Information Security

April 15, 2010

The InfoSec Perspective for April 2010

It has been a busy month or so for information security.  Apple has patched a vulnerability that was showcased in a recent hacking contest, Microsoft has […]
May 10, 2010

It’s Time to Re-evaluate Host-based Security

I’ve said it for a few years now, but host-based antivirus is really not working out anymore.  Not with its reliance on signatures to detect malware. […]
July 30, 2010

The State of Data Breaches in 2010

I had a chance to review the 2010 Verizon Data Breach Reporttoday, which I was alerted to by ISC.SANS.ORG.  They’ve put together data from 2004 through 2009, and […]
March 31, 2011

Maintaining Good Security Practices

Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking […]
April 29, 2011

Reactive Security: Feel the pain in 2011+

We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and […]
May 3, 2011

Managing Technology-based Risks

Risks exist. You would think that this is so obvious as to not need saying, but too many people appear to operate as though downplaying or […]
May 31, 2011

Just ask Sony…

Why should you take your organization’s information security posture seriously? Just ask Sony.  It has been estimated that Sony will spend more than $170 million dollars due to […]
June 29, 2011

Effectively Managing Risk

Despite the significant uptick in information security events on display thus far in 2011, and despite the diversity and caliber of organizations that are being breached, […]
October 15, 2011

Guess What? Technology is not easy

It might seem that way because of how ubiquitous it is, but technology is not really easy.  Lots of time has been spent trying to hide […]
October 29, 2011

My Workplace Technology Wish List

It is not every day that one gets an opportunity to put together a wish list of technology solutions that could be used to drive a […]
November 30, 2011

The Privacy and Security Implications of Misusing Technology

If you haven’t already heard of Carrier IQ, you need to do some serious web searching, as they are swiftly becoming the new name in technology misuse […]
March 31, 2012

Managing Your Personal Security

In the past few days, we learned that Global Payments Inc, a middle-man credit checking company, suffered a breach of its systems starting in January of this […]