One of the aphorisms used in security is, “We have to be right all of the time, and the bad guys only have to be right once.” While this may or may not be 100 percent accurate, it is a pretty good policy to go by when you’re building a security program. With over 325,000…
DetailsBayes’ Theorem essentially measures the degree of belief, or certainty in something. The Cybersecurity industry has been challenged with the idea of sensitivity and specificity for quite some time. In computer science this can be codified via binary classification (decision trees, Bayesian networks, support vector machines, neural networks). Many industry Cybersecurity solutions will be relegated…
DetailsDistributed Denial of Service (DDoS) attacks are very inefficient but very effective. Auditors are careful to be sure their findings are accurate so that they are not accused of being unfair to their subjects and so they maintain their reputation for impartiality. Spammers expect a small number of hits for the millions of messages they…
DetailsJust for fun, I decided to count how many unsolicited emails I got in a 24 hour period offering to either fix my security problems, fix my network problems, fix my management problems, fix my compliance problems or train me to do all of the above. Most of them required me to either attend a…
DetailsSo you want to know what the secret to success is. First, you need to change the way you look at and ask the question. Instead of wondering what the secret to success is, you should be questioning what the secret to YOUR success is. Spoiler alert: The answer is in the last little bit.…
DetailsIf you have ever sat through an orchestral concert, you would hear the first chair oboe playing a single note for the rest of the fellow orchestral players to latch onto and begin the process of fine tuning. At first, it is a single A440 resonating on stage, followed section by section, strings, brass, percussion, until…
DetailsAs a security professional, I have an ongoing love/hate relationship with privacy. I have always been the person supporting privacy policies at the University, I even have Privacy as one of my seven pillars of a security program. I have to say that sometimes I feel that I care more about my customer’s (what do…
DetailsIt’s no secret that I love Las Vegas and all it has to offer including gambling. To me, this is a natural affection due to what I do in my day-to-day life. Isn’t that what we as IT Security professionals do every day, gamble? But instead of gambling with our own money or chips, we…
DetailsIn the first two parts in my series, a “Path to a Career in Cyber” and a “Path to a Career in Cyber Part and Then Some,” I explained how I got into IT and found my passion which is Cyber Security. I also discussed how I built my lab in my garage and how I…
DetailsPart one in the series Path to a Career in Cyber can be read here In my first article “Path to a Career in Cyber” I explained how I got into IT and found my passion which is Cyber Security. I discussed how I built my lab in my garage and how I used it to learn about…
DetailsIn some cases, hiring a project manager is the most sensible thing you can do. A seemingly can’t miss action that preserves the status quo while getting the organization where it needs to be. But it is a huge mistake. This rant is written with all due respect to project managers everywhere, but read on…
DetailsThe only thing worse than being blind is having sight but no vision – Helen Keller According to a newly released report, 54% of security professionals said they were under more pressure in 2014 than the previous year. 61% said the pressure came from the board, corporate owners, or C-level executives – up by 50…
Details