Archive for the 'Security metrics' Category
« Mark Curphey - SecurityBuddha.com
home page
June 10, 2008
I wanted to post a “rah rah” message to Rich Mogul when he posted that GRC platforms Are Dead. He was so spot on in my humble opinion that he made me smile for a week or so. I may be a bolshy arrogant git confident but re-assurance from smart people is always comforting. Today [...]
Categories: CISG, Compliance, Dashboards, Frameworks, Information Security Economics, Long Tail Security, Microsoft, Platforms, Security Industry, Security Platforms, Security metrics, Social Networking, Software Development, Working at Microsoft
Comments: 3 Comments
November 9, 2007
Ask a wine maker if climate change is real. This year there will be no organic wine from Burgundy. All wine makers have had to spray to prevent mildew attacking vines. Australia will have one of the worst crops in decades and as a result prices of Australian wines will rise next year. Italy [...]
Categories: Living in France, Security metrics
Comments: 1 Comment
November 9, 2007
Working at Microsoft can be hard. You have to force yourself to not get distracted by all the smart things that smart people are doing and saying. Last week I was sent a summary of an internal blog post by BillG talking about the business in general, ROI and metrics. As usual the summary was [...]
Categories: Security metrics
Comments: Be the first to comment
October 25, 2007
My last blog leads me neatly onto to the good stuff. Joining a new company is like a poker game. They need to tell you enough to get you interested but not too much that if you decide not to join you could screw up their plans. I knew ACE had bits of cool stuff [...]
Categories: ACE Team, Compliance, Dashboards, Getting Things Done, Information Security Economics, Long Tail Security, Microsoft, PCI, Privacy, Regulation, Security Industry, Security Platforms, Security metrics, Software Development, Software Security, Visualization, Web Security, information security
Comments: 10 Comments
September 24, 2007
Marc’s post here is well worth a read.
Level 1 is what I call an “Access API”.
Level 2 is what I call a “Plug-In API”.
Level 3 is what I call a “Runtime Environment”.
The Oxygen Security Platform is actually likely to be a combination of all three!
Categories: Compliance, Dashboards, Information Security Economics, Long Tail Security, Privacy, Security 2.0, Security metrics, Software Development, Software Security
Comments: Be the first to comment
September 18, 2007
Just picked up from O’Reilly, a new book called Security Data Visualization. It looks to be very network security centric but I will check it out and post a review here.
Categories: Security metrics
Comments: Be the first to comment
September 11, 2007
A week ago I posted that Metrics Should Change Behavior and used what I think is a clever play on statistics to demonstrate the art of positioning. You can see the video used here. Thinking about it a little more it seems to me that a good metric should possess two qualities. The first [...]
Categories: Cool Business, Security Industry, Security metrics
Comments: Be the first to comment
September 4, 2007
A British University studied 1,050 rock stars and concluded:
European artists are twice as likely to die early than the rest of the population.
US rocks stars died with an average age of forty two while European rock stars died with an average age of thirty five.
One in ten children in the UK aspire to be a rock [...]
Categories: Information Security Economics, Security metrics
Comments: 5 Comments
August 29, 2007
I think I may buy shares in Wired. I seem to plug it every month when I read articles of interest that spark my imagination. After reading the Web War One article I was engrossed by the Halo 3 story. Just yesterday I had a conversation with someone about the sophistication of games versus the [...]
Categories: Cool Business, Security Industry, Security metrics, Software Development, Software Security, Visualization, Web Security, information security
Comments: 6 Comments
August 13, 2007
Judging by the blog stats readers have been enjoying my Trends for Information Security and Long Tail of Information Security (Part 1 and Part 2) posts earlier this week. A few people have mailed me off-line asking for clarifications and suggesting ideas. Having thought about the questions raised and fired off answers (with various degrees of thought) [...]
Categories: Certification, Compliance, Cool Business, Dashboards, Information Security Economics, Long Tail Security, Security Industry, Security metrics, information security
Comments: 1 Comment
Recent Comments