BSides LV 2012 tickets sold out in under 30 hours last week. I have acquired five tickets to give away. More details later, but the tickets will go to the person or people who have the best story of how they applied the principles of the New School in a real life situation. Start planning [...]
Last week at RSA, I was talking to some folks who have reasons to deeply understand a big and publicly discussed breach. I asked them why we didn’t know more about the breach, given that they’d been fairly publicly named and shamed. The story seems to be that after the initial (legal-department-driven) clampdown on talking, [...]
Our sincere congratulations to all the winners of the Social Security Blogger awards.
So it’s early Sunday AM, and I’m getting my RSA Schedule together finally. So here’s what I’m looking forward to this week, leave us stuff in the comments if you’ve identified other cool stuff: =============== Monday: 8 freaking AM – I’m talking with Rich Mogull of @securosis about Risk Management. Fun! Monday is also Metricon, [...]
I’ve noticed a couple of times lately that as people discuss talking about security incidents, they don’t only default to the idea of anonymization, they often insert an “of course” after it. But today I want to talk about the phrase “anonymized, of course”, what it means, why people might say it, and how members [...]
Would be interested in readers thoughts on Ian G’s post here: https://financialcryptography.com/mt/archives/001357.html
I got an email from my friend John Johnson who is doing a survey about metrics. If you have some time, please respond… ———————————————————————————————————————————————— I am seeking feedback from others who may have experience developing and presenting security metrics to various stakeholders at their organization. I have a number of questions I’ve thought of, and [...]
Via Nathan Yau’s awesome Flowing Data blog.
Steve Bellovin has a good deal of very useful analysis and context about “an experiment that showed that the avian flu strain A(H5N1) could be changed to permit direct ferret-to-ferret spread. While the problem the government is trying to solve is obvious, it’s far from clear that suppression is the right answer, especially in this [...]
I want to call attention to a new, important and short article by Jay Jacobs. This article is a call to action to break the reliance on unvalidated expert opinions by raising awareness of our decision environment and the development of context-specific feedback loops. Everyone in the New School is a fan of feedback loops [...]