Wolfgang Goerlich's Stuck In Traffic

Today, we look at the impact of things that didn't actually happen. Just because it was not a breach, doesn't mean there was not an impact.

Applying the threshold model of collective behavior to security culture. It can be hard to get a large group of people to change. An easier starting point is to change the first couple people.

There are four phases in a project destined for the product graveyard. If we recognize this, the life we save just might be our own security product.

Know the bad guys: Dracula, the Mummy, the Invisible Man. Wait. Back up and start over. Script kiddies, insider threats, hackivists, organized crime, and nation states.

Sometimes honeypots are corporate ready. Other times, honeypots are just for fun. We'll talk through what's what and introduce MTPot, the honeypot for the Mirai botnet.

Predicting the future of ransomware by looking at its past. History and sociology is a way to evaluate our security controls.

Stephen Covey has the circles of concern and circles of influence. Daniel Kahneman has fast and slow thinking. And I have a headache from staying up too late watching the election results. Today, we'll cover how to balance the need for information such that we don't leap to decisions or become fixated on gathering facts and figures.

When most of our apps are in the cloud, we can't do penetration testing. I mean, we could. But it would violate the Software-as-a-Service terms of service at a minimum. We need to turn to vendor risk management. Here's what's next.

At Black Hat Europe, researchers announced an undetectable rootkit for PLCs (Programmable Logic Controllers). You should read up on it. But thus morning's thoughts isn't on that. It's on how to detect the undetectable.

Today's denial of service attacks are multi-vector. And so while Miria is getting all the attention, it's important to consider the plan Bs and plan Cs for DDoS. Take, for example, open redirects in Web apps.

Microsoft Exchange and Outlook Web Access feature two-factor authentication. A password. A token. But turns out, the Web Services doesn't. And this means we can bypass 2FA. Here's the attack and defense.

Rand releases a study: Examining the costs and causes of cyber incidents. It estimates the impact of security incidents as a percentage of an organization's revenue. Some thoughts.

"Culture eats strategy for breakfast," Peter Drucker once opined. In this video, I said "lunch". We all know yogurt is what you eat for breakfast. Anyways, let's cover the line between tactics, strategy, and culture.

The insider threat: employees who maliciously or accidentally open the organization up to security breaches. Here's how to communicate, detect, and prevent insider threat. It's all about being aware of our surroundings.

The insider threat: employees who maliciously or accidentally open the organization up to security breaches. Here's how to communicate, detect, and prevent insider threat. It's all about being aware of our surroundings.

What happens when data bleeds out from databases? Sensitive data gets stores in clear text. Now toss in insecure backups. The result? Well, as the Red Cross can tell you, significant data breaches.

Amnesty International evaluated messaging from eleven companies. It's a good time to consider what products we use in our personal and professional lives. Also, the criteria used reminds us that encryption evaluation is based not on mathematics but rather on the entire ecosystem.

Recapping lessons from Tactical Edge on making mistakes, recovering gracefully, and capitalizing on where we mistakenly end up.

Recapping lessons from Tactical Edge on prioritizing security efforts and spends.

Where were you during The Great Twitter Outage of 2016? A botnet of Internet-of-Things, likely based on Mirai, took down DNS services provided by Dyn. No Twitter. No Spotify. No GitHub. And where was I? Stuck on a plane wondering about Business Continuity for Web apps whacked by DDoS.