Category: best practices

Time to end the cloud-o-phobia

Sorry, but I felt no need to purchase a monocle so I could have it pop out of my eye in horror/dismay/astonishment when I read…

Continue Reading

Security risks from domain typo squatters

One of the ways that hackers get users to click on malicious links or believe false emails is to use domains that look like, but…

Continue Reading

Even with security flaws, you should be using a password manager

Yesterday, the Washington Post ran an article about some important security research on password managers, describing a number of serious vulnerabilities in some of the…

Continue Reading

What does your password say about you?

Using what we security experts call “crappy passwords” can be the first step in a journey to identity theft and all of its attendant miseries. …

Continue Reading

Insiders on the outside

Homeland Security Magazine has a very interesting case study on an insider threat case involving DirecTV.  In this case, the insider was a sort-of third…

Continue Reading

Leaky buckets and acquisition best practices

There are three interesting things for CSOs to think about in this story on a leak of passport and other personal information on tens of…

Continue Reading

Great DerbyCon talk on hunting for the bad guys

It sometimes seems to me that a lack of data is not the issue when patrolling your networks for signs of evil badness… it is…

Continue Reading

The Practitioner’s Perspective on Cybersecurity – June 2015

On June 16th, 2015, I was privileged to participate in a panel entitled “The Practitioner’s Perspective on Cybersecurity” at the SmartBrief Cybersecurity forum, held at the…

Continue Reading

no, it’s not the end user’s fault

According to a survey released by endpoint security solution vendor Bromium, 79 percent of surveyed information security professionals view end users as their “number 1…

Continue Reading

quick and dirty malware analysis

There are a number of web based tools that allow you to safely analyze the behavior of potentially malicious files safely.  My personal favorite is…

Continue Reading