WannaCry didn’t come in over email. NotPetya didn’t come in over email. So why are people asking us to include phishing controls in our threat models?
Watch more videos on my YouTube channel.
Archive for July, 2017
Stuck in Traffic – Deep Hosting Pwned
Posted byDeep Hosting gets compromised with a php shell. So how can we stop similar attacks in our environment?
Watch more videos on my YouTube channel.
Stuck in Traffic – Core Values Driven Security
Posted bySecurity programs aligned with an organization’s core values seem to get more buy-in, traction, and visibility.
Watch more videos on my YouTube channel.
Stuck in Traffic – updating incident response plans
Posted byOur incident response plan covers the basics. The things we’ve seen before. Things like malware or phishing. That’s fine for a corporate environment, but what about cloud services? How do we update the plan for new changes?
Watch more videos on my YouTube channel.
Stuck in Traffic – Developers Encryption Choices
Posted bySHA1 was broken earlier this year. RSA 1024 was broken earlier this week. So what can developers do to choose the right encryption? And how can we future proof our applications?
Watch more videos on my YouTube channel.
Stuck in Traffic – Fireworks and Software Defects
Posted byFireworks remind us of just how interwoven our lives have become with software. Take the Big Bay Boom in San Diego, when all the fireworks went off at once. It was a bright loud shiny example of what happens when little glitches hit big events.
Watch more videos on my YouTube channel.
Stuck in Traffic – No Return on Investment
Posted byWhat if I were to tell you, there is no ROI on IT security purchases? (Spoiler: I’ll share the one exception at the end of the video.)
Watch more videos on my YouTube channel.