Tag Archives | security

2012-08 Yellowstone-1395

Don’t Poke the Buffalo

Ranchers know that there’s little that can stop a determined buffalo – barbed wire is at best a suggestion. That’s why taunting or poking one is just a bad idea (the guy in Yellowstone recently was extremely lucky). Malicious actors can be a bit like that too – that’s why I’ve written before that ‘hacking back’ is [...]
Continue Reading
(c) Dreamstime / Mosich.com

How much should you spend on security?

I regularly get asked by new CISOs for information – benchmarks – on how much organizations like theirs should spend on security. That’s a deceptively simple question, and while there’s plenty of surveys that you can reference, none of them provide more than a rough starting point – there’s just too many variables.

Continue Reading
(C) Depositphotos / belchonock

Securing your Dessert

(C) Depositphotos / belchonock I have a joy/frustration relationship with Apple.  Their products are amazing and have changed my life, and at the same time some of their design decisions and choices are user hostile (dongles).  Their software usually just works, but when it doesn’t, well, you get Siri. On one point though, their heart [...]
Continue Reading
untitled shoot-600

Just ask “Why?”

Today we’re constantly asked to make decisions that have security and privacy implications. Most of the time these are individually innocuous, but collectively they present significant risk. All too often, we simply click yes, plug in the cable, share the wifi password, or give up personal information. Instead, before even asking if it’s secure, ask […]

Continue Reading
(c) Depositphotos / Kuzmafoto

Adopting an industrial mindset: Cyber Safety

We’ve always said that there’s two kinds of organizations, those that have been hacked, and those that don’t know they’ve been hacked.  Yet security teams are still having problems getting resources and attention from our business stakeholders, particularly in industrial companies that consider IT and technology a back office problem. Over my career I’ve worked [...]
Continue Reading
2010-07-22 Alaska Day 2-544-1

About

Welcome to a few thoughts on cybersecurity, and some occasional photography. We're becoming immune to the news about the latest data breach, and yet folks don’t change their own security practices.   Often that’s because they don’t know where to start. Other times it’s because they’re focused on hitting the checkboxes for a compliance audit. Cybersecurity [...]
Continue Reading