While we love security news sites as much as the next person, we really love hearing from people in the local security community. That’s why we started our “Top 3 NoVA Infosec Blog Posts of the Week” feature; it lets us highlight the best of local security bloggers, and gives you the opportunity to read awesome security material produced by members of the local community.

If you’re a local security blogger that would like to be considered for this feature, please feel free to shoot us an email or send us a tweet @grecs. We also have a handy list of local bloggers, so be sure to contact us if you aren’t already on the list!

#3 – Election Woes: Just when you thought the election headache was over, @geminisecurity proves you wrong. Because while the election itself might be over, the controversy over voting machines is just beginning. In their post “AVC Advantage Attack,” @geminisecurity points out the fact that you can learn to hack a voting machine for around $20, and it’s a fairly simple task. That’s right: We are voting on machines that are not only easy to hack, but aren’t even regulated! Something tells us that George Washington is rolling over in his grave. Be sure to check out the full post here. 

#2 – Simple Security: We’ll be honest; this post got our attention before we even read it. With a title like “Simplicity is Security,” how could it not? Taking an interesting look at security by examining the use (or lack thereof) of debit and credit cards in Japan, @mubix makes some excellent points about how our desire to jump on every technological advance that comes along is making it harder to have good security. After talking about how people in Japan usually don’t have credit cards, debit cards, or do any of their banking online, @mubix poses the following question to his readers: “Should we continue down the path of “MORE SECURITY” or should we deviate a bit for simpler, possibly non-technical practices?” While we can’t say that we totally agree with the route of non-technical practices, we do believe that there is a happy medium. To answer the question for yourself, why not check out the full post?

#1 – Careers in Security: With the current economy being what it is, career advice had become rather popular as of late. Richard Bejtlich of TaoSecurity jumped on the career advice train this week in his post “Thoughts on Security Careers.” Quoting a number of different posts that deal with popular career trends and career advice for security professionals, Bejtlich gives his own insight, tips, and tricks. Even if you’re not interested in leaving your current job for another, this post is a must-read.

Well, that’s all for this week. Be sure to check back next week for more great reads from security professionals in your community.

There were some interesting blog posts from local NoVA infosec bloggers this week, discussing everything from customer service to what IT Security jobs will look like 20 years from now. But since we can’t highlight them all, we picked the best 3 blog posts of the bunch.

As always, be sure to tell us what you think by leaving a comment below. You can also send us a tweet @grecs.

#3 – Revisiting the Golden Rule: Depending on who you talk to, the ‘golden rule’ can mean many different things; to Wade Woolwine however, the golden rule that’s been missing from the security field is customer service. Wade writes, “when you’re involved in security, specifically for a product, or a company who builds products, you should be listening to your customers!” While that can sometimes be difficult for those of us who are a little reserved, Wade’s right: Part of dealing with people is helping them. While it’s easy to think that having a job in security means that you’ll never have to interact with people again, the reality is that you will. Even if you sit alone in a room with a computer for most of your day, chances are you still report to someone, work with someone on projects, or deal with outside companies or customers. Unless you’re one of the 1% of people who somehow manage to avoid all human contact, Wade provides some useful tips on how security professionals can polish their customer service skills. You can view Wade’s full blog post here.   

#2 – Security Careers for the Next Generation: Like everything else in the world, the security field is also changing. It’s unrealistic, as Richard Bejtlich points out, to think that the next generation of security professionals will be able to find the same positions that are available today. Why? According to Bejtlich, it’s due to a shift that’s happening not only in the security field, but the IT field in general. He writes, “I’d like to know which of you manage a 3G network? Chances are if you answer yes, you work for a telecoms provider. How many of you keep the operating system on your Blackberry or iPhone patched? If you answer yes you work for a telecoms provider or Apple.” Basically, Bejtlich believes that the next generation of security and IT professionals will find less variety of jobs to chose from, limited mainly to providers and vendors. You can read the full blog post on Bejtlich’s Tao Security blog.

#1 – A Little Extra Heat: It turns out that the “Cyber Security Coming to a Boil” blog post by Michael Smith of the Guerilla CISO created a fair amount of controversy. In case you didn’t read our post about it last week, Smith talked about the political side of cyber security. (And yes; anytime you involve politics in anything, it is bound to cause controversy). But in an interesting twist, Smith let one of his commenter’s (Ian99) write an entire post explaining why he didn’t agree with Smiths’ blog post. It makes for an interesting read, and it’s nice to see both sides of the issue. You can read Ian99’s response to Smith here.

Well, that’s all for this week; be sure to check back next week for more of the best from local infosec bloggers.

###

Speaking of local bloggers… we here at NovaInfosecPortal are locals too. If you’d like to support
 our site and keep the local infosec community going strong, why not consider subscribing to NovaInfosecPortal?