There is an organization which has a solution to the next steps after you have some compliance set up: OCEG with their pdf “A Maturity Model For Integrated GRC” First page of report: As in title the goal is integrated GRC where the company business goals are intertwined with Compliance, Risk, and Governance. It … Read more
The hacker must have a method in starting an attack like Dynamic Denial of Service (DDOS). in the last few days. the one which used hacked cameras and DVRs (Brian Krebs story) in attacking many Internet properties. Im sure you have seen the many media stories about this DDOS attack on various media (including Computerworld) … Read more
I’m often thinking where the next attack can come in and unfortunately it may come where we least expect it. Spiceworks blogpost has an interesting angle: How often have cloud services been installed by users without IT department knowledge? The survey by Spiceworks has found that many IT people have found their users installing cloud … Read more
The Security Conversation has to change. Unknowing we(us humans in business and more) create a scenario which prevents us from being more secure Our Psyche seeks risk when confronted with loss decisions but seeks safety when confronted with gain decisions. This has been studied (Previous post as well) and is accurate for 70% of the … Read more
Yes it is a good day for CyberJoke Post today 10/7/16 where we try to make light of some IT life since it is too hard to make the heavy lifting of Cyber understanding. Sometimes good to take a day off. Here is an interesting website: Surfersam.com Best quotes “I have traveled the length and … Read more
