by John Pescatore | October 28, 2009 | Submit a Comment
Yesterday I spoke at the 5th annual NIST Security Content Automation conference in Baltimore. A few years ago I spoke at the 2nd or 3rd SCAP conference, which was then a much smaller event held at NIST headquarters in Gaithersburg. The conference attendees then were mostly government security staff and managers, with a few small [...]
Category: Uncategorized Tags:
by John Pescatore | October 27, 2009 | Submit a Comment
Pilots play with laptops, miss airport; users click, install malware – eternal battle.
Category: Uncategorized Tags:
by John Pescatore | October 23, 2009 | 1 Comment
Yesterday at our last security session at Gartner’s annual Symposium, I chaired a debate called “Is Government Regulation Required to Increase Cybersecurity?” The panelists were Gartner analysts French Caldwell, Paul Proctor and Earl Perkins. Basically, I was against government regulation and those three were for it. Essentially, French felt regulation done right was needed and [...]
Category: Uncategorized Tags:
by John Pescatore | October 22, 2009 | Submit a Comment
Dark Reading has a piece on US Department of Homeland Security Secretary Janet Napolitano weighing in against the need for a Cabinet-level cybersecurity position. I agree big time – even though Secretary Napolitano’s position is surely based on protecting DHS’s charter. Many have this vague hope that if government were to issue security regulations or [...]
Category: Uncategorized Tags:
by John Pescatore | October 21, 2009 | 2 Comments
This is the 11th year I’ve presented at Gartner’s annual Symposium in Orlando, Florida. The terrorist attacks of 2001 and the dot com bust of the same timeframe caused a lot of changes back then but for the last 8 years it has largely been the same. The same type of room in the Swan [...]
Category: Uncategorized Tags:
by John Pescatore | October 20, 2009 | 4 Comments
Most people take way better care of their smartphones than their passwords.
Category: Uncategorized Tags:
by John Pescatore | October 19, 2009 | Submit a Comment
This week I’ll be sucked into the Gartner IT Symposium vortex, where life is pretty much a constant rotation of 1-1 meetings with attendees, giving presentations, doing the normal inquiry phone calls with Gartner clients, and sneaking time online to work off the never-ending flow of email. Looking through my calendar at the one-on-one attendee [...]
Category: Uncategorized Tags:
by John Pescatore | October 14, 2009 | 2 Comments
Not only did Microsoft come out with a huge list of critical vulnerabilities yesterday (including a critical Windows 7 patch), but Adobe joined in with a whooper list of their own – 29 individual CVE numbers. Many of the Adobe vulnerabilities have had active exploits out already, so patch pushing is high priority. If your [...]
Category: Uncategorized Tags:
by John Pescatore | October 12, 2009 | 3 Comments
Hanging on my keychain is a brass medallion. On one side it says “Trusted Information Systems Inc. – Building a World of Trust” and on the other side it says “TISX – IPO October 10, 1996″ Sometime earlier that year, or late in 1995, Checkpoint had also gone public and many other Internet security pureplays [...]
Category: Uncategorized Tags:
by John Pescatore | October 9, 2009 | 1 Comment
Comcast announced that its Internet service customers would get free “Constant Guard Security Program” features, which basically means McAfee software for their desktops and a Comcast browser toolbar that ties in anti-spyware and phishing alerting from CA. Now, this is better than Comcast doing nothing, but it basically means Comcast will carry the malware all [...]
Category: Uncategorized Tags:
