Defense in Depth

Security is hard because it requires attention to detail and getting the “blocking & tackling” right.  There are lots of cool and shiny security products on the market today.  Remember a “product” is not a “solution” until it is tailor-fit to meet the needs of the organization and properly maintained … Continue reading

Information Security at Startup Companies

The following excerpt is a thread from a discussion on Linkedin in the Information Security Community group. Question: How can a young professional convince startups that InfoSec is needed? And then get them to hire him?  I am currently studying InfoSec Management and I am looking to get a job … Continue reading

Is Server Downtime an Information Security Incident?

The following excerpt is a thread from a discussion on Linkedin in the Information Security Community group. Question: Hi everyone, Information Security is about protecting the confidentiality, integrity, and availability (CIA) of Information Assets. So can someone tell me, at what point does availability become an issue? for instance, is … Continue reading

  • The postings and views on this site are my own and do not necessarily reflect the positions, strategies, or opinions of any current or previous employer.