Obviously one post in 13 months makes ones site implicitly dormant but I thought I would light the fire again and start posting again. Over the past 13 months I have seen my personal life (birth of my daughter) and career (promotion) take up more and more of my time and obviously something had to go... actually lots of things went but blogging was one of the first.
I believe I am at the point now where I would like to begin posting again. I am going to stop trying to chase the latest news stories and give comment... there are already too many excellent blogs written by smart and dedicated people that do a better job than I ever could. Instead, my new posts will focus more on the "pony-tail geek in a pinstripe suit" aspect to information security as I journey from the purely technical side of security over to the more enterprise-view, business-focused side of the house.
I also apologize if there is a flood of feed junk that cycles through... I'm just cleaning out the pipes.
Thanks,
Dan
Saturday, January 9, 2010
Thursday, March 5, 2009
Sometimes your security depends if you read from the bottom up or the top down
I just noticed the following on my portal page and I thought it was funny so of course I'm sharing.
Friday, November 14, 2008
Internet thieves make big money stealing corporate info
Sometimes I'm asked what keeps me up at night as an IT security professional... my answer is almost always "what I don't know." After I allow the confused look on their faces to pass I explain that in the realm of security we put very elaborate and expensive controls in place and then hope they never really get used. More quizzed looks ensue (you can probably tell I have fun with this) before I begin explaining myself.
Antivirus, NIDPS, WAF, NAC, DLP, IP Firewalls, Web Proxies, etc. are all great controls and protect against most known and some unknown attack vectors and for the most part they work. What scares me and keeps me up at night are the -1 day attacks (less than zero) that will pass by all controls. This story in USA Today got me thinking about how easy it is for determined attackers to slip right by all my controls and begin pumping data out of my network. From the article:
Related Articles
Antivirus, NIDPS, WAF, NAC, DLP, IP Firewalls, Web Proxies, etc. are all great controls and protect against most known and some unknown attack vectors and for the most part they work. What scares me and keeps me up at night are the -1 day attacks (less than zero) that will pass by all controls. This story in USA Today got me thinking about how easy it is for determined attackers to slip right by all my controls and begin pumping data out of my network. From the article:
The virus swiftly located — and infected — some 300 other workstation PCs, silently copying the contents of each computer's MyDocuments folder. It transmitted the data across the Internet to a gang of thieves operating out of Turkey.They infected system zero by posting an innocent-looking link on a trusted employee-only message board. Reading articles and hearing horror stories from colleagues about the threats they didn't know about until after the damage was done is what keeps me up at night. The stuff I know about? I have lots of toys for that stuff. :)
Related Articles
- 11 charged with massive ID theft
- Auto Parts Retailer Notifies Customers of Network Breach
- University of Florida discloses patient-record data breach
- The most insidious IT security risk
- A Huge Cache of Stolen Financial Data
- Express Scripts Clients Receive Threats To Release Data
- 5 ways insiders exploit your network
Tuesday, November 11, 2008
SANS lists the "coolest" infosec jobs
I caught this article over at Government Computer News that reported on a SANS Institute survey of the "coolest" information security jobs. Although the article is about the coolest ten public sector information security jobs it does also list the top ten coolest private sector infosec jobs.
With further ado, for your reading pleasure, the ten coolest private sector infosec jobs:
With further ado, for your reading pleasure, the ten coolest private sector infosec jobs:
1. (tie) System, Network, and/or Web penetration testerSince I didn't participate in the survey, and you didn't ask I thought I'd give you my top ten coolest infosec jobs:
1. (tie) Information security crime investigator/forensics expert
3. Forensics analyst
4. Vulnerability researcher
5. Application penetration tester
6. Security architect
7. CISO/ISO or director of security
8. (tie) Incident response, incident handler
8. (tie) Sworn law enforcement officer specializing in information security crime
10. Security evangelist
1. Security architectAs you can tell I am at the crossroads between management and technology. It is my opinion that technical security controls without enterprise architecture and governance is a really good way to throw good money after bad... a topic that I will be visiting in a post in the near view.
2. Penetration tester (I don't differentiate between applications, networks, and systems)
3. (tie) Security analyst
3. (tie) Security evangelist
5. CISO or director of security
6. (tie) Vulnerability researcher
6. (tie) Forensic expert
8. Network security engineer
9. Vulnerability assessment analyst
10. Security auditor
Monday, November 10, 2008
PING?
PONG!I've been gone for a little while... over two months to be exact. TO say that I have been incredibly busy and distracted over the past two months would be an understatement. I've been busy with my HOA duties, building a nursery, and a work schedule that had me busy from dawn to dusk and completely wiped out by the time I would normally start writing. I have had to mark about 2,500 emails as read (sorry if your email got caught in the wash) and pretty much have disappeared from my digital life.
I am going to attempt to dip my toe back into the tidal pool of infosec blogging (and the rest of my digital life) over the next few weeks. The past two months has placed me elbow-deep in project management, enterprise architecture & strategy, as well as the day-to-day tactical obligations of my job. I will try to start writing some original posts regarding my thoughts and lessons learned in the areas of enterprise security architecture, security project management, budgeting for security, the difficulty in designing NAC and DLP solutions in an enormous and diverse environment... but for now I will say "welcome back" to myself and I look forward to writing again.
Subscribe to:
Posts (Atom)