Tag Archives: InfoSec

VULNERABILITY N+1

AUTHOR: Terry Kurzynski, CISSP, CISA, PCI QSA, ISO 27001 AUDITOR As Americans, we love lists.  That fact is self-evident when browsing our favorite blog sites, as many blogs start out with catchy headlines like, “The Top 5 ______ (fill in the blank).”  The love of lists is rooted deeply in our culture. We loved the Top 40 […]

The Security Agent

If you work in the information security industry go ahead and give yourself a pat on the back. In 2012 information security professionals enjoyed one of the lowest unemployment rates in the country according to the United States Bureau of Labor Statistics. In my line of work I often come across IT and various other […]

2014 Information Security Hiring Trends: Defense! Defense! Defense!

Yes, it’s another information security predictions article. No, I won’t be discussing APT, China, or anything involving our favorite prefix, “cyber.” Instead, here’s a brief glimpse at what we infosec recruiters are seeing in terms of enterprise demands for security roles. While all infosec positions, from firewall jockey to CISO, remain super-hot, here are some […]

Why are Hackers Heckling the Director of the NSA?

The Black Hat convention is under way today in Las Vegas, and there, before a group of information-security-minded individuals, stood General Keith Alexander, Director of the NSA, getting heckled by conference attendees. Their complaints were targeted at the NSA’s surveillance activities and Director Alexander’s dubious testimony to Congress about those activities.

While Technological Security Risks Are a Possibility, Management Security Risks are a Certainty

Most of my information security focus these past few years has concentrated on management and governance, but this was not always the case. I came into this profession as a technologist and manager who focused on team building, turn-arounds and doing a lot with few resources. But as my career moved from technology operations to security […]