Kevin
-
Recent Posts
Archives
-
Tag Archives: information system security
I just read an article on LinkedIn about the negative impact caused by the recent Home Depot breach. Here are my thoughts about how all the 2014 breaches should change some C level and Information Security paradigms. These could cause a major … Continue reading
The Insider Threat is Alive and Well – a summary taken directly from Raytheon’s How to Build an Insider Threat Program (2014) …
Aspects of human nature further complicate matters: Well-intended managers resist any notions of “their people” doing “bad things.” They screened them. They hired them. They work with them side-by-side and – if they’re good bosses – have developed a genuine interest … Continue reading
Posted in Uncategorized
Tagged compliance, cyber security, Cyber Security Incident Response, Incident Response, information assurance, information security, Information Security Policy, information system security, Information Technology, Policy, risk, risk assessment, risk management, Security
Leave a comment
A day in the life of a senior Cyber Security Incident Responder
The day was proving to be an exciting one for team Havoc, the Company’s cyber Red Team, as the L2 report he had just read showed that 4 of the core company servers were vulnerable to a very common … Continue reading
Department of Homeland Security, Fusion Centers & the Cyber Security Liaison Program: A sharing of intelligence
Department of Homeland Security, Fusion Centers & the Cyber Security Liaison Program: A sharing of intelligence By: Kevin L. McLaughlin March 9, 2013 The amount of data available through electronic means is hard to wrap your mind around … Continue reading
Why Is It?
Why is it that Internet Crime statistics continue to show that for the criminally inclined internet crime is a very viable and fast growing field? Why is it that millions of dollars are stolen from end users who simply fail to … Continue reading
The Talent Within
11/8/2012 In his book “Topgrading: How leading companies win by hiring, coaching and keeping the best people” (2005) Dr. Smart talks about how important it is for a company to not only hire A level talent but then keep and … Continue reading
In Cyber Crisis
We are a country in crisis in regards to adopting adequate Information Security practices. I am not an alarmist but when I review the Cyber Security update that my team compiles and sends out a couple of times per week … Continue reading
A Myth of Information Security: All data needs to be protected!
When you think about the total amount of data that goes across an organization on a daily basis protecting all of it becomes a daunting, if not impossible, task. It is hard to wrap one’s mind around how much a … Continue reading
Common Sense Requires No Policy
As a Senior Information Security professional I am often asked if we should have a policy that requires our Business Community members to do “X”. In many of these cases the person is asking for a policy to be written … Continue reading
Action, Not Inaction is What Being a Leader is All About
In Model-Netics methodology by Main Event Management you are taken through a management course that makes use of standard and what some would call common sense management rules to demonstrate and teach how to handle a lot of the items … Continue reading
kevinlmclaughlin 