Force of Nature

Are you ready for the next attack? (Part 1)

Are you ready for the next attack? As many of my colleagues know, I’m constantly on the look out for tools that would help my peers in all networks find ways to mitigate the security risk in their operations. At MYNOG 5 (www.mynog.org) I reviewed the latest tool, a checklist operators can use to prepare Read More

ascore-2014-jan-ipv4v6-poster-2000x1294

Adding IPv6 Requirements to your RFP

[ Originally posted on Linkedin here: IPv6 – Adding Requirements to your RFP. Adding IPv6 Requirements to your RPF is a necessity when all the major Google, Facebook, Linkedin, and other sites are built for “IPv6” first. Meaningful IPv6 requirements in RFPs are a core tool to your dialog with your vendors. This is a Read More

Iceberg-1024x767

Remediation is the Foundation of your Security Strategy!

Remediation is the Foundation of your Security Strategy! In many ways, this year’s RSA conference was overwhelming. In other ways, it was a disappointment in how the market is providing solutions to mitigate our security risks. As several colleagues have pointed out, “remediation” is a huge gaps at 2015 RSA, As Adam Stein pointed out, Read More

NTP Foundation

Open Source – Destroying Myths – Leveraging the Strengths

Your organization depends on Open Source software. You may not realize it, but open source is critical to the many parts of the business. Also Open sources is not free. It is essential for your organization to fund Open Source work throughout the industry. Here are two approaches to kick start your support for open source critical to your organization.

Netflix Country Level Performance

Netflix Expanding to 200 Countries – What does that mean for Telecom Operators

f you have not already heard this Netflix announcement last week, CEO Reed Hastings, and CFO David Wells said …. “We already offer Netflix in about 50 countries and have learned a great deal about the content people prefer, the marketing they respond to and how to best organize ourselves for steady improvement. Acceleration to Read More

Operator's Security Toolkit - 2017

Security Workshop in Jakarta: Understanding the Real Cyber Security Threat

This is the first in a series of Security Workshops that I will be teaching in the region. Most will be in Indonesia and other parts of ASEAN. Stay tuned or connected to me via Linkedin to get updates. Understanding the Real Cyber Security Threat Where: @ America Pacific Place Mapp – Level 3 – Jakarta Indonesia. Read More

canstockphoto15239169

How to prevent a “security embarrassment?”

On Oct 7, 2014, a security researcher, Jonathan Hall, posted details of a potential Bash/Shellshock vulnerability on Yahoo’s infrastructure: http://www.futuresouth.us/yahoo_hacked.html https://www.reddit.com/r/technology/comments/2ifbjb/yahoo_got_hacked_this_morning_hooray_for/ As it turned out, it was NOT a Bach/Shellshock issue. As Alex Stamos, Yahoo’s chief information security officer wrote, “it turns out that the servers were in fact not affected by Shellshock.” (see https://news.ycombinator.com/item?id=8418809). Read More

heartbleed

Weekend Read – Lessons from Heartbleed

Every vulnerability is a security lesson that will either be repeated or used to improve the organization. Lessons from Heartbleed is no different.  IMHO “The Matter of Heartbleed” is a mandatory paper for all security professionals! It points out the dynamics of a critical Internet vulnerability and how organizations respond. As a minimum, read the Read More

Operator's Security Toolkit - 2017

Does the Internet “End” at 500K routes?

No! Of course, the Internet does not end at 500K routes. On August 13, 2014, there was a lot of “news” about instability issues on the Internet that might have been caused by a surge of new Internet routes (see articles like “Internet routers hitting 512K limit, some become unreliable” – http://arstechnica.com/security/2014/08/internet-routers-hitting-512k-limit-some-become-unreliable/). The most accurate write Read More