Being an InfoSec Professional / Breach announcements / Cybersecurity

A recent REALLY BIG breach: reporting relationships and college degrees

We are somehow hearing about what the Equifax CISO studied in college and not about when the firm’s last pen test was.    We are hearing about how heads rolled at Equifax but not if the reporting relationship between IT and Security has been revised.  Since the interim CISO seems to be reporting to the interim … Continue reading

Being an InfoSec Professional / Cybersecurity / Privacy

Awareness training always has an attitude

A lot depends on why you think you’re training people.  That motivation comes through in the attitude.  And that attitude has a lot to do with how successful the training is.  By my estimate, there are any number of nuanced attitudes but they more or less gravitate to one of three motives: We’re training you … Continue reading

Depends what you mean by “guest” and other musings about WiFi
Being an InfoSec Professional / Cybersecurity

Depends what you mean by “guest” and other musings about WiFi

This is not primarily about the security of attaching to a wireless access point (WAP).   But since communication is a two way affair, let’s start with the endpoints and get them out of the way: You are more likely to have your purse snatched at a train station than in your living room.  And the … Continue reading