BLOG

Today I enjoyed the opportunity to be one of the instructors in a ASIS CPP certification program. My topic was information security in the face of today’s risks. The big change in computer network defense is today’s axiom, “The attackers are already inside my networks”. Firewalls are important but not valuable without more advanced defense tools and skills. Critical issues are: Locating assets Defining what’s normal, setting off an alarm when threats are detected Preparing

We all receive waves of unsolicited (and downright yucky) emails coming in from time to time… yet few of us can give up online activity. Sometimes it just gets unbearable; I remember the day that I got 600 spam emails! Here are some spam-fighting ideas. Most of these ideas don’t cost much — whether you use them or not. Use a bunch of email addresses. It’s pretty cheap to get a domain, park it with an

There’s nothing that can get your attention like an immediate death threat. Sometimes they seem random, like that aircraft crash that is moments away. Others are really personal like a guy with a gun pointed at you. Having survived these and a few others I feel qualified to say I know how it feels. Threat assessment is the process of jumping into the middle of a threat situation and estimating the probability of different outcomes.

You have your gold in a safe; your birth certificate is in the bank. Where is your company’s online identity? What if someone steals your internet domain for a porn site? A friend of mine had invested in a very neat one-word domain that he expected to become really, really valuable. One day his web site was gone. It had been stolen by a crook in Hong Kong who told the domain registrar that he

The sweep that we completed a while back in a medical office found a vulnerability that exposed ALL PATIENT RECORDS. We checked for the usual hidden microphones; all that was discovered was a cordless phone vulnerability. While working in the area we couldn’t help but notice a zillion patient records that were in an unlocked area. This risk was highlighted by a cleaner who arrived while we were working. Later, asking the client who the

It works like this: you get a warning message about bad things on your system it includes a link to a web site for unlocking your computer you are given a secret unlock procedure (that may do more harm than good) This scheme, called ransomware is another way to make money from all of us folks who have computers. We dealt with this in a local bank. The really great lesson here is that the