Feed on
Posts
Comments

Category Archive for 'Methodology'

During many years I have been an advocate of never letting go of the control of you security but during my last years I have been forced to revaluate that opinion. As most of you are aware of finding the right resources for employing is hard and paying for the right resources is even worse. […]

Read Full Post »

Info Sec Burnout

I started out in this field many years ago, more or less 1998 give or take a few years depending on your definition of security. Each year I have found the work to be harder and harder with more and more to learn and rising complexity to manage. Quite a few friends and former colleagues […]

Read Full Post »

I do take pride in my skills in communicating all aspects of security but sometimes even I fail. I met with a lawyer recently that was employed at one of my clients. They had a problem with German legislation demanding that they were able to prove that the protection deployed on the laptops were sufficient […]

Read Full Post »

Sony Pictures Hack

Most of you have read the news of what happened to Sony Pictures. A truly devastating attack where ransomware, or to be more precise a Trojan with ransomware and other devastating payload, played a crucial role in the mayhem. When I talk with my peers not all of them fully understand the possibilities that ransomware […]

Read Full Post »

Ransomware revisited

2015 will be the year when we will see large scale attacks of ransomware here in Sweden. Why? Because we saw a lot in US during 2014 and Europe is ripe for harvesting. I had a chat with a large company in Sweden recently. Their security department is struggling with implementing protection but there is […]

Read Full Post »

263 days and counting

During the last months I have looked into breach detection. There are several numbers on the web from different reports and of course there is no exact figure but an estimate is somewhere around 263 days give or take 50. In any case it is still a way to large a number. During a presentation […]

Read Full Post »

I have a long track record with business down situations. When everything fails, no one manage to get the systems up and running again my phone used to ring and I was expected to come and solve the situation and…I always did. After a while you have seen it all and know where to tackle […]

Read Full Post »

Remember the days of Melissa and Love letter? When you were breached it very visible and very clear to everyone in the office. Those days are over since long. Nowadays you may not even know that you have a breach and the only way to find it is using different surveillance tools to find anomalies […]

Read Full Post »

In case of a breach-documentation

When I dig down into the bits and tin (Yes, I still do that on a regular basis as I strongly believe that you can´t be a good security architect without knowing both processes and technology as best as in humanly possible) one thing that my clients often are lacking is an In-case-of-a-breach-documentation (INCOAB-doc for […]

Read Full Post »

As some of you may know, at least those of you that have read my CV, I´m a trained social worker and have a keen interest in psychology. I always find it interesting to understand why some organisations manage to protect their information and why some fails. I recently came across a report describing why […]

Read Full Post »

« Prev - Next »