The Death of Passwords

Password Management

 

Good enough.

It’s not a concept most people associate with information security people or the approach to information security but it is something we in information security desire.  We don’t want to overburden ourselves with unnecessary work or even management of controls.

Standardize Your Security In An Agile Culture

 

Thoughts on Information Security and Risk Management in an Agile Culture

 

 

Narrated slidedeck from a presentation given at the Chattanooga chapter of ISSA.

In keeping with the Ides of March timing of the presentation, I chose to model my analogy to include references to Julius Caesar and Mark Antony.

CSIP Looks Good

After reading through the CyberSecurity Strategy and Implementation Plan (CSIP) I was impressed with its scope and relatively clear terminology, acronyms notwithstanding, and how it outlined federal strategy.  I expect the timelines to be challenging, though.

 

Legacy Risk Corollary

Risk management encompasses risks to privacy, network, process, brand, etc.  I’m interested in a juncture of two threat vectors in this post.