I’ll spent a few days in Scottsdale Arizona attending the CIO Finance Summit. I received an invitation to be a guest panelist for financial services information security. This will be the second time attending a CDM Media event. I’ll meet again with many of my counterparts from around the industry and made some new connections… Read More
Social Computing Guidelines
I have added a new governance document to the HORSE wiki that provides an example of a social computing and networking employee guideline. It is located here: http://lazarusalliance.com/horsewiki/index.php/Social_Computing_Guidelines Like so many of my corporate information security counterparts, the explosion of public applications available and the massive participation presents a new challenge in the presentation of… Read More
Daily Digest for August 19th
mdpeters New blog post: Progress made towards information security https://michaelpeters.org/?p=733 [#].
Progress made towards information security?
When the Cyber Czar’s and CISO’s get a seat at the big table, in a normal chair, rather than a high chair, global society will not gain traction towards appropriate information security. We will continue to be reactive and not proactive.
Laws of Power – 27
Play on people’s need to believe to create a cult-like following: people have an overwhelming desire to believe in something. Become the focal point of such desire by offering them a cause, a new faith to follow. Keep your words vague but full of promise; emphasize enthusiasm over rationality and clear thinking. Give your new… Read More
Laws of Power – 14
Pose as a friend, work as a spy: knowing about your rival is critical. Use spies to gather valuable information that will keep you a step ahead. Better still: Play the spy yourself. In polite social encounters, learn to probe. Ask indirect questions to get people to reveal their weaknesses and intentions. There is no… Read More
Corporate Records: Voice-mail
As electronic discovery matures to meet the ever-changing technology landscape, it is incumbent upon the information security practitioner, forensic investigator, General Counsel, or others responsible for the discovery, acquisition, processing, preservation, and presentation of electronic records to keep swimming or risk drowning. There should be no illusion that voicemail would be considered an electronic record… Read More
The lines are blurring
The legal profession, in one form or another, as existed for thousands of years. As with any activity, experience and practice helps us become more proficient, more accurate, more profound. Information security and regulatory activities are relative newcomers in the holistic picture. These pursuits also require vigilance and practice. An interesting phenomenon I believe is… Read More
Participating in the FST Finan…
Participating in the FST Financial Services Technology 8 Summit this week as an Information Security ILM guest panelist.
Financial Services Technology – FST US 8 Summit
I’m looking forward to the Financial Services Technology FST US 8 Summit taking place April 15th-17th 2009 at the Lansdowne Resort, West Virginia. I’ll be a participant in their information security identity and access management infrastructure forum as a guest panelist which should be a good experience. More to tell during the week as the… Read More
Incorporation
The former Lazarus Alliance Incorporated is being reorganized as Lazarus Alliance LLC. The corporate focus will continue to be Information Security and Compliance consulting services, but, we will gradually be adding Legal services. In time, I intend on offering premiere comprehensive international services focused upon information security. Basically, Lawyers who are actually technically savvy. The… Read More
Juris Doctor 31 of 215
Last week Contribution and Indemnity gave me a bit of trouble. This week I am looking forward to Conspiracy and Solicitation which seems like it will be full of twists and turns. I’m gaining intellectual traction faster with Criminal Law and Contract Law than I am with Torts. Overall though, there is no doubt in… Read More
Syndication Updates for 2009-03-09
12:09am mdpeters posted 9 items. (Hide Details) Sample Information Security Program Charter: Adaptive Best Practices Policy Samples: Documents Adaptive Best Practices Policy Samples: Sample Information Systems and Technology Security Policy: Sample Information Security Program Charter: Adaptive Best Practices Policy Samples: Sample Information Security Program Charter: Sample Information Systems and Technology Security Policy: 1:20pm mdpeters posted… Read More
Policies, standards, and Guidlines, Oh My!
My pet project for the past three years has been the Holistic Operational Readiness Security Evaluation wiki, otherwise known as the HORSE Project. In addition to some great audit guidance, security advice, tools, ect, there is a full compliment of policies to use as boilerplates for any organization. Find it all here: http://lazarusalliance.com/horsewiki/ It… Read More
Juris Doctor 21 of 215
I’ve gone into week 21 now. I still have a three day lead on classes across the board much to my satisfaction. I actually am beginning to feel like this stuff is beginning to make sense. Hooray for the home team. The only complaint from my family members has been the extra effort I needed… Read More
Juris Doctor 20 of 215
This week has cooked along just fine. Work has tapered off just enough now that the procrastinators have gone into hibernation. I’ll brace myself for Q4 when the time comes again. I continue to get affirmation that Law School will be a real boon to my career and accumulated wisdom. International and federal cyber law… Read More
ISSA September 2008
I was honored to be interviewed by Jeff Combs of Alta Associates for an article in the September 2008 ISSA Journal. We discussed the blurring lines between information security, law, and compliance at it relates to technology.
CIO Finance Summit 2008
A spent nearly a week in Scottsdale Arizona attending the CIO Finance Summit. I received an invitation to be a guest panelist for financial services information security. I met many of my peers around the industry and made some good connections with folks that I am sure will provide mutually beneficial situations down the road.… Read More
Juris Doctor 2 of 215
The objective analysis versus the subjective analysis? The objective, reasonable interpretation by someone in the position of the parties involved and present as witness would assume. I seem to gravitate towards the subjective rather than the objective nature of the analysis. This has been my first real challenge during law school. It has occured to… Read More
HORSE Project Wiki
My favorite pet project is the Holistic Operational Readiness Security Evaluation otherwise known as the HORSE Project. The intention is ultimately to raise the proficiency level of information security auditors, security practitioners, financial auditors, and anyone who verifies that controls exist over business systems.