The ISM Community Top 10 will provide security management and professionals with guiding principles to build a solid program within any organization. It also serves as a great reminder to managers of existing programs to focus on the fundamentals.
Ed Bellis, CISO Orbitz Worldwide
If you haven’t yet downloaded it and read it you should.
ISM Community [...]
Trendhunter.com and theCoolHunter.net are two of my favorite non-security sites.
I viewed the Trendhunter slideshow “Unlocking Cool” on Slideshare.net today. It’s excellent in many ways. I particularly smiled at this slide.
Brother and Sister, Luke and Leia are about 7 months old now. About 20 minutes ago Leia (the grey one) decided to go for a quick dip in the pool and then ran into the field to roll in the ashes from where the farmer was burning the hedges. Lovely!
Jeff Williams took over running OWASP from me way back when. No only is he a nice bloke, nearly 7 feet tall and has done a superb job with OWASP, but he’s super smart as well. I was sent some slides he was using to promote OWASP.
https://www.owasp.org/images/a/ad/OWASP_Overview_Spring_2007.ppt
Slide 4 is shown below and caught my eye. [...]
Security LinkUp is a brand new open source (MIT License) and totally free application to manage face-to-face security meetings written in ASP.NET (C#). We pushed out the first beta a week or so ago and I am now looking for developers interested in forming an open source team to rapidly make it a really good application. It has a [...]
There are so many good ones that come at you at a decent pace. Some of fav recent ones are below.
http://feeds.pirillo.com/bLaugh
You might well notice some changes on the home page of the ISM Community portal today.
The portal hasn’t really had much TLC for a while and its been hard to find things and participate. That is changing. Today we installed the enterprise email gateway. This allows you to subscribe to a forum as if it were a [...]
Aaron, Rohyt and Corey are just fantastic blokes and super-smart. Their blog will be entertaining and informing, I promise you! Higbee is the guy who did the Dreamcast phone home stuff at Black hat way back.
http://blog.phishme.com/
Trying to compete in the race with Google to hire talent must be hard. This advert is the best recruiting approach I have seen in ages. Its for careers at Meetup.com and incidentally created with Google docs and originally found at Joel on Software.
I am working in the OWASP Web Certification Project and planning to make some serious progress this week. One of things I have done is to step back and think about what makes a good evaluation criteria. Here are some notes.
- Risk Based Security
- Assurance
- Unambiguous
- Repeatable
- Flexible
Risk Based Security
Risk based information security may not always be a [...]
Recent Comments