Monthly Archives: March 2014

iRisk

Posted on March 24, 2014 by Carmelo

iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added. Here is where … Continue reading

Posted in Security Blog | Tagged , , , , , , , , , | Comments Off on iRisk

BCJs in an SSAE-16

Posted on March 24, 2014 by Carmelo

I looked everywhere for this acronym that I found while processing a Type II SSAE-16. I guessed pretty close, but since someone helped me find it, you may have to google it one day and hopefully you will find that: … Continue reading

Posted in Security Blog | Tagged , , | Comments Off on BCJs in an SSAE-16

Botnet Command and Control

Posted on March 22, 2014 by Carmelo

James Lyne explains some botnet command and control.

Posted in Security Blog | Tagged , , , , , , , | Comments Off on Botnet Command and Control

Visualize the World’s Biggest Data Breaches

Posted on March 21, 2014 by Carmelo

Visit here to see an interactive of the graphic below http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Posted in Security Blog | Tagged , , | Comments Off on Visualize the World’s Biggest Data Breaches

HIPAA or HIPPA?

Posted on March 20, 2014 by Carmelo

When professional publications, job postings, and Health related websites mess up the acronym for HIPAA, I get really ticked. I just bought this book, they just wrote out what HIPAA stands for and they still get the acronym wrong? What’s … Continue reading

Posted in Security Blog | Tagged , , | Comments Off on HIPAA or HIPPA?

Compliance’d

Posted on March 20, 2014 by Carmelo

For the lols, I’m hopefully going to create more ridiculous meme like pictures like this. P.S. I made this, if you see it somewhere else, they stole it from me.

Posted in Security Blog | Tagged , , , , | Comments Off on Compliance’d

Edward Snowden on Ted: Here’s How to Take Back the Internet

Posted on March 19, 2014 by Carmelo

Makes you think differently about this bottle top. Read it from the perspective of the normal person, read it from the perspective of Edward Snowden, then read it from the perspective of the NSA.

Posted in Security Blog | Tagged , , , , , , , , , , , , , , , , | Comments Off on Edward Snowden on Ted: Here’s How to Take Back the Internet

The Internet of Things

Posted on March 14, 2014 by Carmelo

  The Internet of Things (IOT) is a concept of delivering Internet to almost anything that has a chip in it. Cool for the end user, but for the cybersecurity minded person, an inevitable nightmare. In January, a refrigerator was … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on The Internet of Things

Bruce Schneier Facts

Posted on March 13, 2014 by Carmelo

Bruce Schneier Fact #1: Bruce Schneier once killed a man using only linear cryptanalysis. Bruce Schneier Fact #2 Bruce Schneier once decrypted a box of AlphaBits. Bruce Schneier Fact #3 P = NP in Bruce Schneier’s very presence. Bruce Schneier … Continue reading

Posted in Security Blog | Tagged , , , | Comments Off on Bruce Schneier Facts

Schneier on Security: Terms of Service as a Security Threat

Posted on March 12, 2014 by Carmelo

Bruce Schneier is a cybersecurity evangelist who is on his game. I’ve read his book Secrets and Lies: Digital Security in a Networked World and I highly recommend it. Keeping current on his blog and his writing definitely should be … Continue reading

Posted in Security Blog | Tagged , , , , | Comments Off on Schneier on Security: Terms of Service as a Security Threat