Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

BlogInfoSec.com Spotlight

NASDAQ Hack and the Failure of InfoSec

The front cover page of the July 21-27, 2014 issue of Bloomberg Businessweek magazine screams out “THE NASDAQ HACK.” The headline refers to the lead article by Michael Riley with the title “How Russian Hackers Stole the Nasdaq: It was easier than you think.” The article describes, in great detail, the events surrounding the discovery […]

Featured Articles

The CIA Triad: Theory and Practice

() Recently Bloginfosec.com published an article by Warren Axelrod entitled, It’s About Availability and Integrity (not so much Confidentiality). It appears that the article Read more…

6 Theories of Probability and 6 Reasons Why They Matter to ISRA

() While probably everyone would agree that information security risk analysis (ISRA) is shot through with appeals to probability, very few non-academic discussions of ISRA provide Read more…

Why the “Risk = Threats x Vulnerabilities x Impact” Formula is Mathematical Nonsense

() Every now and then I will find a security practitioner presenting the following formula when discussing information security risk analysis (ISRA). Risks = Threats x Read more…

Decision Theory is the Foundation for Information Security Risk Management

() Disclaimer: I originally wrote the following text as a post to a mailing list in 2005, but it still seems applicable today. The more I read the writings of various information Read more…

H1N1 Threat Overblown? Information Security Relevance? A Logic Proof

() “H1N1 was totally overblown. Nothing really terrible happened. No one suffered a pandemic and the resulting deaths were less in number than the deaths from the regular Read more…

Network Solutions “Hacked Account” Demonstrates Incompetence

() When in doubt, claim the account was hacked. That appears to be the reasoning of a Network Solutions Technical Support Representative. Normally I do not write about other Read more…

US Drones Hack: It’s The Same Old Story

() CNN reports that Iraqi insurgents were able to hack and view live feeds from US Spy Drones. The vulnerability was a non-technical one. The article summarized the issue as thus: Read more…