Information Security in Today's Digital Culture
Header

In my previous two blog posts, we looked at the insights and interesting findings contained within the latest Microsoft Security Intelligence Report. The report is now getting some press in the tech community, and one article in particular caught my attention. A report published by H Security notes, with some surprise, that “users are responsible …
Read more

More Insights from the MSIR

October 13th, 2011 | Posted by Brett Edgar in Microsoft | Security - (0 Comments)

In yesterday’s article I detailed some interesting results from the latest Microsoft Security Intelligence Report from the Key Findings Summary.   I’ve now made it through several more sections and wish to highlight some more interesting data. Brett EdgarBrett is a Founder and the former Director of Managed Security Services at TRUE. He has been …
Read more

The latest Microsoft Security Intelligence Report (Volume 11) has been released and contains some interesting information that Microsoft has collected from the execution of its Malicious Software Removal Tool (MSRT) and Internet Explorer SmartScreen® data.  Several of the results confirm what those of us in the network security monitoring community already know: Java is the …
Read more

BEAST: It’s What’s for Dinner

September 29th, 2011 | Posted by Brett Edgar in privacy | Security - (0 Comments)

For the past week, BEAST has been the talk of the InfoSec community.  BEAST stands for “Browser Exploit Against SSL/TLS” and is a new way to execute an attack against CBC mode encryption algorithms.  The attack has been theorized for quite some time (2006 seems to be about the time it became known), but until …
Read more

I was recently discussing IT GRC program implementation with the CIO of a growing, mid-sized software company when he presented the question, “But HOW do you do it?  I mean, how do you get employees to follow the rules in a GRC program?”  The following is the second part to my response to his question… …
Read more