Millennials prove that tech savviness does not always equal security awareness

Millennials prove that tech savviness does not always equal security awareness

Bleeping Computer has published an article all about how millennials are more likely to be a victim of phishing and online scams than Baby Boomers (a.k.a. old people). I am taking this story with a few grains of salt because they gathered the data via a survey (in other words, there’s no hard data). But …

Read More Read More

Libertarian views and red herrings and people who should know better

Libertarian views and red herrings and people who should know better

Before you start reading this post, please make sure you don’t stop at the first two paragraphs. I am dredging up an old issue from early 2016, but it is relevant to some recent news. I have a fairly libertarian viewpoint on the world. So whenever I hear about a government asking for cooperation from …

Read More Read More

My opinion of my first Gartner event in my 23+ year long career

My opinion of my first Gartner event in my 23+ year long career

I’m sitting here in the beautiful Gaylord National Resort and Convention Center in Washington D.C., nice and comfortable as I look out over the cool little “town” they built inside this gargantuan building. While I enjoy the artificial scenery, I am also thinking about the week I just spent at the Gartner Security and Risk …

Read More Read More

Giving Grammy security advice

Giving Grammy security advice

So Grammy got a computer. No, not my Grammy. Just some random Grammy out there got a computer. How do I know? Because someone who set up her computer wanted their family to know that Grammy got a computer and now could get emails. So that person sent out an email to “Mom” and a …

Read More Read More

An Information Security Place Podcast – The HouSecCon 2013 Episode

An Information Security Place Podcast – The HouSecCon 2013 Episode

Quick show this time. Jim, Dan, and Michael are all at HouSecCon 2013 in Houston, TX on October 18. They found a quiet room away from all the conference noise and recorded a fast podcast. Jim and Dan talk about their talks, and Michael talks about the fun and stress of being the HouSecCon organizer. …

Read More Read More

New talk – The Solution vs The Silver Bullet

New talk – The Solution vs The Silver Bullet

I have developed a new presentation that I gave for the first time yesterday at the Texas Technology Summit in Houston. The title and synopsis are below. Title: The Solution vs The Silver Bullet (or InfoSec Industry != InfoSec Practice) Synopsis: The information security industry and information security practice are two concepts that should not …

Read More Read More

Innovation Sandbox at RSA – a Lesson in Security AND Oratory Skills

Innovation Sandbox at RSA – a Lesson in Security AND Oratory Skills

While attending the 2013 RSA Conference last week, I took a chance and attended the presentations in the Innovation Sandbox Showdown. If you haven’t been to these or aren’t familiar with them, this is where security startups show their wares to a panel of venture capitalists and infosec experts for the title of “Most Innovative”. …

Read More Read More

An Information Security Place Podcast – Episode 04 for 2012

An Information Security Place Podcast – Episode 04 for 2012

Holy crap, we recorded an episode. That’s all I got to say about that… Show Notes: InfoSec News Update – Howard Schmidt is Retiring – Link Here Vulnerability Stats of Publicly Traded Companies – Link Here Tool Update – Threadfix from Denim Group – Link Here The Mission Impossible Self-Destructing SATA SSD Drive – Link …

Read More Read More

An Information Security Place Podcast – Episode 03 for 2012

An Information Security Place Podcast – Episode 03 for 2012

Today’s show is Michael interviewing Kevin Riggins. Kevin is an Enterprise Security Architect for a Fortune 500 financial services company. Kevin and Michael have some great conversation about Kevin’s job, what he is doing at RSA, where he blogs, the book he coauthored, etc. (look below in the show notes for links to everything). Then …

Read More Read More

An Information Security Place Podcast – Episode 02 for 2012

An Information Security Place Podcast – Episode 02 for 2012

Thanks go to Jeremiah Grossman for sitting down with Michael for some great discussion. Jeremiah is the CTO at Whitehat Security and a very well known figure in the InfoSec industry. Jeremiah and Michael talk about Hawaii, sharks, security philosophy, RSA, stage fright, Jeremiah’s TED talk (not published as of the posting of this entry), …

Read More Read More

Security Lesson from A Mouse Story

Security Lesson from A Mouse Story

I was going through some old blog posts, and one I found contained the following story: Mouse Story A mouse looked through the crack in the wall to see the farmer and his wife open a package. “What food might this contain?” The mouse wondered – he was devastated to discover it was a mousetrap. …

Read More Read More

An Information Security Place Podcast – Episode 01 for 2012

An Information Security Place Podcast – Episode 01 for 2012

Wow! 6 Months…and 2 job changes later, we are finally back to recording! YEAH!….Here the latest show from our intrepid hosts. Show Notes: InfoSec News Update – The Hacker News Hacking Awards : Best of Year 2011 – Link Here Japan’s Anti-Virus Virus – Link Here Nginx (pronunciation: “engine-ex”) becomes #2 web server Saudi hackers …

Read More Read More

Be an InfoSec Berean

Be an InfoSec Berean

In the Bible (no, this is not a sermon – yes, this is InfoSec relevant), there was this group that Paul ran into called the Berean Jews. (Acts 17:10-15 if you want to look it up). These Bereans were shown in the scriptures to be diligent people who checked the facts. Verse 11 says: Now the …

Read More Read More

Bitnami