The Computer Security Institute recently released its 2009 survey results (must register). One of the charts in the executive summary lists the frequency of occurrence in the survey population. Without any other information more pertinent or specific to your organization,…
Highlights, Random
Notes on the Heartland breach
by Pete Lindstrom •
The Heartland saga continues and it appears that things are going its way. Not only has the company been on a campaign to make lemons out of lemonade by selling the equipment (“end-to-end” encryption) to their customers (and, presumably others),…
Economics and Risk, Highlights, Random
Should we change passwords every 90 days?
by Pete Lindstrom •
[I was unsuccessful trying to post this as a comment on the Securosis blog so figured I'd post it here instead.] David Mortman at Securosis recently posted with the following challenge: Show me any reasonable evidence that changing all your…
Economics and Risk, Highlights, Random
ENISA Cloud Computing Security Project
by Pete Lindstrom •
Today, the European Network and Information Security Agency (ENISA) released its Cloud Computing Risk Assessment report. I enjoyed participating on the project and making a number of new friends. As with most workgroups, this project had its ups and downs…
Highlights
Last Night’s NCIS Backdoor
by Pete Lindstrom •
Last night’s episode of NCIS revealed a secret that has been hidden for quite some time. There is a backdoor in all iris scanners – two people have had their iris minutiae programmed into every iris scanner and can unlock…
Highlights
Microsoft’s Security Intelligence Report – Day 2
by Pete Lindstrom •
More off-the-cuff ramblings while reading Microsoft’s Security Intelligence Report: will I actually get through this report? life intervenes… page 68: interesting data on parent and child malware… but I don’t know what to do with it. page 71: “An infected…