Millennials prove that tech savviness does not always equal security awareness

Bleeping Computer has published an article all about how millennials are more likely to be a victim of phishing and online scams than Baby Boomers (a.k.a. old people). I am taking this story with a few grains of salt because they gathered the data via a survey (in other words, ... Read More

An ongoing list of my blog posts at Alert Logic

| | security
In case you weren’t aware, I moved over to Alert Logic in May of 2017. I am in the technical product marketing group, which is essentially a job where I do various tasks that generally involve helping bring technical people and marketing people together (those two groups at infosec vendors ... Read More
Don’t turn your nose up to “old” infosec ideas

Don’t turn your nose up to “old” infosec ideas

| | security
I recently pinned a tweet to my Twitter account. Here is a picture of that tweet: I pinned that because I found myself turning my nose up at some ideas/articles/posts from smart people with somewhat dated subjects. I also found myself not writing or tweeting about a subject because I ... Read More

Medical records breach in Mass took place over 14 years

I just read this article about a medical records “breach” at a hospital in Massachusetts. The headline reads, “It took 14 years for this Massachusetts hospital to detect a data breach”. When I see something like that, I kinda pause a bit. Why would it take 14 years? That just ... Read More

Protect Sensitive Data on AWS with Amazon Macie

| | Cloud, S3, security
I’m a few days late on this, but I just read on the AWS blog that they launched a new service called Amazon Macie on August 14. According to the website, Macie is “a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS.” ... Read More

Carbon Black having some customer data leaking issues

| | Data leak
My buddy Jim Broome at Direct Defense is stirring the pot a bit today with his latest blog post. Seems like that during an investigation of a potential breach they were performing for a customer, they accidentally discovered that it is possible to harvest some very sensitive data from the ... Read More

Libertarian views and red herrings and people who should know better

| | security
Before you start reading this post, please make sure you don’t stop at the first two paragraphs. I am dredging up an old issue from early 2016, but it is relevant to some recent news. I have a fairly libertarian viewpoint on the world. So whenever I hear about a ... Read More

Great post on the RNC AWS file leak discovery from UpGuard

| | Cloud, iam, S3, security
UpGuard’s post on their discovery of the RNC data is trending big time on the netsec subreddit. I highly recommend going to read the post if you want to know what they found. But in a nutshell, it all centers around the misconfiguration of permissions to the AWS S3 bucket ... Read More
My opinion of my first Gartner event in my 23+ year long career

My opinion of my first Gartner event in my 23+ year long career

I’m sitting here in the beautiful Gaylord National Resort and Convention Center in Washington D.C., nice and comfortable as I look out over the cool little “town” they built inside this gargantuan building. While I enjoy the artificial scenery, I am also thinking about the week I just spent at ... Read More