of the latest Spectre/Meltdown vulnerability that interests me is not how wide-spread it might be.  Not that it is down below the OS level.  And while I am thankful I cannot find reports of it being exploited in the wild, not even that is what really interests me (though I am of course … Continue reading

Being an InfoSec Professional / Breach announcements / Cybersecurity

A recent REALLY BIG breach: reporting relationships and college degrees

We are somehow hearing about what the Equifax CISO studied in college and not about when the firm’s last pen test was.    We are hearing about how heads rolled at Equifax but not if the reporting relationship between IT and Security has been revised.  Since the interim CISO seems to be reporting to the interim … Continue reading