Tag Archives: IAM

Cybersecurity and the Government Shutdown

– I had originally thought of comparing the impact on cybersecurity of the December 2018/January 2019 35-day partial government shutdown to other forms of upheaval, bringing in references to my chapter “IAM Risks during Organizational Change and Other Forms of Major Upheaval,” in Digital…

Campaign Lessons Learned—Part 3: Authenticity, Authority and Access

– From the cybersecurity professionals’ point of view, identity and access management (IAM) is really all a matter of authenticity, authorization and access permissions. Similarly, if the origin of a news item or blog or comment can be traced to a provably authoritative source, then it is more…

Data Masking: Good … Information Masking: Very Bad

– As we learn more and more about the huge data breach of the U.S. Office of Personnel Management (OPM), two aspects are grabbing everyone’s attention. One is the weakness of the security measures implemented by OPM and its contractors; the other is that senior management of OPM and purportedly…

Aircraft Safety … And Security

– There was once a time when aircraft crashes appeared to be due mostly to mechanical failures or malfunctioning aircraft control systems. Yes, some incidents were caused by terrorists, and there were some accidents due to “human error,” but a goodly number of those also had system and/or…

Confirmation of NSA IAM Deficiencies

– I read an article by Neil McAllister in The Register of August 30, 2013 confirming many of the suppositions that I made in my July 1, 2013 BlogInfoSec column “NSA: IAM … What IAM?” The article “NSA: NOBODY could stop Snowden—he was a SYSADMIN: Virtually unfettered access blew…