Weekend Learning – Spoofer Project

I recently posted the below on the SANS Internet Storm Center. Happy weekend, everyone. Often times there is extra margin on the weekends to learn something new. This weekend I encourage you to consider learning more about the Spoofer project, as recommended by a fellow ISC Handler. With the recent announcement that the Spoofer project is funded and has clients for multiple operating […]

Trust But Verify

Trust But Verify Be intentional about how you spend your time. I believe that every person can incrementally improve their security program by being intentional about how they spend their time. One method is to check several items for compliance every month intentionally. While not intended to replace the value of an auditor, this approach […]

Have you seen my personal information? It has been lost. Again.

I recently posted the below on the SANS Internet Storm Center. Remember when milk cartons had pictures of lost children on them? I think of those cartons every time I get a notice that my personal information “may have been impacted” as a result of a data breach. As you might imagine, I recently received […]

Leave Things Better Than When You Found Them

I recently posted the below on the SANS Internet Storm Center site. Whether at the end of a project or at the end of your time with an organization, there are some low impact and high reward actions you can take to ensure that you leave things better than when you found them. Although it is […]

Get Wisdom as Cheaply as You Can

Happy New Year! I recently posted the below on the SANS Internet Storm Center site. A long time ago I was given advice from a non-security professional that is among the best and most influential I have received in my security career – “Get wisdom as cheaply as you can”. I was encouraged to learn from the […]

Do you remember your “first love”?

I recently published the below post on the SANS Internet Storm Center site. I will never forget the name of my first server – Rachel. I was very proud to be the person whose job it was to defend Rachel from all types of disruption. To this day I still remember each IP address, user account, […]