Effective SOC processes more badly needed than more threat sharing between SOCs. Details on "Petronius" quote on re-orgs here. Continue reading Twelve Word Tuesday: ISAOs: Progress or Just Petronius-like Re-org Effect?
SANS Security Trend Line
23
Jun 2015
Twelve Word Tuesday: OPM Was Continuosly Monitoring 97% of Assets - Just Missed the Important Ones
FISMA Scoring: OPM high continuous monitoring scores - measured by quantity, not criticality. Continue reading Twelve Word Tuesday: OPM Was Continuosly Monitoring 97% of Assets - Just Missed the Important Ones
09
Jun 2015
Twelve Word Tuesday: SSL Everywhere Is Like Putting Radon Gas Removal Before Roof Shingles
Scary:all those government vulnerabilities that won't get fixed to fund HTTPS://*.gov News hook here. Continue reading Twelve Word Tuesday: SSL Everywhere Is Like Putting Radon Gas Removal Before Roof Shingles
02
Jun 2015
Twelve Word Tuesday: Boards of Directors Actually Want to Know If *You* Care About Security
Common Board complaint: CISOs bring"blood in streets" stories; need strategy/metrics. Continue reading Twelve Word Tuesday: Boards of Directors Actually Want to Know If *You* Care About Security
04
Nov 2014
Twelve Word Tuesday: Would ISPs As Common Carriers Lead to More/Less Carriage of Common Attacks?
Net neutrality shouldn't mean continued ISP threat neutrality - but regulatory dice roll. FCC considering classifying some ISP services as "Common Carrier" services Continue reading Twelve Word Tuesday: Would ISPs As Common Carriers Lead to More/Less Carriage of Common Attacks?
