This started life as a couple of peeves about security ‘expertise’, but it’s grown to include a few things I think do our trade no good. Am I moaning about the inevitable, or calling out […]
When it comes to cyber, information, IT (or whatever you choose to prefix it with) security, where do you draw a compliant and cost-effective line? Where, between gold-plated and the status quo, is good enough?
Are you seriously going to ask your milkman the same security questions as your network hosting partner?
Of course not. But between those extremes, companies have a world of pain working out how much vendor and change assurance is enough…
A list complete with links to the #RSAC Social Security Blogger Award nominees and winners. May also include a subtle mention of Infospectives in there somewhere.
A concentrated source of great #InfoSec insight.
Passwords are back in the news thanks to Ed Snowden and a certain French media outlet. As the 2014 Worst Password List shows, length really does matter. Why not have a read.
It looks entirely possible you will have ‘adequate’ security dictated by your insurers, so it is your job to understand the risk based yardstick they’re using to define that