Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.
Translate Into Selected Language
Qualified Writer?
Submit a Guest Article through the SUBMISSIONS link above!
Full-Time Inquiries Contact Us: authors@bloginfosec.com
Categories
- Artificial Intelligence
- Auditing
- Compliance and Laws
- Contingency Planning
- CSO/CISO Perspectives
- Cyber-Physical Systems
- Cybercrime
- Cyberwarfare
- Events
- General
- Human Elements
- Information Security News
- InfoSec Economics
- Physical Security
- Privacy
- Risk Analysis
- Security in Popular Culture
- Security Metrics
- software engineering
- Technical
English
Arabic
Chinese (Simplified)
Dutch
French
German
Italian
Portuguese
Russian
Spanish- "chicken little" "The Shadow Factory" "tragedy of the commons" "we never seem to learn" 2016 presidential campaign 2017 ISE Luminary Leader abend ACARS access control access management account hijacking Accudata ACF2 ACM Ada Adam Smith Advanced Persistent Threat agility AI AI Co-Pilot AICPA ALE aleatory Alex Hutton algorithms Alina Oprea Allan Pomerantz Al Pessin alternate energy sources Amazon Amazon Echo Amazon Kindle America the Vulnerable Amit Yoran Amped analytics Andy Greenberg Anish Bhimani anonymity Anton Chuvakin Antone Gonsalves Anton Troianovski Apache Apple Apple iPhone 5S application-level breaches application development application security apps APT Ari Juels Art Caviello artificial intelligence Ashley Halsey III Ashley Madison Ashley Southall asia assessment AT & T Audit authentication authentication tokens authorization auto-auto auto-auto security automated building-access systems automotive vehicle systems AUTOnomous AUTOmobiles autonomous vehicles autonymous vehicles Availability Availability Heuristics aviation security avionics avionics systems avoidance awareness Awareness / Education awareness instruction awareness training Axciom backup backup and recovery backup facilities BAH Barbara Simons Bash batch production scheduling BCP 188 behavioral economics Ben Edelman Ben Worthen Bert Martin big data biometrics bionic devices BISO BITS black swans bloginfosec Annoucements Bloomberg News Bob Lutz book review Books on InfoSec Booz Allen Hamilton botnets bots BP breach breaches breach incidents breach notification Brewster Kahle Brian Peretti British Petroleum BSIMM Budgeting for Security business business continuity business continunity business owner CACM Cambridge Analytica Cary R Spitzer catastrophe Cathy O'Neil CDE Center for Strategic and International Studies centrifuges cerebellum CERIAS certification CF Disclosure Guidance Charles Babcock Charles Miller china ChoicePoint Christopher Condon Chris Valasek Chris Wysopal CIA CIAO CIA triad CICA CISO CISO savvy CISO skills CISSP cloud cloud-based services cloud computing cloud security Cloud Security Alliance Cloud Security Forum CNAP CNCI COBIT code coding Coding Securely / SDLC Collaboration commercial software Common Criteria Common Quality Enumeration communications complex systems compliance complicated systems Comprehensive National Cybersecurity Initiative Conferences / Events / Meetups confidentiality conflict minerals connected system Consensus Model Context Contingency Planning contingency plans continuity planning convenience vs. security copyright CoreData COTS counterfeit counterfeit equipment CQE crisis management critical infrastructure critical infrastructure security cryptography crypto war CSA CSIS CSSLP CWE/SANS cyber-physical systems cyber-security systems cyberassault cyber attack cyberattack cyber attacks Cybergeddon cyber meltdown cybersecurity cyber security Cybersecurity Act of 2012 Cybersecurity National Action Plan cybersecurity risk Cybersecurity Risk Model cybersecurity standards cyberspace cyberterror cyberterrorism cyberwar cyber war cyber warfare cyberwarfare Dan Geer Daniel H Wilson Daniel Kahneman Dan Schutzer DARPA data analytics data at rest data breach data breaches data breach notification laws data classification data collection data handling. data destruction data in transit data leakage data leakage prevention data life cycle data loss prevention data masking data mining data owners data ownership data protection David Brooks David Chaum David E Sanger David Frum David Streitfeld Daylight Saving Time DBIR DCF DC Nets DDoS deceitware decision theory Deepa Seetharaman deep packet inspection defeat-device software defense in depth definitions degaussing deniability Department of Defense Department of Homeland Security deterrence Devlin Barrett DHS Diffie-Hellman digital signature disaster backup disaster planning disaster recovery diversification DLP DLT DNS DoD Donald Trump Donn Parker Don Strumpf Douglas Hubbard Dreamliner driver-assist technologies driverless driverless vehicles DSS Dyn earthquake Echo Show economics of security Ed Amoroso education Edward J Markey Edward J Snowden Edward Snowden EID Einstein electric cars electromagnetic pulse electromagnetic pulse attack Elinor Mills Elon Musk email EMP employment Encryption end-point security end-user security Engineering Safe and Secure Software Systems Enginnering Safe and Secure Software Systems Enterpise Information Security and Privacy Enterprise Information Security and Privacy EPA epistemic equipment Eric Taub Erik Hollnagl ethical hacking EU Eugene Spafford evidence expected utility expected value Exploit Code / Malware exploits FAA facebook FAIR fake fake news Farhood Manjoo Farjad Manjoo FBI featured FFIEC Fiat Chrysler Firmware Fitbit Flight MH370 flying taxis Ford forensics Forensics / Incidents Forrester Consulting FOSS Frank Bruni FRAP fraud Fredrik Dahl free access FreeBSD Project FS-ISAC FS/ISAC FSL FSSCC FST FSTC FUD FUD Theater Fukushima functional safety functional safety testing functional security testing GAO GAPP Gary Hinson Gary McGraw GE General Motors geo-tracking Germanwings A320 Airbus GLBA GM Google Google Home Google Plus governance government GPS Gramm-Leach-Bliley Gramm-Leach-Bliley Act Gregg F Bartley Greg Shipley grid dependency Gulf oil disaster hack hacked hackers hacking hacks HAL hardening hardware Harold Thomas Martin III hash hazard risk analysis Heartbleed Heartland Payments Heartland Payment Systems high-integirty safety-critical software systems HIPAA Hiroka Tabuchi historical analysis HOB-SSL Homeland Security honeynet honeypot Howard Schmidt HP HP LaserJet printer HTC Droid Incredible Phone Huawei Hugo Teso Human Elements human factors Hurricane Katrina Hurricane Sandy IAM IBM ICE ICS ICSA Labs identification identity and access management identity loss identity management identity theft IDM IDS ID theft IE IEC 61508 IEEE IEEE Security & Privacy IEEE Xplore IETF IIO illusion of validity in-vehicle systems incident incident reporting incidents inductive logic Industrial Control Systems Industry Commentary information classification information risk information risk management Information security information security as business enabler information security governance information security incidents information security management information security metrics information security outsourcing information technology supply chain Information Tehcnology Industry Council innovation insiders insider threat insourcing integrated circuits integrity Intel Intercontinental Exchange Internet banking Internet Explorer Internet of Things intersubjective interval scale Interviews inventory systems IOC IoT IoTA IoTR iPad iPhone iPhone app IPL IPS Iran IRM ISA 99.02.01 Isaac Asimov ISAC ISACA ISAO ISC2 ISE Luminary Leader ISO 26262 ISO 27001 ISO certification ISO compliance ISSA iSuppli ISV ITI ITPF Jack Hitt Jack Welch Jacob Appelbaum James Bamford Japan Jason Healey Jay Lala jeep Jeffrey Immelt Jennifer Bayuk Jesse Eisinger Jim Goodnight Jim Reavis Jobs in Information Security Joel Brenner Joe Weiss John Breit John Marien John Markoff Johnny Long John Villasenor Joseph Garcia Joseph Menn JPMorgan JP Morgan Chase Julian Assange Julie Creswell Karl Brauer Kate Matsudaira KCG Ken Belva keylogging Kik Knight Capital Group knowability KPMG lab certification Lance Hayden Larry Summers law law firms leadership Legal & Regulatory Issues lifecycle LIPA lip reading LISAT Lockheed Lockheed Martin logging logical Lord Kelvin mainframes malicious insider malware malware infection Managing the Risks of Cyber-Physical Systems Mandiant manual backup Mark Zuckerberg Mary Ann Davidson Maylasia Airlines flight MH370 medical identity theft medical insurance Melissa Hathaway men-in-the-middle attack MERgE Safety and Security Partners metadata metrics MH370 Michael Fox Michael Laris Michael Lesk Michael McConnell Michael Riley microsoft Mike Isaac Milton Friedman Mint.com MITRE Mobileye monitoring monoculture Monte Carlo moral hazard Moshe Y Vardi Moti Yung MSSP Mukul Pareek Nagoya Institute of Technology Nancy G Leveson Nanex Group NASA NASDAQ Nasim Nicholas Taleb Nassim Nicholas Taleb Natasha Singer Nate Silver national security National Security Agency National Security Council nation states NCICC NEDC negative testing network network resiliency News Commentary Newt Gingrich Nick Bilton Nicole Perlroth NIST no-charge access Noam Cohen non-objective non-public personal information nonfunctional security testing nonpublic personal information No Tech Hacking NPPI NSA nuclear power plant meltdown Nudge numerical Nvidia NYSE objective objective risk OCTAVE Office of Personnel Management Office of Technology Assessment offshoring one-time passwords online identity onshoring OnStar open access Open Source open source code open source software OpenSSL Open SSL OPM OPM breach OTA outsourcing Outsourcing Information Security overconfidence overwriting OWASP Paris attacks password passwords Patching Paul Ford Paul Krugman PCCIP PCI PCI DSS PDD-63 Penetration Testing Pentium people-process-technology performance metrics perimeter personal personal data personal information personalizing risk personally identifiable information personal safety Peter Tippett Philip Fernbach Phishing Phyllis Schneck Physical Security PII platform security Playstation PMI Policies and Procedures portable devices potential security compromise Poul-Henning Kamp President's Identity Theft Task Force Presidential Decision Direction 63 President Obama prevention printers PRISM Privacy privacy regulations Privacy Rights Clearinghouse privacy v security PrivaTegrity private sector privileged access probability probability calculus probability theory process propensity pseudonymity pump-and-dump qualitative quantiative quantitative quantum computing RACF Ralph Langner Ralph Merkle Rana Foroohar Randall Stross Randy Sabett real v. perceived risk recall Recency Bias recovery Red Flags Red Flags Rule reliability reputational risk research research and development research methodology reshoring resiliency Reverse Engineering Richard A. Clarke Richard Bejtlich Richard Clarke Richard Seiersen Richard Thaler risk Risk Analysis risk assessment risk management risk managment risk metrics risk models risk nexus risk scoring Robert M Slade Robert Thibadeau Robert Westervelt Robin Bloomfield robotics robots ROI Ron Lieber Ron Ross ROSI ROSI Security RSA RSA breach RSA Conference Russia Russian hacks S4E SAE Level 5 automation SAFE 2013 safe and secure cyber-physical systems safety safety-critical software systems safety-critical systems safety-security software gap safety and secuirty engineering Safety and Security Engineering V safety integrity level safety technology safety v security SAI SANS Santa Fe Group sarbanes-oxley SAS 70 SASO SAST SB 1386 SCADA systems Scott Borg SCRM SDL SDLC SEC secondary suppliers secrecy secure development secure software system development lifecycle Secure Software Systems Engineering SecurID Security security-critical security-critical software-intensive systems security-privacy security and privacy security and safety security and saftey co-engineering security awareness Security Breaches security economics Security Innovation Network security intelligence Security Metrics security research security testing security tools self-awareness self-driving self-driving cars self-driving technology self-driving vehicles service providers sharing economy Sharkbot Shawn Henry Sheelah Kolhatkar Shellshock SIAC SIEM SIL SINET Siobhan Gorman SIRO smart-road infrastructure smart grid smartphones SMB Snapchat Snowden Social Engineering social media soft skills software software assurance Software Assurance Initiative software development lifecycle software disposal software engineering software monocultures software recall software resiliency software safety engineers software security software security assurance software testing solar power Solutions / Workarounds Sony source code south korea SOX SPAM Spanair plane crash Spectre and Meltdown spoofing spotight SQL Injection SQL Injection Attack SSAE-16 SSDLC standards Stash Jarocki Stephanie Armour Stephen Hawking Steve Katz Steven Brill Steven Sloman STPA strong passwords structured data Stuxnet subjective subjective risk subjectivity successful behaviors Supervisory Control and Data Acquisition Systems supply-chain redundancy supply-chain risk manaagement supply chain supply chain risk supply chains survivability SwA SwAMP sysadmin system system component System Development Lifecycle systems engineering Takata Takata airbags tamper evident tamper proof tamper resistant TEPCO Tesla Tesla accident testing The Black Swan The Butterfly Effect The Wall Street Journal third-party breach threats TISO Tom Chatfield Tools TopSecret Tor Touch ID Toyota train crash training train wreck transponder Trending Topics TruSecure tsunami Turing Awards two-factor authentication Typhoon Haiyan U.S. Chamber of Commerce U.S. Cyber Consequences Unit U.S. election U.S. Highway Trust Fund Uber UDID Ulster Bank unauthoized disclosure Uncategorized uncertainty unemployment Unix unstructured data V & V vehicle-to-infrastructure vehicle-to-vehicle vehicle-to-vehicle systems vehicle cybersecurity vehicle hacking vendor management Veracode verification and validation Vinton G Cerf Virginia Heffernan virtualisation virtualization Virtual Trust Viruses / Worms Volkswagen vulnerabilities vulnerability vulnerability assessment Vulnerability Commentary Vulnerability Disclosure VW VW case Wall of Constricted Thinking Wall Street Journal Weapons of Math Destruction web applications White House Wikileaks William Forstchen William R. Forstchen William Young Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion WSJ Y2K Y2K hoax Yik Yak Yoo Hoo Zeljka Zorz ZTE
© 2018 BlogInfoSec.com. All rights reserved.
|
Privacy
|
Terms of Service
bloginfosec.com Interviews Jeremiah Grossman on Web App Security