IT Compliance and Controls

Weekly recap of Tweets, Links, and Ideas

James — Mon, 14 May 2012 20:00:00 +0000

90% of 1st class on my last 10 flights were using iPads.. Last CxO work session 50%; #SecurePlanAdapt #DontFearEdge #infosec 2012-05-07
Security Online Educause (Adobe Connect session): Ask the University ISO Experts Panel http://t.co/xEuZtz8t #infosec (skip first 20 mins) 2012-05-08
RT @japi999: ENISA report listing EU & other nation's definition of #cyber #infosec strategies.. very light report http://t.co/bJcE3E7g 2012-05-08
Nice little preso on #PCI 2.0 .. a primer and good depth where appropriate. Aimed at Universities, but applicable http://t.co/SJeDwUPV 2012-05-08
Unisys Security Index infographic #infosec w/ fun stats (800×8448) http://t.co/FS6EAQd6 2012-05-08
Securing to Compliance w/ iPads and Tablets in a PCI world: A growing and undeniable trend is the consumerizatio… http://t.co/4OkN6fnp 2012-05-09
Latest Thoughts: Securing to Compliance w/ iPads and Tablets in a PCI world http://t.co/OHPfcYA2 2012-05-09
Called these guys up; chatted in-depth on gear & ironman training regarding the Best GPS HRM watches, wow http://t.co/xzin5D80 2012-05-09
IEEE article "Building #infosec into..Smartphones" based on NIST / DARPA research.. Risks identified seem weak http://t.co/E2blWYQw #mobile 2012-05-09
EdX lacks what Stanford has done w/ flipped "Scores for non-lecture was 2x the control 41% to 74% http://t.co/YuZIWBOv @TechCrunch 2012-05-09
Engineering Virality: Panel Discussion – YouTube http://t.co/pIHoPbAj #research intersection of social; crowds; & #infosec 2012-05-10
"Merchants still have a duty to employ.. #infosec ..based on industry best practices" #MasterCard #PCI Hosted Pages http://t.co/t03KWadO 2012-05-10
"ICS-CRT: Attack aimed at natural gas pipeline biz" interesting: asked not to block; 20+ companies reported http://t.co/jktZ7yyt #infosec 2012-05-10
MasterCard brief on Risks of using Service Providers: highlights Mgmt network; hypervisor plane & data stores; #PCI http://t.co/44hXfz2V 2012-05-11
4 mile run today keepin' the legs fresh for my 101 mile bike ride tomorrow in Rome GA! Woohoo #ironman and then I shall eat 2012-05-11
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @tyronmiller @megaplanit @dcg207 @papervaulter @noobip 2012-05-12
"Cyberwar 1.0: China vs The USA": "In the past yr, 1 in 7 large organizations detected intrusions; #infosec http://t.co/ou3XyrSp 2012-05-13

Weekly recap of Tweets, Links, and Ideas

James — Mon, 07 May 2012 20:00:00 +0000

Any authors using a great content platform for writing and easy publishing? 2012-04-30
What research exists on Social behavior analysis as it relates to #Infosec ? Any leaders? Beyond the basic training awareness questions.. 2012-04-30
Some value on the influencers through Social Behavior w/in #infosec (old but relevant) http://t.co/tDq5CJEm 2012-04-30
Weekly recap of Tweets, Links, and Ideas: Please find below my mostly focused mentions on #infosec and relevant … http://t.co/fRsA7Kgj 2012-04-30
Benjamin Franklin: “When you're finished changing, you're finished" #infosec Stay hungry, thirsty, adventurous my friends 2012-04-30
Monday won't end…. Still knocking out work schstuff in time to see my friends in Amsterdam come online.. effective, addicted, passionate.. 2012-04-30
RT @ciscosecurity: Have you d/led your copy of Cisco's 2011 Annual Security Report yet? http://t.co/sa2BU6DM <– thx for no regi! 2012-04-30
Ran a query for #infosec & found 94% of the messages have links – NICE! 30% retweets, no count for reposts http://t.co/xTv1m3wG 2012-05-01
Working on a few new research venture ideas! Guaranteed to get the juices flowing. The doppio is helping too. #infosec #MakingaDent 2012-05-02
RT @cloudcommons: Why are users going rogue? by @georgevhulme http://t.co/TIeZ0EHj #BYOD #Cloud <– Funny RIM owns the Enterprise 2012-05-02
I want to build / buy / use a single HTML5 client to post content across internal & external content mgmt sites… any hope this exists? 2012-05-02
Everyday is zero day. Be the ONE breaking, exploring, extending, modding, hacking, discovering, bypassing or improving something, #infosec 2012-05-02
Have an idea, vision for change, or see an opportunity? Well to quote #SuperWhy "Do it yourself". Simple & obvious but often ignored. 2012-05-05
Social Media Risk switcharo: DOD / DOE blocks #Facebook ; #FB execs show no file sharing, so no risk.. now not true.. #infosec #Evolves 2012-05-05
Challenge w/ basing Security Ops on #Cloud #SocialMedia > is you don't control upgrade path; features & policies change w/o alt #infosec 2012-05-05
I'm confused .. #PWC is a QSA #PCAOB disallows such firms from such reports; What are facts? PWC issuing ROC? #PCI @BrandenWilliams 2012-05-05
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @danmyg @sonicwall @netplan @ippayments @aidstarone 2012-05-05
RT @BrandenWilliams: They do it for the training. They don't actually do the full ROC/AoC process (AFAIK). <- @MikD true at PWC? 2012-05-06
RT @ericbrothers: PWC / Deloitte Canada, Deloitte Japan & New Zealand & KPMG Singapore = all #PCI QSAs & no audits? @MikD @BrandenWilliams ? 2012-05-06

Weekly recap of Tweets, Links, and Ideas

James — Mon, 30 Apr 2012 20:00:00 +0000

Weekly recap of Tweets, Links, and Ideas: Please find below my mostly focused mentions on #infosec and relevant … http://t.co/M8WOeJn8 2012-04-23
RT @wadebaker: Some numbers around Russian cybercrime. http://t.co/xhPpXDZb <- Group-IB report link in article #infosec 2012-04-24
When managing Apps for biz what are thoughts on updating mobile device configs to only permit approved Apps from public stores? #infosec 2012-04-26
Speaking today in #ATL on cloud #infosec . Will spend time highlighting the "other" CSP. Such as power, cell providers, & then work up 2012-04-26
On a con-call and partner had to go … to fight a fire, literally (he volunteers as a firefighter).. Best. reason. ever. #doGreat 2012-04-27
Reading some interesting research from @Prolexic this morning … #infosec 2012-04-27
Just had a very collaborative discussion using hangout and actually got work done. Way better than conference call queuing and then work 2012-04-27
All packed and ready for my 75 mile bike ride tomorrow morning … 6,000 feet of climbing will make it the toughest! #ironman 2012-04-27
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @bfpennington @blackhathq @heartlandhpy @ecomvagabond @tokyowebdesigns 2012-04-28
Rode 78.11 miles with 6,250 feet of climbing today. Tough and awesome feeling. Top speed 46 mph! #Ironman balance 2012-04-28
Good quote: "Obsessions make my life worse and my work Better". You decide #ted 2012-04-29
Full weekend of training – 78 mile bike ride; 1.9 miles swam, and ran 7.2! Tonight's project – make olive oil mayo #paleo #ironman 2012-04-29
Is it just me, or is Google search / youtube / etc .. down? 2012-04-29
Forced to use Bing for a search .. a little cluttered, but its online, unlike Google for me .. sigh… 2012-04-29
Busy this evening building a business case for something I am passionate about! #infosec 2012-04-29

Weekly recap of Tweets, Links, and Ideas

James — Mon, 23 Apr 2012 20:00:00 +0000

Talk this wknd on how to manage secure comms in hostile lands. Settled on trust of endpoints w/ ecryption http://t.co/JQWtwdTU #infosec 2012-04-16
OMG my calendar is a train wreck. Someone at ATLSTARTUP fix this stat. kthx 2012-04-16
Ok #Apple peeps.. I upgrade to #Lion and both MBP and MB now don't recognize the fully installed RAM?! Any ideas on fixes besides downgrade 2012-04-16
Weekly recap of Tweets, Links, and Ideas: Please find below my mostly focused mentions on #infosec and relevant … http://t.co/xtUx8hKh 2012-04-16
Rocked a 17.5 mile run today! Slowly getting #Ironman strong 2012-04-19
Enjoyed reading the post 'What does it mean to be simple" re: writing, but very applicable to #infosec and life http://t.co/oPDrCdjV 2012-04-20
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @anonpsyops @hospupgrade @schnuke__emr @tcmbc @pdestefanis 2012-04-21

Weekly recap of Tweets, Links, and Ideas

James — Mon, 16 Apr 2012 20:00:00 +0000

RT @BrandenWilliams: "Attack the Humans First" <- I read your title as more philosophical: War of old days : Attack People, Today the Tech 2012-04-09
RT @RSAConference: #RSAC Europe 2012 Call for Speakers opens Tues! http://t.co/lvgTsbk9 <- excellent CON – especially for Stateside peeps 2012-04-09
RT @RickCoplin: RT @Inc: Inside the "Deal of the Year," Facebook buys Instagram, $1 billion. http://t.co/ROKAsLns <- 8 man company, awesome 2012-04-09
Weekly recap of Tweets, Links, and Ideas: Please find below my mostly focused mentions on #infosec and relevant … http://t.co/JAKmZsRT 2012-04-09
What would you attempt to do if you knew you could not fail? 2012-04-09
RT @JDeLuccia: What would you attempt to do if you knew you could not fail? <- no fear of it that is… 2012-04-09
When you see a problem that can be solved. Solve it. You are who can solve it. Nobody else will do it. #InfoSec #Life 2012-04-09
RT @p_yogananda: "Try again, no matter how many times you have failed. Always try once more." <- a good recursive state 2012-04-10
Signing back on .. if you need me .. i am here .. if you entertain me .. that is awesome… 2012-04-10
So getting bit by a spider and having a cold does not equal super powers. I shall have to find another method. 2012-04-11
Where have all the Hackers gone? #infosec 2012-04-11
RT @chiefmonkey: The silverlight plugin has crashed. Jeez us Kerist on a pogo stick MS made Firefox bluescreen. #sigh <- ROFL 2012-04-12
RT @rwang0: Hot words in #linkedin. Gurus are out. Evangelists are in. Ninjas are hot. #bigdata #td3pi <- if hot already noisy and spammed 2012-04-12
RT @Beaker: RT @StartupReport: IPO-minded Veracode raises $30M (blog) http://t.co/ew1Nk4Z2 < Grats < Waiting for Zuckerberg post… 2012-04-12
RT @DanielMiessler: How to Get a Good Cup of Coffee From Starbucks | http://t.co/HijjycTi #coffee <- nice and makes ALL beans available! 2012-04-12
RT @botchagalupe: 30M users, $1B $ 2 backend engineers.; u can call it whatever u like.. I call it setting the bar…. <- #infosec team? 2012-04-12
So I am now refreshing all my passwords … perfect .. I wanted today off anyways. Rebooting.. sigh.. 2012-04-13
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @controlscan @liaisontech @pugs4bears @cyberainc @pcissc 2012-04-14
Is this "normal" for other's web browsers? Firefox: 681MB; Chrome 16.6MB; Safari 1.25Gig Memory ?? 2012-04-15
Ok parents … what are your thoughts on #Skuut balance bikes vs a standard bike for a toddler? Skuut seems awesome but very short lived. 2012-04-15

Weekly recap of Tweets, Links, and Ideas

James — Mon, 09 Apr 2012 20:00:00 +0000

RT @anton_chuvakin: G+: Looking for academic paper on #infosec & ONLY finding "for pay" is frustrating. <- sadly doesn't equate to quality 2012-04-05
So … with the JOBS act … if I were Mark, I wouldn't go Public w/ FB just yet … why not hold out a bit longer? 2012-04-05
Pretty disappointed the Dunwoody police are ok with the soccer players drinking beers in public at Hammond Park after shooting. 2012-04-05
RT @DunwoodyPolice: @JDeLuccia Hammond Park is not in Dunwoody. <- does that make it ok? Who to contact? 2012-04-05
RT @NationalCCDC: Collegiate Cyberdefense Competition Set for Kickoff http://t.co/OQlH5Fc5 #CCDC #NCCDC #infosec <- need more of this!! 2012-04-05
Power of twitter … I found my local police and dealt with an issue via twitter, since phone books had wrong #s! wow. @DunwoodyPolice 2012-04-06
RT @grecs: RT @InfosecIsland NIST Workshop on SCADA – ICS Security http://t.co/jFa1g44F <- who is going #InfoSec 2012-04-06
RT @grecs: RT @AppSecDC RT @jstronomer: Android Mobile security notes by Jacob West at #ASDC12 http://t.co/HePIX7wH <- consistent w/ others? 2012-04-06
RT @codinghorror: Speed Hashing,…the new rainbows.. breaking salts & hashes http://t.co/BQDI7uId <- impressive GPU brute force #infosec 2012-04-06
Any recommendations for a good LCD that I can rotate for a tall screen to use w/ writing .. no highend graphic usage.. cheap? 2012-04-06
RT @danphilpott: ..Google is syncing wifi authentication info & didn't make it clear this was being done. #FAIL <- and.. What else? 2012-04-06
Today's training: 36 mile bike interval sprints. Woohoo. Stellar feeling after Thursday's 1.94 mile swim. #Ironman 2012-04-06
Check out @taylorbanks preso from CSA Atlanta http://t.co/Gir0yfKX (I learn every time he speaks.. you will too) #infosec #cloud 2012-04-06
Tackling work items while the little lady sleeps is productive, but MAN is it nice out! 2012-04-07
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @highwiz @informationage @mshapiro @sarahscuba @_defcon_ 2012-04-07

Weekly recap of Tweets, Links, and Ideas

James — Mon, 02 Apr 2012 20:00:00 +0000

Best part of the FTC press release on Online Privacy .. the last sentence says: "Like the FTC on Facebook and follow us on Twitter." #ironic 2012-03-26
RT @NewtonMark: Symantec dissolves alliance with Huawei. http://t.co/Sr29gnFb Cites obtaining future US Govt classified threat data #InfoSec 2012-03-26
Pickup run tomorrow 4am if anyone interested DM me… 13.7 miles – to the dish and back route! 2012-03-26
Starting to prefer these 4am runs in California .. until I get used to the time zone that is! 13.9 miles done. 2012-03-27
RT @mfratto: Synchronizing Custom Dictionaries w/ The Cloud – http://t.co/GFp7ectB @deepstoragenet <- end user hybrid clouds! 2012-03-27
The bigger idea here is taking legacy (i.e., MSFT Office) App & integrating w/ Cloud w/o #infosec @mfratto @deepstoragenet 2012-03-27
Somedays things go right … others we have to make them go right… 2012-03-27
RT @PogoWasRight: @Hibecom: A2: FTC report seemed 2 call 4 half measures… <- what about inadvertent posssession of data? #privchat 2012-03-27
RT @vrsj: Bill Gates' $160 Billion Nightmare: 'The Cloud' http://t.co/RAFyIrZB <- grandiose, but where are source materials 2012-03-27
Sitting here working; debating impact of 'instant data via internet' on dev of children, & discussing Supreme Court transcript is awesome 2012-03-27
Scale is achieved not by waiting for small clients to grow, but to have lots of small clients. #SiliconValley #messages 2012-03-27
All you ATL peeps .. watch out Spalding near a bit south of Holcomb Bridge .. some ran their car up a wall .. traffic spectacular. 2012-03-28
Saw those solar tornadoes and gotta say wow .. nice work capturing them .. 160k winds .. the size of 5 earths .. crazy 2012-03-28
If it wasn't for the Pacific Ocean, I would never have uninterrupted time to work .. PST -> Japan .. all blue ocean w/ no clients or teams! 2012-03-28
RT @dildog: http://t.co/4YQGtl0G Report: VISA, MasterCard Warn of Potentially Massive Breach at Processor <- there goes the weekend. 2012-03-30
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @lexiconn_inc @grantthorntonus @magtek @pcissc @mikelor 2012-03-31

Weekly recap of Tweets, Links, and Ideas

James — Mon, 26 Mar 2012 20:00:00 +0000

16k tweets per second. 500m twitterers. 2/3 of employers utilize social media sites for hiring. #IIAGAM 2012-03-20
"Silence is filled in a crisis" social media as the brutally fast space #IIAGAM 2012-03-20
"Phone trees are dead". Leverage automation to reach social media ludicrous speed response rates #IIAGAM 2012-03-20
The Great CON is out! http://t.co/8gIQuIlv ▸ Top stories today via @J4vv4D @robert_e_lee 2012-03-20
While I am totally satisfied deleting emails I don't care about or am CC'd on .. why am *I* deleting them: comfort? old school? #singularity 2012-03-22
Read this now: Verizon #DBIR report: 855 incidents & 174 Million compromised records w/ new partners http://t.co/bFMKdAfV (pdf) #infosec 2012-03-22
Article states "How is the #Cloud changing role of CIO" … I wonder… relevancy ? necessity? Time to reinvent self? http://t.co/AIeRpZjK 2012-03-22
How cool are the Einstein Archives! http://t.co/tJtoZb2c Check it out … this is why the internet & #infosec matter (to me) 2012-03-22
3,000 meter swim sprints and then a quick 4.5 mile interval run, done. Phew.. THAT was a bit of work. .. #ironman training! 2012-03-22
Being productive is similar to training for anything: intervals are the 'secret sauce' .. Go full throttle; pause; reflect; & re-engage! 2012-03-23
Sad day … Google has a "time bubble" i.e., a Windows Hour Glass .. and OS X 'beach ball" … #nopatience 2012-03-23
#MSFT Security reports http://t.co/y4HZJhZ9 Anyone find any value to these reports? #infosec 2012-03-23
Good bits on securing Mobility from NSA (Android) capability package http://t.co/kh0BlOgO Other recommendations? #infosec #mobile 2012-03-23
RT @timoreilly: Paleo Media Diet: @jstogdill "save my brain for the things I really want to use it for" http://t.co/VQZzUaIB 2012-03-23
Rapid and proper response to data breach fundamental to defending against $75M lawsuit, in Oregon: In Oregon, th… http://t.co/zF9GSGFP 2012-03-23
Latest Thoughts: Rapid and proper response to data breach fundamental to defending against $75M lawsuit, in Oregon http://t.co/nU5yWbal 2012-03-23
Any suggestions on a 13ish mile run in the Mountain View, CA vicinity? Pre-dawn or evening run needed for this week's training. 2012-03-25

Weekly recap of Tweets, Links, and Ideas

James — Mon, 19 Mar 2012 20:00:00 +0000

#FISMA scores show NASA w/ lowest #infosec spend & highest compliance score, oh and they were breached 8 x last yr http://t.co/ehRRbp2j 2012-03-15
OMB 2011 FISMA Report "card" (pdf) http://t.co/Jpfboo1o #infosec 2012-03-15
"In the future, search engines won’t wait to be asked, they’ll be listening in, & will pop up information we need." #Kurzweil 2012-03-15
Anyone using http://t.co/ckeM9eD4 with any success? Challenges? Issues? #Automate #Scale #Me 2012-03-15
Any thoughts on FireEye malware report? http://t.co/Xg2gP3PY (pdf) #infosec … Any good research out recently? #tips ? 2012-03-15
Interesting piece: "In Search of Cyber Peace: A Response to the Cybersecurity Act of 2012" http://t.co/k1uvhrqG #infosec #StanfordLawReview 2012-03-15
Am I losing my @Wordpress mind? where can I edit files / add custom plugins? Feel like some switch is off .. or did I have a bowl of stupid 2012-03-15
RT @hrbrmstr: It's times like this that I feel remember The Joker's Batman quote: "Where does he get [all] those wonderful toys?" <-Apple 2012-03-15
OS X crashed (but recovered nicely); Chrome, Firefox, Lotus Notes, (shocker); and now my WinXP crashed .. here's hoping my plane does not. 2012-03-15
Sweet my plane landed. If only Apps were so inclined. 2012-03-15
In Chicago all day … any amazing events; sights? 2012-03-16
http://t.co/GlS17DiH Digitally signed malware >> Who can you trust … Tech is not the answer, fyi #infosec 2012-03-16
Honing down concern of risks into reality is powerful mechanism on value of security for Executives and BoD #infosec 2012-03-16
RT @SpireSec: DOE moves to cloud. What happens to IT spending $ <-so if tech goes to cloud; do we count the Svc Provider's #Infosec team? 2012-03-16
Ran 7 miles in Chicago this morning … best way to see the city .. HIGHLY recommend it #ironman #idaho2012 2012-03-16

Weekly recap of Tweets, Links, and Ideas

James — Mon, 12 Mar 2012 20:00:00 +0000

Reviewing security system controls … just saw some ANSI art, ahhhh the days … fond memories of BBS adventures 2012-03-06
Sorting through piles of workflow & process instructions … wonder if "we" are doing it wrong. We need systems that don't require them 2012-03-06
When deploying to #Cloud or building virtual systems – MUST have #infosec woven in .. simply activating windows & running is negligent 2012-03-06
Sbux, check… headphones, check… ready to not answer phone and crank through client intelligence reports … oh yes. #GTD 2012-03-07
Hey @pixedelic can your awesome tools load from twitter pics or other live update feeds? #curiousMind 2012-03-07
RT @vttym: Hit my first weight-loss goal of the yr – 30 pds by PAX: Did it in 2 mths <- AWESOME!!!! http://t.co/e4rEIQqo <- no hotpockets 2012-03-07
Generally have accepted that I and the rest of the world will pause today for #Apple … good times 2012-03-07
RT @rjurney: If the iPad3 really doesn't smudge fingerprints, … <– who says no smudge??!? Toddler proof? 2012-03-07
RT @Techmeme: New iPad has 10hr battery; is 0.6mm thicker & 0.07lbs heavier @dujkan http://t.co/9owKFoGO <- .17 pds lighter than iPad 1 !! 2012-03-07
RT @krypt3ia: WTF really? C'mon Mandiant, you are gonna make me fill out information to get your stinkin report? <- boo fake info bypass? 2012-03-07
In Dunwoody SBUX this AM cranking through reports .. shhhh its a secret. 2012-03-08
FYI .. today is 75 degrees in Atlanta. Just saying … 2012-03-08
Old man walks up… places paperback on table… proceeds to read his #iphone .. 2012-03-08
The Great CON is out! http://t.co/bWCVdIp6 ▸ Top stories today via @pcipal @c4i @ziptr @dougonipcomm @fredstrifeexit9 2012-03-08
Just replaced my trusted WRTG with a multi radio wireless station .. holy smokes what a difference. 2012-03-08
Important point by @georgevhulme regarding the human element of #infosec & finding the M.V.S. for spam etc.. nice http://t.co/P9QF1kwP #rsac 2012-03-08