Fascinating article breaking down users into generational groups and analyzing their attitudes, methods of learning, using tech, and security.
I work in with a group of engineers ranging from the 68 yr old traditionalist to the 22 year old millennial and every group in between--this analysis rings true and provides real insight to me. Especially paragraph number 2.
Your user's are NOT all the same and you can't/shouldn't treat them like they are. As I've said repeatedly, nothing can be simple in this business, there are no simple, cookie-cutter answers. You have to tailor to the conditions, and the map is NOT the terrain!
Read it here: http://www.darkreading.com/privacy/tech-insight-enterprise-securitys-overlo/240163181
"Good Night and Good Luck" to us all,
Mark V2
Tuesday, October 29, 2013
Sunday, October 27, 2013
So, another week, another blog post. More zero-days, more products and services being flogged by vendors, more doom and gloom.
I was going to post a couple of links about 10 common IT risk assessment mistakes and an early review of the new NIST cybersecurity framework, but, well, meh. Small beer.
Instead, I going to post a link to one of my favorite science websites:
That wild man is actually Doctor Ethan Siegel, PhD, Theoretical Astrophysics, and he also wears a kilt! His blog has won multiple awards for being one of the best "science" blogs out there. He's really, really good at explaining physics, usually with fantastic graphics and pictures, and I really enjoy his weekly articles. This weekend's "Diversion" is about a much larger type of risk--our impending collision with this:
That's the Andromeda Galaxy. If you want to know more about the "Andromeda Project" you have to go here and read the whole article.
Enjoy!
"Good luck and Good night"
Mark V2
I was going to post a couple of links about 10 common IT risk assessment mistakes and an early review of the new NIST cybersecurity framework, but, well, meh. Small beer.
Instead, I going to post a link to one of my favorite science websites:
That wild man is actually Doctor Ethan Siegel, PhD, Theoretical Astrophysics, and he also wears a kilt! His blog has won multiple awards for being one of the best "science" blogs out there. He's really, really good at explaining physics, usually with fantastic graphics and pictures, and I really enjoy his weekly articles. This weekend's "Diversion" is about a much larger type of risk--our impending collision with this:
That's the Andromeda Galaxy. If you want to know more about the "Andromeda Project" you have to go here and read the whole article.
Enjoy!
"Good luck and Good night"
Mark V2
Sunday, October 20, 2013
If, like me, you know a bit about computers and maybe a (very little) bit about security, you probably get asked by friends and family to help them with their computers. Everything from "What AV should I use?" to "I think my computer has a virus--can you fix it for me?"
Well, last week, while I was on my unplanned, unfunded, government mandated "vacation", a friend of mine, Mike, threw me a new one: "My small business network is not working and I'm not sure why. Can you help me? " I've never been asked to help with a whole network (albeit a small one) before. I told him I'd try--as long as he promised not to sue me if I screwed it up. It's a lawn care service, with a router, 3 hosts, a web server, a multi-function printer, and some storage.
After a quick initial investigation I determined that he had lots of problems: really bad design (as in not designed, more like just grew), no real security, lots of malware, including bot software, trojans, and key-loggers. After cleaning the infections I wasn't sure what to do next, so of course, I went searching the internet. And I found this...
The Manageable Network Plan from these guys...
(I know, right!)
Well, last week, while I was on my unplanned, unfunded, government mandated "vacation", a friend of mine, Mike, threw me a new one: "My small business network is not working and I'm not sure why. Can you help me? " I've never been asked to help with a whole network (albeit a small one) before. I told him I'd try--as long as he promised not to sue me if I screwed it up. It's a lawn care service, with a router, 3 hosts, a web server, a multi-function printer, and some storage.
After a quick initial investigation I determined that he had lots of problems: really bad design (as in not designed, more like just grew), no real security, lots of malware, including bot software, trojans, and key-loggers. After cleaning the infections I wasn't sure what to do next, so of course, I went searching the internet. And I found this...
The Manageable Network Plan from these guys...
(I know, right!)
and I really, really like it. It's a step-by-step guide on how to (re-)gain control of a network and and protect it, in easy to understand non-technical language.
Here it is in pictorial form:
So, Mike and I are implementing the plan. We're on Milestone 3 and I'm researching some affordable options for improving the architecture.
Unfortunately, I have to go back to work tomorrow, so I won't be able to devote as much time as I'd like, (can't believe I said that!) but Mike's pretty committed, so I'm optimistic that we will, eventually, finish all eight milestones. I'll let you know.
"Good Luck and Good Night"!
v/r
Mark V2
Sunday, October 6, 2013
Confession time. Due to the government idiocy, I was furloughed without pay this week. As a result, I haven't been paying attention to the InfoSec news much. I've been somewhat depressed, and didn't do a good job of establishing an alternate routine. I even lost track of what day it was and completely forgot about class on Thursday!
I did do a quick scan of my favorite InfoSec news and blog sites and ran across this article on InfoSec Island that I think is worth sharing:
Industry's First Social Risk Guide Released
From the guest blog of Vince Schiavone:"Avoiding #FAIL provides a in-depth understanding of the complex, multidimensional dangers of social risk and how companies can implement an effective advanced threat detection solution to mitigate resulting damage to revenue and reputation and ultimately protect and preserve the business."
I think this sounds like a timely and worthwhile book--This is a topic that needs a lot of work, beyond the current "Be careful what you share" panacea. I plan on looking for it.
"Good Night and Good Luck" to us all.
Mark V2
Subscribe to:
Comments (Atom)