Blog Posts Tagged with "Infosec"
March 12, 2012 Added by:J. Oquendo
When "experts" start believing their own hodge-podge of "truths", it spreads like a cancer and ends up in the ears of decision makers. When will security pros stop focusing on marketing in hopes of selling shares of the Brooklyn Bridge and focus on actually securing something?
March 12, 2012 Added by:Infosec Island Admin
It seems that someone is making a full sized driftnet for information on those who would like to sign up as well as discuss the INSCOM Cyber Brigade. On the surface like I said, this looks all well and good, but once you start to poke at it though, you get some strange answers...
March 08, 2012 Added by:Security BSides
We all know how hard it can be to find your voice, or translate data into talking points that won't lose your audience, so we're looking to pair first time conference speakers with a mentor who has a solid track record in public speaking to work with them from CFP to the podium...
March 06, 2012 Added by:Rafal Los
The significance of quality talent can't be overlooked - having a second-rate individual watching your virtual piggy-bank is as good as having none. It's not like there are thousands of ex-con hackers out there looking for work - but I suspect there are more than you think...
March 06, 2012 Added by:Pete Herzog
The enemy is not homogenous. Just like there is not just one foreign language, there is not one type of enemy. Among those enemy attackers, not all think alike. Even those joined together under a common mission or goal, there is often division in how to accomplish that goal...
February 23, 2012 Added by:Security BSides
BSides Austin is an eclectic group of infosec pros gathered to hear awesome talks and have outrageously fun discussions. Our mission is to provide an inclusive, some say quirky, yet open environment for sharing and collaborative discourse on security topics that most interest you...
February 22, 2012 Added by:Wendy Nather
A number of talks at conferences focus on what we are doing wrong. The reason for this is practitioners are afraid to talk about how they're defending themselves for fear that someone will take it as a challenge and de-cyber-pants them before they've even gotten to the Q&A session...
February 22, 2012 Added by:Rafal Los
"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."
February 21, 2012 Added by:Alan Woodward
The fact that we rely upon pseudorandom numbers is a potential problem for IT security. If a machine is using a known algorithm to generate a number that your system then treats as random, what is to stop an attacker from calculating that same number if he knows your algorithm...
February 20, 2012 Added by:Dave Shackleford
The “long tail” concept illustrates the subtle, often overlooked 20% market that tends to be more niche. We need those organizations that are desperate to find unusual solutions that are not available at all right now. And we need small startups to provide them...
February 17, 2012 Added by:Joshua Lochner
It seems like certifications have always been a source of contention for IT professionals. What are “The Right” certifications to get? Are they needed? Which ones would someone reap the most benefit from? Who cares?
February 16, 2012 Added by:Thomas Fox
Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...
February 15, 2012 Added by:Wendy Nather
Security predictions can be a great way of starting conversations if you look at them the right way. If you look at them the wrong way, they're great for raising a huge chorus of "Nuh-UH!" or even "You're kidding, right? Call the coroner..."
February 15, 2012 Added by:Jack Daniel
What is the point of telling you I was compromised by spear phishing, SQL injection, cross site scripting, cross site request forgery, default credentials, or anything else we’ve know about for years? If you are ignoring all of the well-known risks, it is a waste of time...
February 14, 2012 Added by:Ben Rothke
Information security is an overwhelming body of knowledge, and for many it can indeed be a far too tremendous body of text to attempt to cover. To that effort this book is an invaluable resource as it covers the key areas without getting bogged down in the minutia...
February 14, 2012 Added by:Rafal Los
Most people don't get prosecuted or charged for distributing or re-tweeting a link to an Anonymous pastebin dump. Where is the line drawn then, and why are some incidents bigger than others? The question ultimately goes to the contents of the cache of information...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015