Part of a security professional’s job is to do research on possible breaches and attacks. Some try to do this in a vacuum, others share data and information, and still others read reports generated by companies in the know. The granddaddy of such reports is the Verizon DBIR. Where are the reports related to our …
Security Training Is BS
How many of you went through your security awareness training for the year? Did it consist of a simple slide show with a quiz at the end—a slide show that covered not even a tenth of your full security requirements and was about as memorable as the rock you went by this morning? Yes, you …
Model for Securely Moving to the Cloud
At InfoSec World 2016 in Orlando, I will be speaking on a model for securely moving to or developing for the cloud. A good model tells you not only what to consider when developing for the cloud, but also what surrounds that application. Knowing what surrounds the application is often required when moving to the cloud. As …
Secure Agile Cloud Development
A secure agile cloud development procedure to produce cloud-native and other applications starts first with a process. (See video at end of this article for a secure process.) This process defines how code created by a developer eventually makes it through to production and customer use. I have found that many companies do not even have …
Observability, Repeatability, and Visibility
Everyone wants visibility into their hybrid cloud of all resources and subsystems. We have expounded upon this need over the years as well as on how to gain some level of visibility. The tools exist, as do the methodologies. What we need now is better observability. Visibility is inherent in many tools today, but observability …
Continue reading “Observability, Repeatability, and Visibility”
Failure of Imagination
After the Apollo 1 disaster, astronaut Frank Borman told Congress that the tragedy had not been caused by any one company or organization, but by the entirety of all those involved with the Mercury, Gemini, and Apollo missions. The problem had been a failure of imagination. They knew that at some point there would be a fire in a space …