It’s that time of the week again: The time where we take a look at what local security bloggers have been up to.
If you can’t get enough of the local security scene, be sure to check out our NovaInfosec Twits list for even more great security blogs and people to follow on Twitter. Be sure to follow us on Twitter @grecs if you want to know more about what’s going on in the local security community during the week.
#3 - Security Metrics: It seems that no matter what’s going on in the world, there’s always a hot new topic. According to @geminisecurity, the hot new topic in security seems to be security metrics. Quoting an NIST study that says there is almost no research about security metrics currently available, @geminisecurity comments on what’s currently wrong with the security business as a whole. Saying that “[o]ne of the problems with security as a business process is that managers are being taught process improvements is the way to save money,” @geminisecurity goes on to say that “with security, there are no obvious metrics to measure to improve the process. Security is subjective, based on the person and the situation, and measurements tend to the objective side of things.” This is one of those posts that everyone should read and pass along to a friend.
#2 – Short Circuit: It seems that we have @electricfork to thank for alerting us to newly added NoVA Blogger @moranned who wrote an excellent post this week entitled “How to short-circuit the US power grid.” Responding to a study by Paul Marks from the New Scientists that discusses the best way to short-circuit the US power grid, @moranned provides some insightful commentary. Saying that “[t]he researchers found that the best way to attack the power grid was to attack the least loaded nodes on the grid,” and that “[a]ttacking these lightly loaded nodes was the best way to cause cascading failures throughout the grid,” @moranned promises to go into more detail during the coming weeks. Definitely and interesting read worth checking out.
#1 – Complianciness: While @cyberhiker doesn’t post often, when he does, it’s always awesome. That’s why we’re honoring him with this week’s number one slot for his post “Which brings me to tonight’s word: Complianciness.” Starting out by describing what he means by the term “Complianciness,” @cyberhiker uses the example of the recent debacle at Heartland Payment Systems to make his point, saying “[w]here’s the complianciness? Heartland Payment Systems – based on my research of the situation Heartland may have been PCI compliant at the point in time that they were assessed. It could be that security was a little more lax when the assessors were not inbound to conduct testing. It also might have been that a very elaborate show was put on for the assessors and they were not actually compliant, but perhaps practicing complianciness.” Not only should you read this post for the awesome information it has, but @cyberhiker has a great sense of humor. Be sure to check out the full post here.
Well, that’s all this week. Be sure to check back next week for more great blog posts from local security bloggers.
No related posts.
