• Two new security certification review guides from Microsoft Press

    by Ben Rothke on February 21, 2013

    Last year, Microsoft Press started a series of Rapid Review certification books. With 6 currently in print; two of the titles are around security, namely CISSP Rapid Review by Darril Gibson andCompTIA Security+ Rapid Review by Michael Gregg. The books are meant as secondary references for the certification and indeed make excellent review guides. The guides are meant for certification exam…

  • Ally's Picks - Restaurants in SF

    by Ally Lorentson Dunn on February 21, 2013

    As you're planning your itinerary for the week - don't forget to work in some time to go out and have an excellent SF meal! As a recent transplant, I've dedicated many hours to exploring my local dining options. With the most restaurants per capita in the country (really!), narrowing it down can be tough. I'll attempt to give some guidance with my recommendations below. Coffee Spots Blue Bottle…

  • RSA Conference Welcomes BSides

    by Jeanne Friedman on February 19, 2013

    We at RSA Conference are very pleased with the relationship we are building with BSides San Francisco. BSides registrants have already been sent discount codes for Expo and delegate passes to RSA Conference 2013 taking place February 25 to March 1 at Moscone Center in San Francisco. We know there are plenty of activities and parties on the last day of BSides, but we invite every BSides attendee…

  • The Design of Rijndael: AES - The Advanced Encryption Standard

    by Ben Rothke on February 19, 2013

    While it was printed about 11 years ago, I just got around to reading The Design of Rijndael: AES - The Advanced Encryption Standard. Appropois given that the RSA conference is next week. Many information security titles over a decade old are obsolete (such as those on Windows NT and OS/2 security), but the Rijndael algorithm which became the AES (Advanced Encryption Standard) is still very much…

  • Security Engineering: A Guide to Building Dependable Distributed Systems

    by Ben Rothke on February 15, 2013

    Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson is one of, if not the best information security book ever written. With a list price of $80, it's worth every penny. With that, thanks to Robert Slade for pointing out today in Risks Digest 27.16 that Ross Anderson has made all chapters from the second edition now available free online. You can get it here. …

  • Using Social Media for Global Security

    by Ben Rothke on February 11, 2013

    Every knows that social media is an extremely powerful technology. The notion of social media analytics (SNA) which Using Social Media for Global Security deals with didn’t even exist a few years ago. SNA enables organizations to act on intelligence gleaned from social media online conversations. The book is written for cybersecurity professionals, security analysts, policy experts, …

  • Low Tech Hacking: Street Smarts for Security Professionals

    by Ben Rothke on February 7, 2013

    Security guru Bruce Schneier has observed that for those organizations that have incorrectly deployed cryptography, it is akin to putting a big flagpole in front of your facility and hoping that it will stop any attackers from breaking in. Of course, attackers will simply go around the flagpole rather than running into it. In Low Tech Hacking: Street Smarts for Security Professionals, the authors, …

  • Computer Security Literacy: Staying Safe in a Digital World

    by Ben Rothke on February 4, 2013

    One of the most important papers on computer security and usability was Why Johnny Can’t Encrypt, A Usability Evaluation of PGP 5.0 by Alma Whitten and J.D. Tygar. They noted that user errors cause or contribute to most computer security failures. User error was manifest last week when it was detailed that the New York Times was penetrated over the course of four months by Chinese hackers who…

  • Hacking For Dummies – 4th edition

    by Ben Rothke on January 30, 2013

    I first reviewed Hacking For Dummies in 2006 when it was in the 2nd edition. With the 4th edition of the book just out, my friend Kevin Beaver has a completely updated and valuable guide. The current edition has the same basic motif, but is updated for Windows 8, Linux, wireless and other new hacking and penetration testing tools. The books theme, like that of all books of the same genre, is that…

  • Is Cybersecurity Training and Education the Answer?

    by Gib Sorebo on January 22, 2013

    As politicians fight over the right approach to addressing cyber threats, the consensus seems to be that more training and education are needed, particularly in the area of critical infrastructure. Many proclaim, somewhat accurately, that many cybersecurity weaknesses are the result of users clicking on links or opening files that they should not. Logically, then, those same users should be…

This document was retrieved from on Wed, 02 Dec 2015 01:57:35 -0500.
© 2015 EMC Corporation. All rights reserved.