d.strom, cissp, gsec, gsna on January 27th, 2010

President Ronald Reagan said, “Trust, but verify.” I used to hold fast to that, but recently have learned that you cannot, nor should you, always verify. Trust is a critical foundational element of life, government and information security. Things would be different if trust was non-existant… Husbands and wives would always be paranoid. Negotiations between [...]

Continue reading about Why Trust is Important

d.strom, cissp, gsec, gsna on September 4th, 2009

We currently have two dogs and usually have multiple cats. We’ve had snakes, lizards, fish, birds, hedgehogs and other critters as pets in the past. So it was with great interest that I listened to the advertisement on the radio encouraging pet owners to take their pet to the veterinarian and have a semi-yearly risk [...]

Continue reading about Pets, Vets and InfoSec

d.strom, cissp, gsec, gsna on August 28th, 2009

“Backups are the disaster recover plan!”, he emphatically said. And so began the conversation… Of course, backups are a part of the disaster recovery, but not the complete plan. Just last night I found out about a local business whose server crashed. They had been dutifully performing backups. The backup subsystem reported that backups had [...]

Continue reading about InfoSec Tip: Are Your Backups Usable?

d.strom, cissp, gsec, gsna on August 21st, 2009

Do yourself a favor. Go grab your wallet. I’ll wait for you to get back… . .. … Now, pull all your credit cards out. Grab your debit cards, also. Look at them closely. Can you identify where each one of them has been used? Have you ever used your debit card for on-line transactions? [...]

Continue reading about InfoSec Tip: 5 Ways to Protect Your Credit/Debit Card

d.strom, cissp, gsec, gsna on June 25th, 2009

I don’t know if your memory is like mine, but sometimes I cannot remember what happened last week. Do you remember each and every information security exposure that is found? Several years ago I started keeping a Risk Register. This is very similar to the checkbook register that we all keep. When I find a [...]

Continue reading about InfoSec Tip: Create A Risk Register