Secret Stash: responses to DoC/NIST ‘Cybersecurity and Innovation in the Internet Economy’ Notice of Inquiry

by Russell on September 30, 2010

There seems to be no notification that these files are publicly available and no web page listing all the submissions. Therefore, unless you know they are there, you won’t find them. But you can find them all through Google using this search string “NOI site:”

Airplane Crashes Fall Because Experts Pontificate

by adam on September 30, 2010

The New York Times has a story, “Fatal Crashes of Airplanes Decline 65% Over 10 Years:” …part of the explanation certainly lies in the payoff from sustained efforts by American and many foreign airlines to identify and eliminate small problems (…)

Read the rest of this entry »

Book review: “The Human Contribution”

by adam on September 23, 2010

James Reason’s entire career was full of mistakes. Most of them were other people’s. And while we all feel that way, in his case, it was really true. As a professor of psychology, he made a career of studying human (…)

Read the rest of this entry »

Fair Warning: I haven’t read this report, but…

by adam on September 17, 2010

@pogowasright pointed to “HOW many patient privacy breaches per month?:” As regular readers know, I tend to avoid blogging about commercial products and am leery about reporting results from studies that might be self-serving, but a new paper from FairWarning (…)

Read the rest of this entry »

ATTENTION: Securosis 2010 Data Security Survey results

by alex on September 15, 2010

The Securosis 2010 Data Security Survey results are out! Go, go and be NewSchool!  Seriously, don’t spend anymore time here, click the link!

Don’t fight the zeitgeist, CRISC Edition

by Chandler on September 14, 2010

Some guy recently posted a strangely self-defeating link/troll/flame in an attempt to (I think) argue with Alex and/or myself regarding the relevance or lack thereof of ISACA’s CRISC certification.  Now given that I think he might have been doing it (…)

Read the rest of this entry »

Dear CloudTards: “Securing” The Cloud isn’t the problem…

by alex on September 14, 2010

@GeorgeResse pointed out this article from @DavidLinthicum today.  And from a Cloud advocate point of view I like four of the assertions.  But his point about Cloud Security is off: “While many are pushing back on cloud computing due (…)

Read the rest of this entry »

Michael Healey: Pay Attention (Piling On)

by alex on September 12, 2010

Richard Bejtlich has a post responding to an InformationWeek article written by Michael Healey, ostensibly about end user security.  Richard  upbraids Michael for writing the following: Too many IT teams think of security as their trump card to stop any (…)

Read the rest of this entry »

Friday WTF?

by alex on September 10, 2010

CSO Online has an article based on an unlinked Forrester study that claims: The survey of 2,803 IT decision-makers worldwide found improving business continuity and disaster recovery capabilities is the number one priority for small and medium businesses and the (…)

Read the rest of this entry »

SOIRA Presentation/Meeting TOMORROW, 10:30 EST!

by alex on September 8, 2010

Hey everyone! Pete Lindstrom will be giving us his “Risk 2.0” presentation tomorrow via webex at 10:30 EST. I’ve seen the deck, and it will be a great preso. Topic: Risk Analysis Date: Thursday, September 9, 2010 Time: 10:30 am, (…)

Read the rest of this entry »