Tag Archives: Security

Ah, security rules — not for Us

When the Last Mile in infosec is convincing the Board to stick to ‘their’ own rules and not think themselves above it, how do we’d want to pull this off ..? Where, so often, they complain that sticking to the … Continue reading

Posted in ERM, GRC, Information Risk Management, Information Security, Sociological, psychological notes | Tagged , , , , , , , , | Leave a comment

The ransom monster

Now that the ‘No way josé’ solutions against ransomware [regular back-ups, virtualisation of servers, and tight intrusion controls et al.] have become so widely known, and ransomware having evolved to be more of the APT kind (incubating for up to … Continue reading

Posted in ERM, GRC, Frank Lloyd Wright, Information Risk Management, Information Security, Innovation (technologicallly driven) | Tagged , , , , , , , , , , | Leave a comment

Two stikes and you’re out of third party standards

What a wobbling title. When already for a second time (here), the European Supreme Court has ruled that laws requiring broad (meta)data retention for trawling are illegal per se, with a minute few exceptions, making it illegal to consider it … Continue reading

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Privacy, Sociological, psychological notes | Tagged , , , , , , , , , , | Leave a comment

A parachute to your Dutch granny budget

If you have no clue about the title, read on. It’s about a Dutch ‘granny bike’. And about your bosses’ golden parachutes. And how to get budget for the playthings bare minimum tools you require. First off: the biker part. … Continue reading

Posted in ERM, GRC, Information Risk Management, Information Security, Sociological, psychological notes | Tagged , , , , , , , , , , , | 2 Comments

Angst is not temporary

Struck me while going through, near the finish, Graeber’s Utopia of Rules, that the fear for the Unknown What to be Feared that keeps so many captured in Bureaucratia and will defend it and stupidify themselves to such utter stooping … Continue reading

Posted in ERM, GRC, Sociological, psychological notes | Tagged , , , , | Leave a comment

DoS Internals

No, no typo. Not DOS Internals or so. Rather, internal DoS attacks. Are they tractable? [Uhh, that may sound like they’d be positive things to be able to do — sorry, just hinting at “technical feasibility” here] Yes they are. … Continue reading

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven) | Tagged , , , , , , , , , , | Leave a comment

Did / Did Not (Know Who Did)

Anyone still have an overview of where we (?) stand qua attribution of “cyber” attacks [ #ditchcyber, of course ] ..?? Apart from this… There’s so much development in attribution with or without proof, e.g., about hacking elections in some outer … Continue reading

Posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven), Sociological, psychological notes | Tagged , , , , , , , , , , , , , , , | Leave a comment