Embargo to Espionage: A Cursory Review of the Shamoon Virus

There has been very little coverage about a new usage of the latest class of cyber-weapons, specifically one dubbed the Shamoon Virus. The most likely reason for this is that it did not affect western interests more so than it did middle-eastern state interests. Specifically, the sabotage of computers at state oil giant Saudi Aramco… Read More

2012 Louisville Metro InfoSec Conference

I attended the 2012 Louisville Metro InfoSec Conference, now in it’s 10th year, as keynote speaker. The conference is a function of the ISSA Kentuckiana Chapter currently led by Randall Frietzche. Once again, they are pushing the capacity of the venue space due to the increasing popularity of this important conference. On a personal note,… Read More

Symbiotic Mutualism: A BYOD Love Story

The mass proliferation of consumer computing devices is in full force with only escalation on the horizon before us and any technologist who thinks that they can stop it or officially banish it from their little kingdoms should think again. Those troglodytes will only lead a frustrating existence in a world where resistance is truly… Read More

Risk Management CPM Model

I recently wrote an article about IT risk management and created several illustrations. One in particular stands by itself in terms of depicting a holistic view of the whole risk management life cycle in a critical path method model which I thought would be worth sharing. It would be useful to your ISO 27005 or… Read More

My comments about Virtuport and MENA ISC 2012.

Several exceptional facets of MENA ISC 2012 became quite apparent to me during my attendance and participation in the Middle East North Africa Information Security Conference. First, what a truly impressive assembly of international security experts and delegates. People attending were engaged, inquisitive, and very collaborative which is a vital component in mastering the global… Read More

MENA ISC 2012 – The Security Trifecta™

It’s off to Amman Jordan today to spend the week at the Middle East North Africa Information Security Conference (MENA ISC 2012) where I’ll be presenting The Security Trifecta: Information Security by the Numbers. The concept is an accessible and highly sustainable pragmatic approach toward achieving enterprise security; both physical and digital. The Security Trifecta… Read More

Macon State College – School of Information Technology

I had the pleasure of being invited to Macon State College for an information security presentation to a great group of students and professors. We had a lively discussion about the three facets of The Security Trifecta: Governance, Technology, and Vigilance. One of the things I enjoy most are the creative minds that represent the… Read More