Dec 7, 2020Alexa startled a strangerImagine you’ve bought a vehicle with an Alexa skill. It’s literally the bleak mid-winter and you’ve decided that this skill is essential to your personal well-being because it allows you to start your vehicle without experiencing that first morning chill as you breath in freezing air. Flash forward five years…Ciso1 min read
Oct 22, 2020Fives and Twenty-fives: a cyber perspectiveThis morning, after reading this article (https://www.zdnet.com/article/us-blames-iran-for-spoofed-proud-boys-emails-threatening-democrat-voters/), I found myself thinking about Michael Pitre’s 2014 novel “Fives and Twenty-fives”. …Ciso3 min read
Sep 26, 2020A few weeks ago I had hernia surgery (I can’t violate my own HIPAA rights, right?).A few weeks ago I had hernia surgery (I can’t violate my own HIPAA rights, right?). The surgery was performed by the New Orleans VA medical center and I couldn’t have been happier with the whole thing from appointment making to diagnosis to the actual surgery. …Surgery2 min read
Jan 27, 2020Haiku #11 Security Awareness EvangelismOrchid colored phish Swims past coral reef firewall Maims ecosystem Most hacks start with a phish because e-mail security is porous and constantly evolving. Every few weeks our email provider changes their management and security dashboard just enough that our team needs to launch an investigation to find previously available…Cybersecurity6 min read
Jan 27, 2020Haiku #10 SheepdogSheep dog, over watch, scout Blue teams defend family Teammates, friends, shared goals Those of the cyber community who play an active role in defense of our communities have many images ascribed to them. Perhaps my favorite is that of the sheepdog. Every day I pass two diligent sheep dogs…Cybersecurity4 min read
Jan 27, 2020Haiku #9 Hackers? Really?Firewall, port blocked! Crap! Search for back door, probe weakness Found one. Problem solved Regardless the imagery we superimpose on cyber criminals, at their core they too come to work to solve problems. Unfortunately our understanding of the distinction between hackers and cyber criminals really needs to be more fully…Cybersecurity5 min read
Jan 27, 2020Haiku #8 Cryptocurrency and blockchainCryptocurrency Blockchain, bad software, few rules Swiss banks, fiats, still lead The hype around blockchain and cryptocurrency seems to have been somewhat tempered by the realization that bad practices in system development still lead to ingress points for criminals to exploit for malevolent gain. …Cybersecurity3 min read
Jan 27, 2020Haiku #7 Compliance and securityOWASP, COBIT, NIST HIPAA, HITRUST, SOX…Controls Are only the start Compliance and security are certainly partners, but neither is a complete solution unto itself. The idea that meeting a HIPAA checklist or a HITRUST checklist is even remotely close to security would be comical if it weren’t so tragic. First…Cybersecurity5 min read
Jan 27, 2020Haiku #6 Double edged swordsMalware, Trojan, worm Credential spray, brute force, tor Tools? Weapons of war? Most tools, whether we think about it or not, have at least two potential purposes; one legitimate and one not. Most people’s actions can be perceived similarly. …Cybersecurity4 min read
Jan 21, 2020Intermittent Fasting with ZeroFor every successful intermittent fasting story, there’s an unsuccessful one. We’re not all created equally and I suspect we all respond to various stimuli in just as many different ways. My journey was one of sacrifice and discipline. …Intermittent Fasting3 min read