• The Perils of Audits

    by Gib Sorebo on August 31, 2013

    Among critical infrastructure asset owners, a common device for ensuring that their cybersecurity risk posture is appropriate is an audit. We'll leave aside whether the motivation is compliance or simply a desire to be as secure as possible against attacks. In essence, both motivations often lead to the disaster that is the audit whether it is driven by "best practices" or a particular compliance…

  • Practical Anonymity: Hiding in Plain Sight Online

    by Ben Rothke on August 29, 2013

    With that news that the NSA is monitoring much of the traffic on the Internet, many people are looking to go below the radar. In Practical Anonymity: Hiding in Plain Sight Online, author Peter Loshin shows how to make anonymous use of the Internet. Much of this brief book (130 pages) is on the use of tools such as Tor and Tails. Looks to be interesting. Full review to follow. ISBN 978-0124104044

  • Why Have a Privacy Policy

    by Stephen Wu on August 28, 2013

    Privacy has been a hot legal issue for years, and the temperature is moving even higher. Governmental enforcement actions and class action suits have become ever more common. One common trigger is a data privacy or security breach. Surprisingly, in 2013, another common trigger is the lack of a privacy policy. Yes, there are some companies that create online services or Internet applications…

  • Security Blogger Q&A - Elliott Frantz

    by Ally Lorentson Dunn on August 26, 2013

    Elliott Frantz, Virtue Security: Describe your blog in one sentence: Application security for ethical hacking professionals. Complete this sentence: “The RSA Conference is a world in its own. ” How did you become interested in information security? I started as teenager when I was just beginning high school. I was first interested in learning to program as a…

  • Hacking Exposed Mobile: Security Secrets & Solutions

    by Ben Rothke on August 26, 2013

    Little did anyone know that when the first Hacking Exposed books came out over 15 years ago, that it would launch a set of sequels on topics from Windows, Linux, web development, to virtualization and cloud computing, and much more. It was a series that launched a generation of script kiddies, in addition to security experts. In 2013, the newest edition is Hacking Exposed Mobile Security Secrets …

  • The Evolution of What We Value and How Much

    by Gib Sorebo on August 19, 2013

    In the current controversies involving what our intelligence community is collecting about its citizens, the issue has frequently been framed as a balance of protecting the personal safety of people versus protecting one’s privacy. While delving deeper may reveal a false dichotomy, we nonetheless must acknowledge that such tradeoffs do exist. At the very least, we’ve come to expect and accept…

  • Secret History: The Story of Cryptology

    by Ben Rothke on August 15, 2013

    In Secret History: The Story of Cryptology, author Craig Bauer notes that most available cryptology books primarily focus on either mathematics or history. Breaking this mold, the book gives a thorough yet accessible treatment of both the mathematics and history of cryptology. This looks to be a really interesting read. Full review to follow. Chapman Hall/CRC 1466561866 978-1466561861 Rothke

  • Europe Program Committee - Trends in Security

    by Ally Lorentson Dunn on August 14, 2013

    We posed the question below to our Europe Program Committee recently and their responses follow: Below is a word cloud for the titles of all the submissions for RSA Conference Europe 2013. Over the next 3 years what words do you think will get bigger, what words do you think will get smaller, will there be any new words, and why? In other words, what trends and priorities do you see in security…

  • The Healthy Programmer: Get Fit, Feel Better, and Keep Coding

    by Ben Rothke on August 12, 2013

    Diet books are literally a dime a dozen. They generally benefit only the author, publisher and Amazon, leaving the reader frustrated and bloated. With a failure rate of over 99%, diet books are the epitome of a sucker born every minute. One of the few diet books that can offer change you can believe in is The Healthy Programmer: Get Fit, Feel Better, and Keep Coding. Author Joe Kutner observes…

  • The Practice of Network Security Monitoring: Understanding Incident Detection & Response

    by Ben Rothke on August 8, 2013

    Full disclosure: the author of this book is a professional acquaintance of mine. It has been about 8 years since Richard Bejtlich’s last book Extrusion Detection: Security Monitoring for Internal Intrusions came out. That and his other 2 books were heavy on technical analysis and real-word solutions. Some titles only start to cover ground after about 80 pages of introduction. With this book, you…

This document was retrieved from on Sun, 19 Apr 2015 13:36:57 -0400.
© 2015 EMC Corporation. All rights reserved.