UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Ira Winkler

Contributing Columnist

Ira Winkler, CISSP, is president of Secure Mentem, and author of the forthcoming book, Advanced Persistent Security. He can be contacted at securementem.com.

The Latest from Ira

At Dulles, a security awareness success story

Opinion

At Dulles, a security awareness success story

The detention of Norway’s former prime minister, when stripped of politics, was an example of proper security awareness.

The flaw in applying culture to awareness programs

Opinion

The flaw in applying culture to awareness programs

I appreciate that organizations are beginning to realize that they need to understand their corporate culture in their implementation of awareness programs. It is long overdue. Unfortunately as a concept, it is being grossly...

Making the GRIZZLY STEPPE Joint Action Report useful

News Analysis

Making the GRIZZLY STEPPE Joint Action Report useful

I was surprised when I saw the cynicism to the Joint Action Report (JAR) put out by the Department of Homeland Security and FBI. It seems like it is cool to criticize the report, and that can be a disservice to the whole industry.

The security gift guide

Feature

The security gift guide

Give the gift of security, so people will give you the gift of not asking for help and advice.

What awareness is supposed to be

Opinion

What awareness is supposed to be

Recent W-2 and accounts payable thefts show governance should be the cornerstone of awareness.

What is phishing awareness success?

Opinion

What is phishing awareness success?

A recent article asking the question to security professionals seemed to miss the mark, and raises more questions than it answers.

Pokemon Go: What security awareness programs should be doing now

Opinion

Pokemon Go: What security awareness programs should be doing now

Pokemon Go represents a tremendous security threat. As with all tremendous threats, it can also be your greatest opportunity.

Meet the hacker taking over ISIS twitter accounts

News Analysis

Meet the hacker taking over ISIS twitter accounts

In the last week, Wauchula Ghost has been attracting even more attention as he has been successfully compromising the twitter accounts of ISIS sympathizers, and posting gay porn on those accounts in retaliation for the Orlando...

9 reasons why your security awareness program sucks

Feature

9 reasons why your security awareness program sucks

I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing.

Did NSA underestimate the insider threat?

News

Did NSA underestimate the insider threat?

In this edition of the Irari Report, Ira Winkler and Araceli Treu Gomes continue their interview of Chris Inglis, former Deputy Director of NSA. In this segment, they focus on how an organization that is so aware of the insider threat...

Former NSA deputy director says Edward Snowden lacks courage

Analysis

Former NSA deputy director says Edward Snowden lacks courage

Thoughts from Chris Inglis, former Deputy Director of NSA, about whistleblower Edward Snowden’s reasons for leaking classified NSA documents

Charges against Iranian hackers are ignorant, cowardly and dangerous

Opinion

Charges against Iranian hackers are ignorant, cowardly and dangerous

Iranian and Chinese governments directed and funded attacks, so why are Iranian and Chinese citizens being charged instead of the governments that directed their actions?

Behind every stupid user is a stupider security professional

Opinion

Behind every stupid user is a stupider security professional

Security professionals should look in the mirror, before declaring a user, “stupid”.

5 facts about Apple and the terrorist’s iPhone

Opinion

5 facts about Apple and the terrorist’s iPhone

The truth behind the hype and misunderstandings surrounding the case.

FBI/DHS hack shows need for role-based security awareness programs

Feature

FBI/DHS hack shows need for role-based security awareness programs

When a hacker released the contact information of 9,000 DHS employees, it was the result of several awareness failings. The reality is that these are failed awareness programs that are typical of industry as a whole.

Twitter’s takedown of ISIS accounts still unsatisfactory

News Analysis

Twitter’s takedown of ISIS accounts still unsatisfactory

While Twitter is making some efforts to thwart ISIS recruiting, fundraising, and planning efforts, there is still much more to be done.

The threat of shoulder surfing should not be underestimated

Opinion

The threat of shoulder surfing should not be underestimated

Ira Winkler questions a recent column on the topic of shoulder surfing, also called visual hacking, and suggests that a better understanding of security awareness would go a long way.

Opinion

The stupidity of cybersecurity predictions

Security industry prognosticators rely more on marketing, hype, and our own bad memories than any knowledge of security past, present or future.

How Anonymous really targets ISIS

News

How Anonymous really targets ISIS

With the ISIS attacks on Paris, Anonymous declared war on ISIS. The reality is that is more hype than fact, and misleading.

ISIS uses US hosting services to avoid intelligence agencies

Analysis

ISIS uses US hosting services to avoid intelligence agencies

Ira Winkler and Araceli Treu Gomes learn that ISIS has purposefully been using Google and Amazon Web Services to avoid US and international intelligence agencies.

Load More

Popular Resources

White Paper

A Developer’s Guide to the OWASP Top 10 2017
Video/Webcast
Sponsored

Actionable Guidance to Succeed in Enterprise-Class Privileged Access Management
White Paper

BI and Data Warehouse Testing: Identifying Data Integrity Issues at Every DWH Phase
White Paper

Continuous Customer Testing in Agile Software Development
White Paper

Optimizing Business Value with the Right Cloud Environment

See All