Category: Cybersecurity & Infosec

April 26th, 2017 by John

Major General Brett I. Williams discusses the distinction between cyberwarfare and information warfare. The distinction can be important!

http://www.c4isrnet.com/articles/cyberwarfare-and-information-warfare-must-be-distinguished-commentary

Posted in Blog, Cybersecurity & Infosec, Nation State

April 25th, 2017 by John

Solomon Smith and I presented at the Spring ISACA meeting in Iowa City, IA today on cyber education. 

http://alignedsecurity.com/index.php/2017/04/25/illowa-isaca-cyber-education-presentation/

Posted in Blog, Community, Cybersecurity & Infosec, Events

April 20th, 2017 by John

Home | The Security Cards: A Security Threat Brainstorming Kit

The University of Washington has developed a set of 42 playing cards for modeling security and privacy threats. The cards encourage you to brainstorm about potential threats along 4 dimensions: Read More

Posted in Cool-Stuff, Cybersecurity & Infosec, Exploits & Attacks

April 19th, 2017 by John

This article has some very good insights regarding what board members say they want and what they are getting from CISOs. They still tend to be skeptical of risk presented as loss predictions in dollars. Storytelling still has an important role to play.

Posted in Cybersecurity & Infosec, Risk Management

April 19th, 2017 by John

Elad Yoran writes a SC Magazine blog relating what’s in the news to your privacy and personal devices.

Posted in Cybersecurity & Infosec

April 14th, 2017 by John

This is an interesting case where a DuPont employee stole trade secrets prior to retirement. It is often the young, brash employee who is the scapegoat. I speak from personal experience, that in the Midwest, large, old corporations distrust vendors, contractors and new employees, and tend to overlook the risk that comes from the long-time “trusted and loyal” employee. There is even a stigma if you have been at a company a long time, and leave before retirement. However, until recently, many companies continued to provide email and corporate services, and even let retirees keep their laptop, because of their retiree status. Shows that good feelings don’t amount to much, when competitors are willing to pay big bucks for your secrets. Everyone is a potential leak.

Posted in Blog, Criminal, Cybersecurity & Infosec

April 7th, 2017 by John

Here’s a recent blog post I wrote for SC Magazine:

Posted in Blog, Cybersecurity & Infosec, IoT, IIoT, ICS-SCADA

April 5th, 2017 by John

Posted in Cybersecurity & Infosec