Journey of learning in InfoSec
This is part 1 of a four-part series. We’ll introduce the CIA concept overall here in the first of the series. Then cover each component more in-depth in subsequent posts One of the most critical concepts for security professionals is the CIA (confidentiality, integrity, availability) triad. It is at the core of everything we do, …
Continue reading “Introduction to the CIA Triad for Security Professionals”
I was a GRC (Governance, Risk, and Compliance) person first and now I am a CISO (Chief Information Security Officer). It was 20 years ago, thereabouts, and I knew I wanted a change. I’d abandoned my goal of a career that I’d attended college for, technical theatre, and was working retail for a large, national …
Continue reading “Make Policy Your Friend and Learn to Love Governance and Compliance”
Quick acknowledgment here; this is written from the perspective that security is at the center and core of all business. That is simply a conceit to allow for the perspective. The core element of any business is to make money and increase profits and profitability over time, I get that. Many businesses struggle with figuring …
Continue reading “Security is the Force of the Business Galaxy”
Security Awareness Training is big topic and it consists mostly of people saying that you need to run phishing campaigns. People are your weakest link, but that’s their nature. It’s more than knowing social engineering, identifying phishing scams in all its forms. You need to train your HR people on listings and job postings. Train …
Lessons learned from the compromise of a child’s accountThis post was originally drafted 2020. My attention to this blog fell off during the last couple of years and I’m working on wanting to do more work. Hopefully, this blog will be a place I use for that and some others will benefit or at least …
Twitter was victimized by a security event earlier this week. Just in case you don’t remember or are reading this post some time after it occurred, this was the event where a number of well-known, verified accounts all started sharing messages for a standard Bitcoin scam. former President Obama, former Vice President Biden, Bill Gates, …