Continuous vulnerability avoidance much more profitable than continuous monitoring/mitigation/incident response. Continue reading Twelve Word Tuesday: It Hurts When They Do That, Get Them to Not Do That
Vertical: Hotels need basic hygiene Horizontal: Patching and securing remote access dominate Figure 70 from 2014 Verizon Data Breach Investigation Report Continue reading Twelve Word Tuesday: Verizon 2014 DBIR Critical Security Controls Incident Prevention Heat Map
Bill Murray and I recently had an fun interchange on the topic of supply chain security and he's agreed to let me reproduce it here. The starting point was a comment I made in SANS Newsbites on this news item: [] China Vetting Networking Gear (May 22, 2014) After the US Justice Department indicted five … Continue reading A Conversation Around Supply Chain Integrity - Is There Any Real Way to Trust Products?