Blog Posts Tagged with "Infosec"


The Emperor's Advanced Persistent Clothing

March 12, 2012 Added by:J. Oquendo

When "experts" start believing their own hodge-podge of "truths", it spreads like a cancer and ends up in the ears of decision makers. When will security pros stop focusing on marketing in hopes of selling shares of the Brooklyn Bridge and focus on actually securing something?

Comments  (3)


You’ve Been Phished Without an Email or a PDF

March 12, 2012 Added by:Infosec Island Admin

It seems that someone is making a full sized driftnet for information on those who would like to sign up as well as discuss the INSCOM Cyber Brigade. On the surface like I said, this looks all well and good, but once you start to poke at it though, you get some strange answers...

Comments  (16)


The Security BSides Las Vegas Mentorship Program

March 08, 2012 Added by:Security BSides

We all know how hard it can be to find your voice, or translate data into talking points that won't lose your audience, so we're looking to pair first time conference speakers with a mentor who has a solid track record in public speaking to work with them from CFP to the podium...

Comments  (0)


Doing Biz with Hackers: Do Bad Guys Make the Best Good Guys?

March 06, 2012 Added by:Rafal Los

The significance of quality talent can't be overlooked - having a second-rate individual watching your virtual piggy-bank is as good as having none. It's not like there are thousands of ex-con hackers out there looking for work - but I suspect there are more than you think...

Comments  (3)


What They Don't Teach You in "Thinking Like the Enemy" Classes

March 06, 2012 Added by:Pete Herzog

The enemy is not homogenous. Just like there is not just one foreign language, there is not one type of enemy. Among those enemy attackers, not all think alike. Even those joined together under a common mission or goal, there is often division in how to accomplish that goal...

Comments  (2)


Security BSides Austin 2012: Keeping Security Weird

February 23, 2012 Added by:Security BSides

BSides Austin is an eclectic group of infosec pros gathered to hear awesome talks and have outrageously fun discussions. Our mission is to provide an inclusive, some say quirky, yet open environment for sharing and collaborative discourse on security topics that most interest you...

Comments  (0)


Security: UR Doin It Rong

February 22, 2012 Added by:Wendy Nather

A number of talks at conferences focus on what we are doing wrong. The reason for this is practitioners are afraid to talk about how they're defending themselves for fear that someone will take it as a challenge and de-cyber-pants them before they've even gotten to the Q&A session...

Comments  (3)


The CISO as a Capable Catalyst

February 22, 2012 Added by:Rafal Los

"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."

Comments  (2)


Algorithms: When is Random Really Random?

February 21, 2012 Added by:Alan Woodward

The fact that we rely upon pseudorandom numbers is a potential problem for IT security. If a machine is using a known algorithm to generate a number that your system then treats as random, what is to stop an attacker from calculating that same number if he knows your algorithm...

Comments  (0)


Infosec: Where is Our “Long Tail”?

February 20, 2012 Added by:Dave Shackleford

The “long tail” concept illustrates the subtle, often overlooked 20% market that tends to be more niche. We need those organizations that are desperate to find unusual solutions that are not available at all right now. And we need small startups to provide them...

Comments  (2)


The Differences Between Security Certifications

February 17, 2012 Added by:Joshua Lochner

It seems like certifications have always been a source of contention for IT professionals. What are “The Right” certifications to get? Are they needed? Which ones would someone reap the most benefit from? Who cares?

Comments  (0)


Creating Sustainable Compliance Performance

February 16, 2012 Added by:Thomas Fox

Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...

Comments  (0)


Remember, Security Predictions Make...

February 15, 2012 Added by:Wendy Nather

Security predictions can be a great way of starting conversations if you look at them the right way. If you look at them the wrong way, they're great for raising a huge chorus of "Nuh-UH!" or even "You're kidding, right? Call the coroner..."

Comments  (0)


Disclosures: How Much Sharing is Too Much?

February 15, 2012 Added by:Jack Daniel

What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...

Comments  (0)


The Fundamentals of Infosec in Theory and Practice

February 14, 2012 Added by:Ben Rothke

Information security is an overwhelming body of knowledge, and for many it can indeed be a far too tremendous body of text to attempt to cover. To that effort this book is an invaluable resource as it covers the key areas without getting bogged down in the minutia...

Comments  (0)


Difference Between Spreading Information and Enabling Crime

February 14, 2012 Added by:Rafal Los

Most people don't get prosecuted or charged for distributing or re-tweeting a link to an Anonymous pastebin dump. Where is the line drawn then, and why are some incidents bigger than others? The question ultimately goes to the contents of the cache of information...

Comments  (2)

Page « < 9 - 10 - 11 - 12 - 13 > »