NewSchool Zombies, Moneyball, & Metrics
Hey! Tomorrow at 1pm ET reg now: @joshcorman & I redux our (in)famous ‘Metrics are Bunk!?’ debate from RSAC 2011: http://bit.ly/i6z1BL
Hey! Tomorrow at 1pm ET reg now: @joshcorman & I redux our (in)famous ‘Metrics are Bunk!?’ debate from RSAC 2011: http://bit.ly/i6z1BL
Not crazy like Sammy-Hagar-has-clearly-abused-his-brain-and-its-giving-him-bad-information-to-come-out-of-his-mouth crazy, but crazy like, there-are-so-many-good-talks-you-can’t-possibly-not-get-value-out-of-the-conference crazy. For example, I’ll be talking twice. Once with Dan Geer and Greg Shannon about Prediction Markets in InfoSec. Then I’ll be giving one of THE FIRST EVER (!) debriefings of the 2011 DBIR (which is going to be crazy like both of the above). I’m [...]
Rob is apparently confused about what risk management means. I tried to leave this as a comment, but apparently there are limitations in commenting. So here go: Rob, Nowhere did I imply you were a bad pen tester. I just said that you should have a salient view of failure in complex systems (which [...]
THURSDAY, THURSDAY, THURSDAY!!!!!!! Hi everyone! SIRA’s March monthly webinar is this Thursday, March 10th from 12-1 PM EST. We are excited to have Mr. Nicholas Percoco, Head of SpiderLabs at Trustwave, talk to us about the 2011 Trustwave Global Security Report. Block off your calendars now! Hello , Alexander Hutton invites you to attend this [...]
Seth Godin asks an excellent question: Is something important because you measure it, or is it measured because it’s important? I find that we tend to measure what we can, rather than working toward being able to measure what we should, in large part because some variation of this question is not asked. I’m going [...]
Symantec’s new Norton Cybercrime Index looks like it is mostly a marketing tool. They present it as though there is solid science, data, and methods behind it, but an initial analysis shows that this is probably not the case. The only way to have confidence in this is if Symantec opens up about their algorthms and data.
HEY Y’ALL @securosis’ own @rmogull for today’s “al desco” SIRA meeting. Details, details: SIRA’s February monthly online meeting is TODAY; February 10th from 12-1 PM EST. We are excited to have Mr. Rich Mogull from Securosis talk to us with a behind-the-scene look at Securosis’ “2010 Data Security Survey”. Block off your calendars now! The [...]
HEY! – At 3pm today Alex (@alexhutton) will be doing an interview over the twitters with Dark Reading’s (@DarkReading) Kelly Jackson Higgins (@kjhiggins). Follow along with the hashtag #verizonDR! We’ll be talking risk, metrics, data, – you know, the new school-y stuff.
Recently, I’ve heard some bits and pieces about how Information Security (InfoSec) can be “threat-centric” or “vulnerability-centric”. This stuck me funny for a number of reasons, mainly it showed a basic bias towards what InfoSec *is*. And to me, InfoSec is too complex to be described as “threat-centric” or “vulnerability-centric” and yet still simple enough [...]
Hey y’all, Please think about getting on twitter and joining Dark Reading on Mon., Nov. 29@2:30pm ET for a twitterview ME! (Verizon’s @alexhutton). The hashtag you wanna use and track is: #VerizonDR