Category: Technology

Dungeons and Data Centers

Dungeon Master: You are standing in a brilliant lit server roomed filled with millions of dollars in sunk legacy server costs. You: Roll the dice and advance. Dungeon Master: A DevOps ghoul jumps out from behind an IBM 360 running…

Attribution of cyber adversaries

Key Points: Attribution has three distinct layers; political, technical, and forensic with each having different confidence levels and analysis strategies Adversaries must interact with systems to exploit them and this creates evidence or anomalies that can be used for attribution…

Am I looking for a job?

I’m a senior executive, a subject matter expert, and an influential strategic leader in cyber security. Why would I always be looking for a job, why would I always be keeping my ear to the ground, and why would I…

Digital forensic books

A not comprehensive reading list. Some of these are new, some are old, but they give a good overview of the discipline. If the book has exercises it is a good idea to do them.   Operating System and Platform…

NDU Presentation to the faculty

I’ve been asked to talk about a variety of topics. This particular topic was a strategic look at three policy changes that might degrade, deter, or disrupt adversary capability in cyberspace. NDU IRMC 2016 Presentation (PPT)  

Some ICS Reading Resources

Quick hit on some things for reading up on control system security. One of my favorites is Kurtz, R., (2006) “Securing SCADA Systems” this particular book is older, but it has a great section on comparing ICS security protocols. Meant…

Curmudgeon Information Security Officer

After reading the first third of “Disrupted; My Misadventure in the startup bubble” by Dan Lyons I realized that I had been marketing myself all wrong. Hiring managers like the little-emperors of China want happy, go-lucky, youthful, soft individuals to…