Musings of a state government CSO.
As I sifted through my e-mail last Saturday morning, I came across a note from Patricia Sueltz, CEO of SurfControl. On April 26, 2007, Websense made a pre-conditional offer to acqire all shares of SurfControl.
These are strongest "formal" words I've heard from anyone in Congress regarding our cyber situation. With an opening statement entitled: "Cyber Insecurity: Hackers are Penetrating Federal Systems and Critical Infrastructure,&quo....
The newest federal government information security report card reveals who's up and who's down.
Over the past few weeks, it seems that everyone online has an opinion about the recent Kathy Sierra incident. Whether you're for BBC's appeal for a new blogging code of conduct or not, I think the reaction from bloggers is very interesting.....
It's finally here. After years of discussions and recommendations, we now have a federal mandate to deploy secure configurations for Microsoft Windows Vista and Windows XP Operating Systems.
I just attended the CSO Perspectives Conference in Colorado Springs. It was an excellent conference with plenty of good material. Still, the best part for me were the new business contacts.
Back on February 15th, I attended the kickoff of an all-weekend event that really surprised me. Eastern Michigan University hosted their first Cyber Defense Competition.
Something new is happening in cyberspace. I think the bad guys are getting much better and more organized. The question is: are we?
We've all heard about the threats and been briefed on the exponential growth of botnets, but last week we learned about this problem in an "up close and personal" way in Michigan.
Back in the late 1980s, it seemed like everyone at work was talking about the book "All I Really Need To Know I Learned In Kindergarten." Many adults share that view about cyber ethics training today ...
I'm not usually a complainer, but I'm tired of receiving security surveys. They've become almost like spam, and in some ways worse.
Perhaps the seemingly never-ending analysis on former Congressman Tom Foley and the 7 x 24 news coverage on his e-mails can teach CSOs something.
Cyber ethics is an area that can get uncomfortable for "security professionals." Yes, it's the "e" word - ethics, conduct, behaviors. That's our job, right? What's the problem?
Whenever CISOs try to lead in any area of security, we inevitably run up against a certain amount of resistance from the enterprise culture that isn't yet convinced that there is a problem that needs changing.
Over the weekend, a Swedish Online Newspaper reported that a file-sharing website is planning to buy an island, set up a nation and permit a variety of activities that are considered internet crimes by the rest of the world.
Back on Election Day, our network security team received a small, but unexpected, early "holiday gift."
We've all read stories about some of the new kids on the block. They've grown up as the tech savvy gamers that are now entering the work force with different values and expectations.
One colleague from a major consulting company told me that the "inappropriate surfing" problem was so bad in their company that they just stopped all web filtering, with the exception of spyware, etc.
CSOs constantly deal with employee cyber conduct. Lately, I've noticed a disturbing industry trend in policing network acceptable use policies.
Depending on who you talk to, the Federal Information Security Management Act (FISMA) is either the greatest thing in the world or a government bureaucratic mess. Is FISMA coming soon to a state or local government near you? Isn't the first word....
Are state & local governments required to comply with the Federal Information Security Management Act (FISMA)? Over the past two years, I've heard various opposing views on this question.
Why this history lesson? Well, I'm back to worrying about culture again. In fact, changing the culture is still number one on my list of the things that keep me up at night - besides my kids. Over time, I've learned that the big incidents l....