Final Week! Get an iPad Mini 4, Samsung Galaxy Tab A, or $250 Off OnDemand and vLive - Ends May 24!

SANS Security Trend Line

Progress in Using the Critical Security Controls to Sort Out "Security Bad Apples"

In the past six months or so, there has been a lot of forward movement in state and federal government around the idea of screening suppliers and contractors for "basic security hygiene" as embodied in the Critical Security Controls. Most importantly, new federal procurement regulations will go into effect June 15th that directly require contractors … Continue reading Progress in Using the Critical Security Controls to Sort Out "Security Bad Apples"


Twelve Word Tuesday: Watson, Come Here - I Need Your Password

Software smart enough to win Jeopardy - probably still dumb enough get phished? Article here: IBM to work with universities to train Watson AI on cybersecurity. Continue reading Twelve Word Tuesday: Watson, Come Here - I Need Your Password


Twelve Word Tuesday: Advising the Next President on Top 3 Things Government Agencies Should Do In Cybersecurity

Use: stronger authentication (non-PIV!) Application Stores. ISP services that filter known bad. Continue reading Twelve Word Tuesday: Advising the Next President on Top 3 Things Government Agencies Should Do In Cybersecurity


Twelve Word Tuesday: Good News - FBI To Prioritize Damage Reduction over Observation and "Hand Wringing"

Good model for cybersecurity overall: be more like FEMA, less like TMZ. FBI's Donald Freese quotes What is TMZ? Continue reading Twelve Word Tuesday: Good News - FBI To Prioritize Damage Reduction over Observation and "Hand Wringing"


Twelve Word Tuesday: CISO Briefing the Board Should Not Be Like Dog Catching Car

Boards: CISOs should talk less blood in streets, more security business impact. Continue reading Twelve Word Tuesday: CISO Briefing the Board Should Not Be Like Dog Catching Car