by scott | Nov 18, 2015 | Information Security Musings
Living in the Washington, DC area, we are bombarded with advertisements touting services for the government. These ads include everything from logistic services to basic office services provided by companies that support the physically challenged to technology services. Ads that resonate with me are the ones for “cloud” services that tout being FedRAMP certified.
by scott | Jul 20, 2015 | Information Security Musings
Continuing the discussion on the state and future of #MyIndustry, the information security industry, I bring you commentary based on the most recent news. UCLA Health may be ranked as one of the best healthcare facilities in the nation, but when it comes to information security it is as common as anyone else. On July 17…
by scott | Jul 17, 2015 | Information Security Musings
I originally intended this to be an answer to some of my critics. But after seeing Robert Herjavec’s post asking for a “debate the state — and future — of their industry,” I am going to use this to say that the state of #MyIndustry lacks the leadership and is destined for failure.
by scott | Jul 10, 2015 | Information Security Musings
When an information security analyst performs a risk assessment, the analyst is supposed to look at the full systems architecture in order to determine whether the required confidentiality of the data can be maintained, the integrity of that data can be proven, and the data is made available in a manner consistent with the business requirement. The analysis should also take into account the impact of the availability of the system.
by scott | Jun 18, 2015 | Information Security Musings
The following is the text of a letter that was sent to Sens. Ben Cardin and Barbara Milkulski. A copy was also sent to Rep. Chris VanHollen: As I watched the reporting of the interaction between House Oversight and Reform Committee and OPM Director Katherine Archuleta and OPM CIO Donna Seymour, I realized that no matter how many times government officials are scolded by members of congress, there will remain no consequences for the OPM’s issues.
by scott | Jun 1, 2015 | Information Security Musings
Over the last few years, the stories about retailers have been falling and being ignored like rain on a hot tin roof. There have been so many failures of security that the public is getting numb to yet another announcement.