Eweek published a puff piece promoting the security of Google’s Android operating system that is starting to show up on some mobile phones. It read like a rip and read job from a Google marketing brochure:
1 – not really valid – we’ve said open source code gets more secure, more quickly but it is [...]
Entries Tagged as 'Uncategorized'
Is Google Android The Same “Most Secure Operating System” That Windows XP Was Supposed to Be?
November 4th, 2009 · No Comments
Tags: Uncategorized
Twelve Word Tuesday: Openess Good, Newness Bad
November 3rd, 2009 · 1 Comment
Transparency plus inspection is the friend of security, freshness not so much.
Tags: Uncategorized
The Security Risks of Consumerization Hit Home for US Congress
November 2nd, 2009 · 5 Comments
I live in the Washington DC area and much Beltway buzz about the Washington Post article on Tiversa’s discovery of a House ethics report openly available on a peer to peer music stealing file sharing network. The first reaction, of course, was to blame a cyber-attack, likely launched by the Chinese or maybe the North [...]
Tags: Uncategorized
The Business of Automating Security Content
October 28th, 2009 · No Comments
Yesterday I spoke at the 5th annual NIST Security Content Automation conference in Baltimore. A few years ago I spoke at the 2nd or 3rd SCAP conference, which was then a much smaller event held at NIST headquarters in Gaithersburg. The conference attendees then were mostly government security staff and managers, with a few small [...]
Tags: Uncategorized
Twelve Word Tuesday: Northwestern Pilots Highlight the Myth of the Responsible User
October 27th, 2009 · No Comments
Pilots play with laptops, miss airport; users click, install malware – eternal battle.
Tags: Uncategorized
Risk Is Just Like Obscenity
October 23rd, 2009 · 1 Comment
Yesterday at our last security session at Gartner’s annual Symposium, I chaired a debate called “Is Government Regulation Required to Increase Cybersecurity?” The panelists were Gartner analysts French Caldwell, Paul Proctor and Earl Perkins. Basically, I was against government regulation and those three were for it.
Essentially, French felt regulation done right was needed and would [...]
Tags: Uncategorized
Czar Wars – The Silliness of Hoping Moses Will Come Down With The Ten Security Commandments
October 22nd, 2009 · No Comments
Dark Reading has a piece on US Department of Homeland Security Secretary Janet Napolitano weighing in against the need for a Cabinet-level cybersecurity position. I agree big time – even though Secretary Napolitano’s position is surely based on protecting DHS’s charter.
Many have this vague hope that if government were to issue security regulations or if [...]
Tags: Uncategorized
Who Moved My Soap – The Best Security Reacts Quickly to Change
October 21st, 2009 · 1 Comment
This is the 11th year I’ve presented at Gartner’s annual Symposium in Orlando, Florida. The terrorist attacks of 2001 and the dot com bust of the same timeframe caused a lot of changes back then but for the last 8 years it has largely been the same. The same type of room in the Swan [...]
Tags: Uncategorized
Twelve Word Tuesday: The Cellphone as the Elusive Second Authentication Factor
October 20th, 2009 · 4 Comments
Most people take way better care of their smartphones than their passwords.
Tags: Uncategorized
At Gartner Symposium: Gartner Uses Every Part of the Analyst, Including the Oink
October 19th, 2009 · No Comments
This week I’ll be sucked into the Gartner IT Symposium vortex, where life is pretty much a constant rotation of 1-1 meetings with attendees, giving presentations, doing the normal inquiry phone calls with Gartner clients, and sneaking time online to work off the never-ending flow of email.
Looking through my calendar at the one-on-one attendee meetings [...]
Tags: Uncategorized