Being an InfoSec Professional / Cybersecurity

The other shoe drops: NIST issues version 1.0 of the Framework for Improving Critical Infrastructure Cybersecurity

Posted on March 2, 2014 by David Sheidlower • 1 Comment

It’s ironic that the new publication from NIST does not have an 800 series numeric designation. Not that it needs to, but here we all are using those numbers as shorthand (e.g., “I took an 800-30 July 2002 approach because revision 1 from 2012 just seemed too complex for the environment”, “We are looking to … Continue reading →

The 4th e-state of denial

Posted on August 18, 2013 by David Sheidlower • 2 Comments

Corporate web sites getting hacked is news. Corporate news sites getting hacked is news. News sites getting not hacked but going down anyway is…? When NYTIMES.com went down this week for a couple of hours, they felt they needed to provide the proper context for their downtime. The headline of the article they published read … Continue reading →

Being an InfoSec Professional / Cybersecurity

Why isn’t this blog more technical

Posted on May 1, 2013 by David Sheidlower • Leave a comment

I am getting a fair amount of questions (which is blogger speak for the more introspective “I keep asking myself”): why isn’t this blog more technical? Why aren’t I persistently advancing threads about advanced persistent threats? Am I intentionally filtering out packet filter discussions? (note to self: do not turn into cyber security’s answer to … Continue reading →

{Cyber Security}

right here- where information security is combined with humanism. By David Sheidlower

Tag Archives: NIST

The other shoe drops: NIST issues version 1.0 of the Framework for Improving Critical Infrastructure Cybersecurity

The 4th e-state of denial

Why isn’t this blog more technical