Operator’s Security Toolkit

It is time for a refresh of the SP Security materials used by many over the years. Back in 2002, several people in the emerging “Service Provider Security” field pulled together a list of top practices every Operator should deploy. These “NSP-SEC Top 10” techniques became the foundation of our toolkit that is used daily Read More

The Practical Security Checklist – Part 2.1

This is part “2.1” of a multipart post to help organizations take security action. Stay tuned for next week’s practical security checklist item. Board members, CxOs, and professionals are saturated with security advice. This security advice is often confusing, contradictory, and always biased toward “buying something.” “Good security advice saturation” results in paralysis of action. Read More

2012 – A year of Cyber-Security Optimism

2012 can be a year of Cyber-Security Optimism. The wave of annual cyber-security predictions of doom is coming to a close. Every year security experts would talk about how malware infections are spreading, botnets are going to cause catastrophic damage, the evil “Chinese peril” are stealing everything online, and the next Cyber “Perl Harbor” is Read More

Conficker – the “Fortunate 500”

Conficker has been a dual edge sword to the industry. On one hand, it a nasty “weapons grade” hijacking malware with nefarious consequences – ranging from a platform for crime to a threat  Global Telecom’s, SCADA, and other critical infrastructure.  On the other hand, it is an example of what cyber-civic society can do when Read More