Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: Forensics / Incidents

Intentional Security Blindness

– In previous columns I talked about two types of employees, contractors, and the like who could cause your organization harm through poor security practices resulting in loss of data, money, or trade secrets, etc. The first type were people who caused such losses inadvertently through security…

California Wildfires and Data Back-ups

– It looks as though business continuity and off-site data backups / storage are being introduced to the consumer rather than just corporate entities. The wildfires in California have something to do with this… So when I hear about fires in southern California, or hurricanes in the southeast,…

Why I no longer report website vulnerabilities that I stumble upon…

– I wrote this in July 2007 but decided against publishing it at the time. In July, I felt that I did not have a significant, publicly known case to help make the argument legitimized. The Dan Egerstad case prompted me to change my opinion. —- There was a time that if I found a vulnerability…

Information Security Failures and Brand Impacts

– Although I joined LinkedIn some time ago, I do not often check my account there. On a recent login, I noticed that Jeff Lowder — a Director of Information Security and Risk Management at the Walt Disney Internet Group — asked a great question. He gave me permission to post it here: As…

Some Insight (Incite?) on the WSJ IT Security Controls Article

– Alex at RiskManagementInsight noted that the Wall Street Journal (WSJ) published an article explaining to users how they can circumvent their organization’s IT security controls. The other night I met an individual who was very close to the creation of the WSJ article linked above. Said…