Information Security
Que Certification
ISBN 0-7897-2801-X
Let FedRAMP be your security guide
Living in the Washington, DC area, we are bombarded with advertisements touting services for the government. These ads include everything from logistic services to basic office services provided by companies that support the physically challenged to technology services. Ads that resonate with me are the ones for “cloud” services that tout being FedRAMP certified.
Hard shell security leads to a gooey mess
Continuing the discussion on the state and future of #MyIndustry, the information security industry, I bring you commentary based on the most recent news. UCLA Health may be ranked as one of the best healthcare facilities in the nation, but when it comes to information security it is as common as anyone else. On July 17…
Unsafe at Internet Speed
I originally intended this to be an answer to some of my critics. But after seeing Robert Herjavec’s post asking for a “debate the state — and future — of their industry,” I am going to use this to say that the state of #MyIndustry lacks the leadership and is destined for failure.
“Best Practice” shows the cloud’s security weaknesses & Amazon contributes
When an information security analyst performs a risk assessment, the analyst is supposed to look at the full systems architecture in order to determine whether the required confidentiality of the data can be maintained, the integrity of that data can be proven, and the data is made available in a manner consistent with the business requirement. The analysis should also take into account the impact of the availability of the system.