Several people in the corporate IT security group where I’m interning this summer have been working hard on creating a program to educate users on the company’s acceptable use policies and some basic security awareness. They’ve done a great job and the stuff they came up with looks top notch. During lunch they’re out talking […]

I started working on a project that has no doubt, been done before. It’s something no one has publicly posted information on and it’s not new — something everybody wants yet every vendor says is impossible. The problem with this project, is it can’t be managed by IT security at a “sysadmin level” in production. […]

(Continued from Consumerization of IT and state of the security industry and a reply to Low probability but a devestating impact.)
After lunch, we broke up into several groups and I headed to the discussion on “next generation threat analysis,” which worked to identify vulnerabilities with a low probability of being exploited, but have a huge […]

Yesterday was a bit of a surprise for me, I met someone I never would have expected to meet and be an actual co-worker too. There were several talks today, focusing on the “consumerization” of IT, the state of the security industry from a Wall Street analysts’ perspective, what makes up an effective infosec program, […]

I’ve been too busy to blog this week and haven’t had any ideas for any new topics. Tomorrow (Wednesday and Thursday) I’ll be attending my company’s internal security “conference” to discuss the issues and projects IT Security faces. I’m interning at this company, so I’ll be all ears for the next two days and just […]