Cybersecurity

Some results in cybersecurity and why they may be interesting

AI, Neural Nets, and Complexity of the Brain Quantum cryptography and its real effect on current systems Will training help to counter influence operations? Blockchain, distributed ledger, and crypto-currency Don’t trust zero trust Basics of complexity and granularity and tradeoffs of space and time Granularity of control and adding dimensions lead to the modeling problem …

Some results in cybersecurity and why they may be interesting Read More »

Gamification and the Metaverse

People seem to me to be having problems dealing with enjoying their lives lived increasingly online. I live a life largely online, and with the pandemic pushing people increasingly away from the physical interaction world, I think we might be getting to the point where we do more and more that produces less and less …

Gamification and the Metaverse Read More »

Keeping your cyber security program exciting!

The Capability Maturity Model notions that, starting from scratch, a program matures by goingthrough phases. Cyber Security as Sexy! Why don’t they invest the necessary resources? Getting to Managed is not that hard But I don’t want to! But that’s what computers are for! It takes time to mature Conclusions

The first steps in your cyber security program

A fair number of folks have been asking lately about what the best first steps in small company cyber security program development look like (a.k.a., We’re a small company… what should we do about it?). As I thought about it, the answer is pretty much the same as for a large enterprise, and the answer …

The first steps in your cyber security program Read More »

Don’t trust Zero Trust – The Whole of Government Approach

It looks like there is a coordinated effort in the US government to promote so-called “zero trust architecture”. I wrote my last article on the NIST ridiculousness in this arena, and since posting it, I have found that there are several other Federal attempts to promote the so-called architecture both within and outside of government. …

Don’t trust Zero Trust – The Whole of Government Approach Read More »

Don’t trust Zero Trust or so-called Best Practices

Until recently, the concept of zero trust architecture as a cybersecurity approach was a minor thorn in the side of those of us trying to achieve effective risk management in cyber systems. Similarly, the so-called “best practices” approach to cyber security that I have heard about for years has produced no such “best” anything. The …

Don’t trust Zero Trust or so-called Best Practices Read More »

Encrypted is not Secured, and https is even worse

People who think they know believe the messaging from browser providers who say things like “Site Not Secured” when accessing a site that runs hypertext transfer protocol (http) instead of http ‘secure’ (https). Let’s stop this myth today. What is https supposed to do? Let’s assume it actually does that… To be clear, I am …

Encrypted is not Secured, and https is even worse Read More »

There is no “best practice” or “100%” in Cyber Security!!

I have seen many companies claim to follow “best practices” or have 100% secure somethings. Rest assured, there is no such thing. Hyperbole and selling fear and easy resolution are the hallmarks of poor quality companies in this space. Either They don’t know OR They know and are misleading. I am not certain which is …

There is no “best practice” or “100%” in Cyber Security!! Read More »