When the alarm went off this morning (4/27/09), the first thing I heard before I got out of bed was the NPR announcer saying, “… the U.S. is being warned to prepare for a Swine Flu epidemic.” I hit the button to shut her off, stumbled to the shower and spent most of the show [...]
If you go to any class dealing with information security, you are bound to hear these discussed. They should be well understood before trying to set up a router, install anti-virus, or establish policies. Yet… why should you care about these? Just like building a house requires that there be a firm foundation, good information [...]
Continue reading about 3 Foundations of InfoSec (and why you should care)
What do the following have in common? – Bank overdraft – Cancer – Automobile brake failure – Cyber-intrusion – Disgruntled employee In each of these situations, early detection of the problem is important. Early detection of cancer increases the chances of recovery. Early detection of a bank overdraft minimizes charges. Early detection of brake failure [...]
I’ve been working lately on appropriate placement of IDS sensors. We don’t have the staff to be able to designate someone as a full-time intrusion analyst. As a result, I am needing to evaluate how we use IDS. Traditionally, we have had a sensor watching all in- and out-bound traffic. More information is generated than [...]
A couple of posts ago, we began the End of Year Cleanup discussion. In that post, I encouraged you to ask the question “Where are we?” with regard to information security within your organization. Now, we must address the question “Where do we want to be? Over the years I’ve had several people express that [...]
