Wednesday, December 21, 2016

What I am reading 12/21/2016

First off my post yesterday on the Internet of Things Cybersecurity Guidance has one of my highest hit counts ever (4), Thanks. After saying that however, I noticed I forgot to link my source - it was Morning Consult and I apologize for forgetting the link.

Now on to the nonsense -

Austin Taylor - Continuous Monitoring - Build a World-Class Monitoring System for Enterprise, Small Office or Home -
this blog post serves as a supplement to the gold paper to implement continuous monitoring in your home. This post will also include specific hardware recommendations and direct links for software download.
I may actually do this.  One of the SANS classes I am interested in is Intrusion Detection In Depth and this might be a good way to start building some additional knowledge.

Ars Technica - Uber is losing money hand-over-fist -
if regulations and laws are there for the company to ignore, so too it seems are basic economic principles like "turning a profit." 
What can I say I always thought Uber was overvalued both in monetary terms and in the value of it's actual service.

WiredWhat Rogue One Teaches Us About the Rebel Alliance’s Military Chops -

Rogue One shows us the opposite extremes of the Rebel Alliance and the Galactic Empire; one is a loose and fluid organization, the other is highly stratified and regimented. The goal for any modern military is to find that sweet spot in the middle. 
I bet he was fun to see the movie with.  "Look over there, that guy is completely ignoring his zone of fire.  Where is his Sergeant?!" 

The Verge - EU says UK surveillance laws are illegal and not ‘justified within a democratic society’

I wonder if there is something the UK can do about this ruling? /snark

Infosec Island - The Home of Cyber Security Best Practice: Public or Private Sector? -
Over the last decade, one could argue that parts of the private sector have demonstrated more examples of best practice in cyber security. That doesn’t mean to say that all businesses are adequately secure – on the contrary. However, by the same token those businesses, whose very existence in a global competitive market depends on good security, offer a good blueprint for success in protecting sensitive data. One fundamental principle that such organisations have embraced is the importance of balancing security against the competing challenges of usability and cost. 
Oh my god, what a horrendous pile of horseshit.  I am not going to try and say that government cybersecurity is perfect (or even good) but I have worked in both sectors and been involved on both sides of the equation, and I can tell you in my experience (within the Department of Energy) the government takes a far more balanced approach.  In fact one of our biggest problems (in my opinion) was people coming from the commercial sector who couldn't understand we had to tailor our solutions.  That is my experience - others will have different ones, and their's are going to be just as accurate for their situation.  You can't just make a blanket statement like this guy did.



Post a Comment