Tag Archives: infosec

Information Security and Tanks

Posted on October 20, 2015 by Eric

Not too long ago my good friend, Michael Farnum, invited me to be the closing speaker at HouSecCon. I told him I would love to … then he asked me to give a talk that involved my military experience and … Continue reading

0Shares
Posted in Career, InfoSec, Life and Times, Military | Tagged , , , | Comments Off on Information Security and Tanks

What Is A Good Security Program?

Posted on July 9, 2014 by Eric

What distinguishes a good security program? One of the hardest questions to answer in the Information Security field is whether our security program is good, or not. It’s a question we want to answer for many reasons, not least of … Continue reading

0Shares
Posted in InfoSec, Penetration Testing, Risk Management, Security, Vulnerability Management | Tagged , , , , , | Comments Off on What Is A Good Security Program?

Vulnerability Management Re-Visited

Posted on July 8, 2014 by Eric

I know, boring topic. Just part of IT and Security operations. Nothing sexy here. It’s way more fun to think about how to beat those nasty, mean APT’s, how to detect malware actively on your network, how to do fancy … Continue reading

0Shares
Posted in InfoSec, Risk Management, Security, Vulnerability Management | Tagged , , , , , , | 1 Comment

Blaming the Victim for the Crime

Posted on May 22, 2014 by Eric

Putting the victim on trial. Decades ago we learned to stop putting victims of sexual abuse, domestic violence and rape “on trial”. Well, mostly anyhow. But we, mostly, stopped blaming the girl because she wore a short skirt or went … Continue reading

0Shares
Posted in General | Tagged , , , , , , , | Comments Off on Blaming the Victim for the Crime

2013: A Roller Coaster

Posted on December 21, 2013 by Eric

Or, as my wife put it, Random Ramblings of a Security Executive. Yes, it’s that time. Writing a blog post to wrap up the year, just all the rest of you do. I decided I’d cover my personal and professional … Continue reading

0Shares
Posted in Career, Government, InfoSec, Life and Times, Security | Tagged , , , , , , , , , | 2 Comments

Back to Basics …. Again

Posted on October 5, 2013 by Eric

It appears that the bad guys who exploited Adobe in August, and stole ColdFusion and Adobe (maybe) source code, as well as millions of credit card numbers, used a well known ColdFusion vulnerability. What seems to have happened is that … Continue reading

0Shares
Posted in BYOD, InfoSec, Security, Vulnerability Management | Tagged , , , , , , , | Comments Off on Back to Basics …. Again

Day 3 at CORE

Posted on October 2, 2013 by Eric

Yet another day of fun at CORE today. Spent the day getting to know the people, figuring out critical strategies, and places where I can start inserting myself to have some immediate impact. Started working on goals for the next … Continue reading

0Shares
Posted in CyberWar, FUD, General, InfoSec, Life and Times | Tagged , , , , , , , | Comments Off on Day 3 at CORE

Gartner Security Summit Keynote

Posted on June 10, 2013 by Eric

Paul Proctor got on stage and captured the attention of 2400 security professionals. He lampooned the NSA, brought the ghosts of security on stage and even highlighted my organization for the changes we’ve been able to accomplish. Key themes: BYOD, … Continue reading

0Shares
Posted in BYOD, FUD, InfoSec, Security | Tagged , , , , , | Comments Off on Gartner Security Summit Keynote