I got an email on one of my domains today. It was sent to an account I don’t have so it fell into a catchall account for that domain and was forwarded to an account I monitor. The email informed me that the sender had hacked some account of mine, monitored me accessing sexually explicit… Continue reading Not Spam, Not Phishing
A businesses need a policy framework to state its values, expectations and requirements in a meaningful way. The policy framework depends on an organization’s structure to enforce ownership of these statements appropriately. Policy frameworks aid in understanding the enterprise by setting the ownership of policies, their associated and supporting documents and by creating a structure where these statements can… Continue reading Policy Framework
Enterprise Security or Secure Solution program? While discussing the SANS Top 20 Critical Controls a couple of weeks ago I ran into some confusion with an infosec partner about the number of controls we were talking about. He referred to the Top 25 but I know from my training and certification that there are 20… Continue reading SANS – Confusion in the Top How Many?
This podcast is for both seasoned information security professionals and those who desiring a career in infosec, risk management or privacy. To that end there are agencies that can be beneficial for those at the beginning of their careers or those who are interested in more peer and community engagement. There are various roles… Continue reading Professional Organizations – How to Connect & What They Offer
Identification is a process whereby an identity claim is made and evaluated. Organic Operations Humans do this very naturally when we learn one another’s look, voice, walk and other mannerisms. The more intimately we know someone the more difficult it is to forge or impersonate that identity in our presence. The complexity of identification is compounded… Continue reading Identification Performed by Humans