Political reporters/analysts have taken to using the word “firewall”. To which we as cybersec geeks can only respond “huh”? To be bi-partisan about it, I provide two examples. Writing about the South Carolina Democratic Party primary, CNN says “At the heart of Clinton’s strategy to sew up the Democratic nomination is the notion that minority … Continue reading
Category Archives: Links
Smart stuff other people write.
When “it” talks back
Of the thousands of pages in the Harry Potter books, only one sentence ever really seemed to relate to the on-line world. One of the smarter parents in the series admonishes his daughter: ”Never trust anything that can think for itself if you can’t see where it keeps its brain” And, sure enough, then comes … Continue reading
That’s what I’m talking about
There it was in the Times this morning. A piece by Professor Peter Ludlow of Northwestern University. Dr. Ludlow is right there doing just what this blog tries to do. The professor is far more articulate than I of course. But he’s read Schneier and Hobbes (and no doubt many others) and sees how they … Continue reading
Adequately, revisited
(re: what a “senior-level defense official” said about Mr. Snowden) Those who speak for large entities, governments, corporations, etc., even when they speak anonymously, tend to make some assumptions that most of us cannot make. The first is that they can state the obvious as if it is a tremendous revelation because denying the obvious … Continue reading
The 4th e-state of denial
Corporate web sites getting hacked is news. Corporate news sites getting hacked is news. News sites getting not hacked but going down anyway is…? When NYTIMES.com went down this week for a couple of hours, they felt they needed to provide the proper context for their downtime. The headline of the article they published read … Continue reading
Honest, Mom, lots of kids failed that test
The media are certainly becoming more sophisticated at reporting on data breaches and web site hacks. And as that happens, corporate communications departments are freer to craft ever more sophisticated messages about a breach/hack involving their organization. The new goal is to attempt to describe the organization as just the latest victim of an on-going attack … Continue reading
CISO as consumer
There is no question that a large part of being an Information Security professional is using your judgement to keep your organization secure. And, as with any profession, that means using and evaluating products (once they’re installed, they’re “tools”). Sometimes, you get asked about such things. See the link. http://healthitsecurity.com/2013/02/11/how-a-healthcare-ciso-uses-his-iam-product/ Continue reading
Patient privacy monitoring: where health care IT and Compliance collaborate
Or at least, an area where they really should. Here’s a webinar I presented where I discuss how Health Care Compliance and IT Departments can work towards becoming a full fledged partners. https://fairwarningevents.webex.com/ec0606l/eventcenter/recording/recordAction.do?theAction=poprecord&AT=pb&renewticket=0&isurlact=true&recordID=6114642&apiname=lsr.php&rKey=d8f463f82c5a8c80&format=short&needFilter=false&&SP=EC&rID=6114642&siteurl=fairwarningevents&actappname=ec0606l&actname=%2Feventcenter%2Fframe%2Fg.do&rnd=4743042061&entappname=url0108l&entactname=%2FnbrRecordingURL.do Continue reading
Adequately?
“You keep using that word. I do not think it means what you think it means.” — Inigo Montoya from the movie, The Princess Bride. NASA had a laptop stolen with about 10,000 employee records on it (remember that number 10,000– it comes up below). The laptop was not encrypted. Here is what the NY … Continue reading
Of codes and pigeons
If ever there was a time when I absolutely wished I was more an expert in cryptography, this is it: http://www.nytimes.com/2012/11/24/world/europe/code-found-on-pigeon-baffles-british-cryptographers.html?hp Continue reading
{Cyber Security} 