There has been very little coverage about a new usage of the latest class of cyber-weapons, specifically one dubbed the Shamoon Virus. The most likely reason for this is that it did not affect western interests more so than it did middle-eastern state interests. Specifically, the sabotage of computers at state oil giant Saudi Aramco… Read More
I attended the 2012 Louisville Metro InfoSec Conference, now in it’s 10th year, as keynote speaker. The conference is a function of the ISSA Kentuckiana Chapter currently led by Randall Frietzche. Once again, they are pushing the capacity of the venue space due to the increasing popularity of this important conference. On a personal note,… Read More
The mass proliferation of consumer computing devices is in full force with only escalation on the horizon before us and any technologist who thinks that they can stop it or officially banish it from their little kingdoms should think again. Those troglodytes will only lead a frustrating existence in a world where resistance is truly… Read More
PenTest Magazine just released their latest issue and my article, Risky Business: IT Security Risk Management Demystified is included. You may find it here and also directly from the publisher here. Enjoy!
I recently wrote an article about IT risk management and created several illustrations. One in particular stands by itself in terms of depicting a holistic view of the whole risk management life cycle in a critical path method model which I thought would be worth sharing. It would be useful to your ISO 27005 or… Read More
To appease the trademark gods, I had a whole series of images rendered to represent The Security Trifecta methodology and offerings. Here is an example: Thoughts?
I’m working on some new episodes for The Security Trifecta™ information security series and the introduction is pretty cool I think. It would be great to get your feedback. Here is a sample: [flv:https://michaelpeters.org/wp-content/uploads/2012/05/The-Security-Trifecta.flv 320 240]
Several exceptional facets of MENA ISC 2012 became quite apparent to me during my attendance and participation in the Middle East North Africa Information Security Conference. First, what a truly impressive assembly of international security experts and delegates. People attending were engaged, inquisitive, and very collaborative which is a vital component in mastering the global… Read More
It’s off to Amman Jordan today to spend the week at the Middle East North Africa Information Security Conference (MENA ISC 2012) where I’ll be presenting The Security Trifecta: Information Security by the Numbers. The concept is an accessible and highly sustainable pragmatic approach toward achieving enterprise security; both physical and digital. The Security Trifecta… Read More
I had the pleasure of being invited to Macon State College for an information security presentation to a great group of students and professors. We had a lively discussion about the three facets of The Security Trifecta: Governance, Technology, and Vigilance. One of the things I enjoy most are the creative minds that represent the… Read More