View Post

Be more like Mike!!!! A tribute to a special friend.

A well-respected InfoSec professional, colleague, and friend passed away last week. Two years ago, almost to the day, Mike took me aside before an ISSA meeting and said softly, “I’m afraid I have some news.” My first thought was… uh-oh, Mike’s accepted a position at another company. Previous to that night, Mike & I had been developing a program that …

View Post

Why local governments make the best ransom-ware targets

We’re noticing some significant “enhancements” in the evolution of ransomware. When we connect-the-dots, we reach the conclusion that government officials, from federal officials all the way down to cities & schools, need to up their awareness as to their vulnerability. Let’s lay the foundation for what has emerged as “Ransomware-Two-Dot-Oh-No!”: –         Ransomware-as-a-Service  (RaaS) is hitting the mainstream media… USA Today –         Pyramid scheme meets …

View Post

The fat guy in the red suit is opening his info sec bag for you…

This email is probably the last thing standing between you and a hearty glass of potent eggnog, it’ll be short. Let’s get a jump on all the “Top 10 lists for 2017” before we get to that point of puking every time a new one pops into your inbox.Here are “game changer” technologies to keep your eye on as 2017 unfolds… …

View Post

How NOT to become your in-law’s cybersecurity support desk

You know?  I get friends & family asking all the time about how their personal devices should be secured, especially since Ransomware has been hitting the headlines.  Now, I’ve got my personal devices tied down pretty well, but it’s not like all the things I do are what I’d want my dad trying to configure.  I love him to death, …

View Post

The simplest way is sometimes the best (like, for ransom-ware)

Malwarebytes has been amazingly transparent bringing their anti-ransomware product through the beta process.  Lots of success stories & a good number of false positives on their support forum. <<insert obvious statement about it being beta code for all the trolls & internet tough guys who like to whine about free stuff!>>   Beta #1 came about the time of me shoveling the first …

View Post

Big Bad Wolves Blowin’ Down Some Nasty Ransomware on Yo House

Lately I’ve been having fond memories of gently tucking my kids in bed.  Gosh, time passes quickly.  For me, bedtime stories were a theatrical production.  I amped up a couple of the stories my dad used to tell, and I leaned on a couple of the tried’n’true.   One of my kids’ favorites was my rendition of “The Three Little Pigs”…  Piggies dancin’ away without …

View Post

Your Choice… IoT Security Ninja or IoT Geisha?

You sit there thinking about the impossible task of getting “the C suite” to take responsibility for information security.   Well, our task just got easier. How, you ask?!?  Bring it to their home.   Try googling “internet connected bottle of scotch”.  Then tell me that our “Society of Surveillance” isn’t going to massively disrupt our framework for how we secure our organizations. …

View Post

All of InfoSec’s Answers are in the “Princess Bride”

I’ve watched “Princess Bride” probably 25-30 times. My wife thinks I’m crazy. I tell her I’m exploring my feminine side. It’s a chick flick isn’t it? She swears I just fantasize about being Andre-the-Giant.  I won’t bore you with why there’s a linkage between “Princess Bride” and the three pillars that drive our business, but there are connections in my …