March 2008
20 posts
Vulnerability Events →
When a new vulnerability is discovered in (for example) an operating system, does that mean the system was vulnerable all along? As I see it, the answer is “No”.
The rationale behind this answer is…
The Church of Rationality: Resources on Bayesian... →
A few “Bayesian Reasoning” links. Gelman’s thoughts on the links and his “response” (which was to post the first chapter of his book) here:
http://www.stat.columbia.edu/~gelman/blog/
LOLFED →
Unique for Today: A Blog Post *NOT* About Pwn2Own →
But a quick Friday Fun post about how you can play a flash game at work and get away with it:
BMC has created video game about ITIL. Give it a whirl and just explain that you’re trying to…
Herding Cats: Measuring Makes You Accountable →
Security Retentive →
Herding Cats: Measuring Makes You Accountable →
Should We Treat Contractors The Same as Employees? →
I recently ran across a post on the Security Catalyst Forums (fun place to go hang out if you don’t already). The subject was:
“Should contractors be ‘less trusted’ than ‘full-time’…
The PCI & Massachusetts Bankers Association - New... →
Too early for any new information, but from the CNN article:
The Massachusetts Bankers Association … said Monday about a third of its 200 member banks have been contacted by Visa and…
Communicating Risk & Macs Can Do Anything →
With my coffee this morning came some Internets. So I thought I’d share them with you:
NEW (TO ME) BLOG
I had somehow missed it, but my friend Dr. Jeremy Ward of Symantec has an IT Risk…
Friday Link Fun →
Google Sky.
The driving directions don’t seem to work for me, though
Two Brief Snippits of Truthiness →
Had the pleasure of catching (RMI founder) Jack Jones present at an ISACA meeting this morning. One of the great things about working with Jack is that he has this salient view of why things are…
Warren Axelrod of Bloginfosec.com “Gets it” →
Link to what he writes here.
I’m looking forward to his future contributions to Ken’s new weblog there.
Is Risk Management a “People Problem”? →
In today’s post, I’m going to link you to a blog post by someone who used the phrase “Security is a People Problem”. I hesitate to do so, because some people might think that I’m going to write…
Wide Awake Developers: Steve Jobs Made Me Miss My... →
Obstacles For Information Security & Risk... →
Some final cursory thoughts on Deming today, although if it’s ok with you I’ll reserve the right to blog about him again as I study the man more. I’m excited about today’s topic, as what he says…
PCI Blog - Compliance Demystified » Blog Archive »... →
Security Twits « Mediaphyter →
Michael Dahn Wins Blog Of The Day →
For coining “Stagpliance“. Michael, if it’s allright with you, I’d like to use that one in conversation. I’ll attribute, of course
Deming’s Seven Deadly Diseases & How they Infect... →
Deming image and quote from Henrik Giæve’s website
As we look at the father of quality management and see if he’s got any relevance to what we’re doing (after all, security could be said…