tag:blogger.com,1999:blog-27163565Tue, 24 Sep 2024 18:26:08 +0000Daily musings (almost)from an Information Security Professional about the world of Systems and Information Security.http://infosectoday.blogspot.com/noreply@blogger.com (Unknown)Blogger17125tag:blogger.com,1999:blog-27163565.post-5502351420131986493Mon, 15 Apr 2013 13:41:00 +00002013-04-15T08:41:34.156-05:00Well - it happened.  Brian Katz (@bmkatz) gave me a soapbox to stand on last week - and this is the result. http://www.thecloudcast.net/2013/04/the-mobilecast-eps4-data-categorization.html We covered a range if items over the course of 40+ minutes about all things Mobile, IDAM, Data Classification, and more.   We'll see if this turns into something of a http://infosectoday.blogspot.com/2013/04/it-was-bound-to-happen-sooner-or-later.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-6493853602717962421Fri, 20 Jan 2012 23:22:00 +00002012-01-20T18:22:07.617-05:00Will be heading to Shmoocon 2012 (missed last year - no tix), with the PSU @TracyBP, and our good friend @SheilaA.  Hopefully no Snowpocalypse this year (2010).   Tracy knows the drill with Shmoo, she has been several times with me before. But Sheila will be a noob.  Trying to not overly freak her out, but over the years she has been riveted with the stories I come back with..http://infosectoday.blogspot.com/2012/01/oh-and-by-way.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-1845222625989868898Fri, 20 Jan 2012 23:17:00 +00002012-01-20T18:17:11.213-05:00Well...   The long drought is over.  I'm heading back to RSAC for the first time since - 2007??? Time to see if I can reconnect with some old friends, meet new ones, and re-discover the various side-shows which invariably pop up over the course of the week.    More to come. http://infosectoday.blogspot.com/2012/01/whoo-hoo-heading-to-rsa.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-7747408004796253018Tue, 07 Dec 2010 02:21:00 +00002010-12-06T21:21:19.039-05:00Never left really, just went underground for a bit - sort of an InfoSec Cicada.  I supposed I had to start this blog up again at some point.  If nothing else, it will help me convince myself that the more things change, the more they stay the same and that the InfoSec space is in serious danger of becoming irrelevant.http://infosectoday.blogspot.com/2010/12/im-baaaaaaack.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-4198810445114545977Fri, 10 Jul 2009 11:09:00 +00002009-07-10T06:10:11.090-05:00Some random things this morning…InfoSec related, sort of… First few days of class have gone by, and I am finally getting my schedule down. Up at 0400 hrs, brew a quart of Starbucks Sumatra (which has a “capricious spirit” and is an “adventurous coffee” by the way?) answer my section’s students’ email, review discussion posts, and generally look over what my section has done so far. Finish up http://infosectoday.blogspot.com/2009/07/random-items-its-friday-and-sky-hasnt.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-5880991096905410628Tue, 30 Jun 2009 01:24:00 +00002009-06-29T20:28:08.017-05:00Well, it’s good to see that InfoSecToday is still alive and well. I’m still alive, and as far as being well, well you know how that goes… Lots of changes over the last year or so - Still married (the same one), still have a job (the same one), have two kids in college now (the same ones), but a lot less in the 401k. I’ve been through two different iPods, and am on my second Zune (a big one). http://infosectoday.blogspot.com/2009/06/2009-and-then-some.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-7659270359999218280Fri, 23 Mar 2007 19:01:00 +00002008-12-10T05:38:53.984-05:00 For those that don't believe that I'm here - here is my notebook, and official ShmooCon 07 badge. So there.. Kind of my poor-man's conference two-factor authentication. Something I've had for a while, and something I have now.There also happens to be some type of Medical Professional conference here at the Wardman Park , too. The Society for Behavioral Medicine , or something like. I can think http://infosectoday.blogspot.com/2007/03/shmoocon-07-day-one-well-mid-day-maybe.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-7291376105962092286Fri, 23 Mar 2007 05:02:00 +00002007-03-23T00:11:50.911-05:00Been busy with my day job... Very busy... But - not for the next few days. I'm down in DC at ShmooCon 2007. If I can keep my wits, keep up with grading my student's work (Boston University), and keep the work emailbox doen to a dull roar, I'll try doing a few posts while on the lam here in DC. Already I've ran into a few familar faces (in the bar of course), and hope to see a few more.More http://infosectoday.blogspot.com/2007/03/wheres-bill-p-been.htmlnoreply@blogger.com (Unknown)1tag:blogger.com,1999:blog-27163565.post-3354513745337742143Fri, 16 Feb 2007 23:08:00 +00002007-02-16T18:23:40.344-05:00Wow. Great post by Mark over at the SecurityBuddha. I’ve been saying this for years (well, maybe a couple anyway). One of the biggest hindrances to effectiveness and efficiency in an IT shop is IT itself. I still see kids coming out of school, whether it’s undergrad or grad, that do not have a good grasp on what it means to be in IT. The Business of IT is the Business. Period. All too often I seehttp://infosectoday.blogspot.com/2007/02/business-of-it-is-business-period.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-117116548230662508Sun, 11 Feb 2007 03:43:00 +00002007-02-10T22:44:42.320-05:00Been going through a long dry spell here at InfoSecToday due to work, car, house, and kid stuff – but RSA seems to have shaken my pen loose, along with a social session with my friends at the Security Bloggers Network (more on that later). Four hours to ORD (Chicago), two more to BOS (Boston), then one more by car north to New Hampshire (Live Free of Die). Should be plenty of time to spill my http://infosectoday.blogspot.com/2007/02/real-security-anyone-reflections-and.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-116585920789046699Mon, 11 Dec 2006 17:45:00 +00002006-12-11T12:46:47.903-05:00Fine. I’ve not had anything of any consequence to chat about for a bit (other than trials and tribulations with a pair of teenage boys and maybe that of my grease car habits) – but this thread about Agents and Appliances is threatening to send me over the proverbial network edge. So – a level setting comment. I’m not knocking or promoting anyone’s particular technology or implementation. My http://infosectoday.blogspot.com/2006/12/ceci-nest-pas-un-appareil.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-116278016140433286Mon, 06 Nov 2006 02:29:00 +00002006-11-05T21:29:21.470-05:00What does this have to do with InfoSec?!?!? Hear me out - and think about it...We all are getting older, and the systems that make up our bodies age accordingly, not unlike those of the systems that we (try to) secure. On one hand, they were in great condition when first deployed, and as time went on, slowly became slower and more clogged up with the detritus of the aging process. Both systems http://infosectoday.blogspot.com/2006/11/low-dose-aspirin-and-red-wine.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-116169524876442016Tue, 24 Oct 2006 13:03:00 +00002006-10-24T08:07:28.783-05:00Interesting article in today’s Computerworld feed. Something that I’ve been harping about to my peers for some number of years - and anyone that would listen – is the concept of Knowing the Business of Information Security. As Mary Brandel points out in her article, “The Team at the Top”, it is becoming increasingly important for the technology leaders at the top tiers to not only be good http://infosectoday.blogspot.com/2006/10/know-thy-business-really-i-mean-it.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-116165660337855916Tue, 24 Oct 2006 02:22:00 +00002006-10-23T21:23:23.386-05:00I was going over some recent gradate work I had done a year or so ago, and came across an article of mine on Nicholas Carr’s take on “The End of Corporate Computing”. Now – from an InfoSec perspective – where does that place us? I’m not sure yet. This diatribe is a little over a year old, and Carr’s source article a little bit older. Maybe the title should be “The End of Central IT Security…http://infosectoday.blogspot.com/2006/10/death-of-information-security.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-116117456813392397Wed, 18 Oct 2006 12:29:00 +00002006-10-18T07:32:27.796-05:00Yeah – it’s been quite here at InfoSecToday. I’ve been letting Mike and Steve run with our collectively demented thought processes. However this one from Oracle, posted on Computerworld piqued my interest this morning.One thing that we’ve all learned (the hard way) is that you must keep up with vendor patches to the best of your collective abilities. Of course, this does means that you do a http://infosectoday.blogspot.com/2006/10/oracle-patching-tsunami.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-115996647711516640Wed, 04 Oct 2006 12:52:00 +00002006-10-04T07:54:37.126-05:00It’s been wild here in my organization for the last few weeks. My efforts to get InfoSecToday off the ground have been sidetracked more than a handful of times due to work, kids, old diesel cars, etc… . For those of you who don’t know me directly, I work for a Fortune 100 (almost) Property & Casualty insurer in the Northeast US. Several weeks ago, not only did we lose our fearless leader in http://infosectoday.blogspot.com/2006/10/nice-nist-notes.htmlnoreply@blogger.com (Unknown)0tag:blogger.com,1999:blog-27163565.post-115946868701556193Thu, 28 Sep 2006 18:38:00 +00002006-09-28T16:56:40.256-05:00I thought I'd better get on the blogosphere bandwagon before the music died down...Most anything regarding Information Security (and related stuff) is appropriate for posting... One thing I've learned in my 27+years in IT is that sharing amongst peers (as well as lessor mortals) is an absolute must if anyone is to learn from past mistakes.Bill Phttp://infosectoday.blogspot.com/2006/09/new-kid-on-block.htmlnoreply@blogger.com (Unknown)0