Best Practices for the Lulz

by adam on February 21, 2011

The New School blog will shortly be publishing a stunning expose of Anonymous, and before we do, we’re looking for security advice we should follow to ensure our cloud-hosted blog platform isn’t pwned out the wazoo. So, where’s the checklist (…)

Read the rest of this entry »

Is Norton Cybercrime Index just ‘Security Metrics Theater’?

by Russell on February 17, 2011

Symantec’s new Norton Cybercrime Index looks like it is mostly a marketing tool. They present it as though there is solid science, data, and methods behind it, but an initial analysis shows that this is probably not the case. The only way to have confidence in this is if Symantec opens up about their algorthms and data.

SIRA Meeting Today at Noon EST! >> RICH MOGULL <<

by alex on February 10, 2011

HEY Y’ALL @securosis’ own @rmogull for today’s “al desco” SIRA meeting.  Details, details: SIRA’s February monthly online meeting is TODAY; February 10th from 12-1 PM EST. We are excited to have Mr. Rich Mogull from Securosis talk to us with (…)

Read the rest of this entry »

Would a CISO benefit from an MBA education?

by Russell on February 9, 2011

If a CISO is expected to be an executive officer (esp. for a large, complex technology- or information-centered organization), then he/she will need the MBA-level knowledge and skill. MBA is one path to getting those skills, at least if you are thoughtful and selective about the school you choose. Other paths are available, so it’s not just about an MBA credential.

Otherwise, if a CISO is essentially the Most Senior Information Security Manager, then MBA education wouldn’t be of much value.

Infosec’s Flu

by adam on February 4, 2011

In “Close Look at a Flu Outbreak Upends Some Common Wisdom,” Nicholas Bakalar writes: If you or your child came down with influenza during the H1N1, or swine flu, outbreak in 2009, it may not have happened the way you (…)

Read the rest of this entry »

Dark Reading Virtual Event & Evidence-Based Risk Management

by alex on February 3, 2011

Hey, I know it’s late notice, but I’ll be speaking at 10:30 EST today on EBRM and the Verizon DBIR: https://www.techwebonlineevents.com/ars/eventregistration.do?mode=eventreg&F=1002809&K=CAA1BC&tab=agenda Alex

Self Promotion: A Little Interview about Alex @ RSA

by alex on February 1, 2011

Self Promotion time, sorry for the spam, but I think the stuff I’ll be participating in at RSA is pretty NewSchool.  Here’s an interview that talks about both of the things I’ll be doing and you can see if they’ll (…)

Read the rest of this entry »