Tag Archive for 'Security Models'

For Blog/Twitter Conversation: Can You Defend “GRC”?

Longtime readers know that I’m not the biggest fan of GRC as it is “practiced” today.  I believe G & C are subservient to risk management. So let me offer you this statement to chew on:

“A metric for Governance is only useful inasmuch as it describes an ability to manage risk”

True or False, why, and what are the implications if true or false.

Please discuss.

#newschoolsecurity

Mortman/Hutton Security-BSides & Black Hat Presentation Available

Hey y’all, happy Monday morning.   I’ve put Dave & my presentation for Security BSides up on slideshare:

http://www.slideshare.net/alexhutton/mortmanhutton-security-bsides-presentation

Also note that this includes the Black Hat presentation we gave on the Mortman/Hutton Vulnerability/Exploit model.  I hope you will enjoy!

PS – There’s probably audio available for the preso on the BSides site somewhere if you’re really interested.