Ira Winkler

Contributing Columnist

Ira Winkler, CISSP, is president of Secure Mentem, and author of the forthcoming book, Advanced Persistent Security. He can be contacted at securementem.com.

At Dulles, a security awareness success story

At Dulles, a security awareness success story

The detention of Norway’s former prime minister, when stripped of politics, was an example of proper security awareness.

The flaw in applying culture to awareness programs

The flaw in applying culture to awareness programs

I appreciate that organizations are beginning to realize that they need to understand their corporate culture in their implementation of awareness programs. It is long overdue. Unfortunately as a concept, it is being grossly...

Making the GRIZZLY STEPPE Joint Action Report useful

Making the GRIZZLY STEPPE Joint Action Report useful

I was surprised when I saw the cynicism to the Joint Action Report (JAR) put out by the Department of Homeland Security and FBI. It seems like it is cool to criticize the report, and that can be a disservice to the whole industry.

The security gift guide

The security gift guide

Give the gift of security, so people will give you the gift of not asking for help and advice.

What awareness is supposed to be

What awareness is supposed to be

Recent W-2 and accounts payable thefts show governance should be the cornerstone of awareness.

What is phishing awareness success?

What is phishing awareness success?

A recent article asking the question to security professionals seemed to miss the mark, and raises more questions than it answers.

Pokemon Go: What security awareness programs should be doing now

Pokemon Go: What security awareness programs should be doing now

Pokemon Go represents a tremendous security threat. As with all tremendous threats, it can also be your greatest opportunity.

Meet the hacker taking over ISIS twitter accounts

Meet the hacker taking over ISIS twitter accounts

In the last week, Wauchula Ghost has been attracting even more attention as he has been successfully compromising the twitter accounts of ISIS sympathizers, and posting gay porn on those accounts in retaliation for the Orlando...

9 reasons why your security awareness program sucks

9 reasons why your security awareness program sucks

I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing.

Did NSA underestimate the insider threat?

Did NSA underestimate the insider threat?

In this edition of the Irari Report, Ira Winkler and Araceli Treu Gomes continue their interview of Chris Inglis, former Deputy Director of NSA. In this segment, they focus on how an organization that is so aware of the insider threat...

Former NSA deputy director says Edward Snowden lacks courage

Former NSA deputy director says Edward Snowden lacks courage

Thoughts from Chris Inglis, former Deputy Director of NSA, about whistleblower Edward Snowden’s reasons for leaking classified NSA documents

Charges against Iranian hackers are ignorant, cowardly and dangerous

Charges against Iranian hackers are ignorant, cowardly and dangerous

Iranian and Chinese governments directed and funded attacks, so why are Iranian and Chinese citizens being charged instead of the governments that directed their actions?

Behind every stupid user is a stupider security professional

Behind every stupid user is a stupider security professional

Security professionals should look in the mirror, before declaring a user, “stupid”.

5 facts about Apple and the terrorist’s iPhone

5 facts about Apple and the terrorist’s iPhone

The truth behind the hype and misunderstandings surrounding the case.

FBI/DHS hack shows need for role-based security awareness programs

FBI/DHS hack shows need for role-based security awareness programs

When a hacker released the contact information of 9,000 DHS employees, it was the result of several awareness failings. The reality is that these are failed awareness programs that are typical of industry as a whole.

Twitter’s takedown of ISIS accounts still unsatisfactory

Twitter’s takedown of ISIS accounts still unsatisfactory

While Twitter is making some efforts to thwart ISIS recruiting, fundraising, and planning efforts, there is still much more to be done.

The threat of shoulder surfing should not be underestimated

The threat of shoulder surfing should not be underestimated

Ira Winkler questions a recent column on the topic of shoulder surfing, also called visual hacking, and suggests that a better understanding of security awareness would go a long way.

The stupidity of cybersecurity predictions

Security industry prognosticators rely more on marketing, hype, and our own bad memories than any knowledge of security past, present or future.

How Anonymous really targets ISIS

How Anonymous really targets ISIS

With the ISIS attacks on Paris, Anonymous declared war on ISIS. The reality is that is more hype than fact, and misleading.

ISIS uses US hosting services to avoid intelligence agencies

ISIS uses US hosting services to avoid intelligence agencies

Ira Winkler and Araceli Treu Gomes learn that ISIS has purposefully been using Google and Amazon Web Services to avoid US and international intelligence agencies.

Load More