DHS says we don’t have enough security talent in the US

As if to reinforce my point over and over again: Mark Weatherford, Deputy under Secretary for Cybersecurity for the National Protection and Programs Directorate (NPPD), called on the industry to work together to promote information security as a ‘cool’ discipline as he argued there is currently not enough talent in the industry. “We have a …

Spencer Ackerman confirms US spying violates our Constitutional rights

So. Spencer Ackerman tells us the “head of the U.S. government’s vast spying apparatus has conceded that recent surveillance efforts on at least one occasion violated the Constitutional prohibitions on unlawful search and seizure.” (http://www.wired.com/dangerroom/2012/07/surveillance-spirit-law/) It appears that Sen. Ron Wyden (D-Ore.) is the citizen’s best advocate against this illegal activity. As DangerRoom tells us, …

Uh, yeah: NSA chief asks Defcon hackers to help secure the Internet

Totally disregarding the open “secret” that the federal government illegally collects and retains information (http://www.wired.com/dangerroom/2012/07/surveillance-spirit-law/) and gee, hackers know about that, four-star General Keith Alexander told those same hackers, “You’re going to have to come in and help us.” Cue the golf claps, and do as one hacker prepping for a capture-the-flag competition did, wave …

Publicly available information: The Best Defense/Offense

The longer I work with ISECOM and the more deeply I understand its principles, the more I appreciate the occasional writer who seems to really “get it,” whether directly referring to ISECOM or not. A recent NetworkWorld article, “Open source offense could be our best defense against cyberattack,” offers a very good discussion of the …

A good IT audit checklist

Recently I gave a presentation at an international conference on the cloud, and gave it my usual emphasis on simplicity and clarity. I wasn’t talking to IT people, but to accountants, county managers, election officials and treasurers, so they were not highly technical folks. Which doesn’t mean they can’t comprehend the cloud. What seemed to …