“Towards Better Usability, Security and Privacy of Information Technology”

by adam on November 30, 2010

“Towards Better Usability, Security and Privacy of Information Technology” is a great survey of the state of usable security and privacy: Usability has emerged as a significant issue in ensuring the security and privacy of computer systems. More-usable security can (…)

Read the rest of this entry »

What is Information Security: New School Primer

by alex on November 28, 2010

Recently, I’ve heard some bits and pieces about how Information Security (InfoSec) can be “threat-centric” or “vulnerability-centric”.  This stuck me funny for a number of reasons, mainly  it showed a basic bias towards what InfoSec *is*.  And to me, InfoSec (…)

Read the rest of this entry »

Mark Your Calendar for Monday: Dark Reading Twitterview!

by alex on November 23, 2010

Hey y’all, Please think about getting on twitter and joining Dark Reading on Mon., Nov. 29@2:30pm ET for a twitterview ME!  (Verizon’s @alexhutton). The hashtag you wanna use and track is: #VerizonDR

Happy Birthday, Stan

by alex on November 21, 2010

“baseball’s rich in wonderful statistics, but it’s hard to find one more beautiful than Stan Musial’s hitting record.” – George Will “When you first hear about this guy, you say, ‘it can’t be true.’ When you first meet him you (…)

Read the rest of this entry »

Games and The New School

by adam on November 18, 2010

On my work (“Microsoft Security Development Lifecycle”) blog, I’ve posted “Make Your Own Game! (My BlueHat lightning talk).”

Visualization for Gunnar’s “Heartland Revisited”

by alex on November 16, 2010

You may have heard me say in the past that one of the more interesting aspects of security breaches, for me at least, is the concept of reputation damage.  Maybe that’s because I heard so many sales tactics tied to (…)

Read the rest of this entry »

VERIS Community Incident Reporting

by alex on November 11, 2010

PEOPLE OF EARTH – The VERIS Community Application is out: Announcement here:  http://bit.ly/cDAUhy  Website here:  http://bit.ly/9dZwEJ  From Wade’s announcement: If the VERIS framework describes what information should be shared, the VERIS application provides how to actually share it. Anyone wishing to classify (…)

Read the rest of this entry »

Flaw Of Averages – Society of Information Risk Analysts Meeting

by alex on November 9, 2010

Another friendly reminder: Alexander Hutton invites you to attend this online meeting. Topic: RISK ANALYST MEETING Date: Thursday, November 11, 2010 Time: 12:00 pm, Eastern Standard Time (New York, GMT-05:00) Meeting Number: 749 697 377 Meeting Password: riskisswell ——————————————————- To (…)

Read the rest of this entry »

TSA Body Scanning is COMPLETELY SAFE… unless

by alex on November 8, 2010

Body scanners that the TSA is basically encouraging use of by threatening to otherwise grope, fondle, or molest you or your children are basically perfectly safe.  Well, unless you happen to be any one of the following: a woman at (…)

Read the rest of this entry »

SIRA Meeting Thursday – Flaw Of Averages

by alex on November 8, 2010

Hey everyone.  The Society of Information Risk Analysts (SIRA) would like to invite you to our November meeting this Thursday at 12 noon EST. Here’s a link to a meeting invite: http://bit.ly/d7IHn7 This month, we’ll have Sam Savage, author of (…)

Read the rest of this entry »