OPM Breach: Why Doing the Basics is Not Easy
The recent Office of Personnel Management (OPM) breach may be the largest breach of Federal records ever. With the resignation of OPM Director Katherine Archuleta over the compromise of the newly…
DetailsAre We Painting Ourselves into a Technological Corner? The NYSE, United Airlines and WSJ Tech Glitches
It was a bad day for the Internet. At some time that morning, the New York Stock Exchange (NYSE) shut down, the Wall Street Journal (WSJ) web site broke and the United Airlines…
DetailsAfterthoughts: Big Data and Us Little People
The original series was written in a frenzy. Aggregating is the inverse of broadcasting. Aggregation is biased towards anonymity. Being the subject of a data point is a matter of…
DetailsLawyers Gone Wild – Document Preservation Requests Are Out of Control
I don’t know how many of the readers out there have gotten to deal with the joy of document preservation, but let me tell you, it is not a lot…
DetailsThe Most Important Element of Information Security Success
As a CISO, I am often asked, “What is the key component to the success of an Information Security organization?” Too often, we dwell on the failures or gaps, and…
DetailsHow to Turn 4 Million Into 18 Million
The story about the Office of Personnel Management getting hacked this week was, unfortunately, not a big surprise to anyone in the security world. How it got hacked, by phishing,…
DetailsA CISO Checklist – 11 Tips to Get Ready for Your Much Needed Vacation
Do you know how Merriam-Webster defines vacation? Believe it or not – this is what it says: – A period of time that a person spends away from home, school, or…
DetailsThe 20 Critical Controls – A Practical Security Strategy – Part 2
In my last article, I talked about using the 20 Critical Controls as a practical security strategy. I showed how the controls map to a wide variety of international and…
DetailsWhy Did the Chicken Cross the Road? And Wearable Devices
Why did the chicken cross the road? To add 200 more steps to his daily wearable device count! But did the chicken ever stop to think about the impact to his…
DetailsLessons from the Sony Hack
The recent Sony breach attributed to North Korea is only the latest in a series of Sony hacks that trace back to 2005. Most news stories point to the recent…
DetailsCompliance Beyond Black and White
It’s now commonplace to read that security means more than checking off boxes on a compliance checklist. A robust approach to security includes trying to fill the gaps between the…
Details