#securityisntsecure zoekresultaten
It’s a good point that data custodians seem to lose interest or motivation over time (which is why old Personal Data should be deleted when no longer needed). But I’m also reminded that security doesn’t degrade smoothly. It’s highly nonlinear. #securityisntsecure
Terrific security panel at #CCE2018. MyPOV: Time to move past the geeky romance of colored-hat hacking, and the dominant combative military metaphors. #Cybersecurity comes with simpler systems, slower more careful coding, and testing testing testing. #securityisntsecure
Indeed. Security isn’t a game. The practice needs a root-and-branch overhaul. lockstep.com.au/blog/2014/01/2… #securityisntsecure
“We’ve made everything worse in the past 25 years” by connecting everything so everything can be hacked - @dgwbirch #KNOW2019 Yup. #securityisntsecure
My periodic reminder that when a security pro tells you “it’s inevitable you will be beached”, they’ve become an insecurity professional. “Security” has become bastardized. #securityisntsecure #wordsmatter
QSAs have admitted to me, straight faced, there is no way they can say a company is still compliant the day after an audit. I say they shouldn't use the word "secure". People deserve some lasting confidence in the security of an audited organisation. #securityisntsecure #PCIDSS
“Wake up call?” FFS it’s a revive-the-stone-cold-dead. How do people build systems with so little forethought? I seriously think their risk assessment begins and ends with “Meh. It’s not going to happen to me!” #securityisntsecure
A few of us have called out cyber security practice as fundamentally broken. The word “secure” is cheapened gravely when infosec professionals tell us, po-faced, that breaches are *inevitable*. #securityisntsecure
... I've long been concerned that the intellectual basis for conventional cybersecurity is busted and needs an overhaul. Critically, the word "secure" in cyber is not what regular people think or expect. See constellationr.com/blog-news/secu… And I tagged a few examples #securityisntsecure.
But seriously now: lockstep.com.au/policy-fads-an… lockstep.com.au/security-isnt-… Quality is dead! And #securityisntsecure!
OH: “One thing I love about working in security: I get older, the problems stay the same”
“Intellectually” is the qualifier to make my terse hashtag more precise #securityisntsecure. People might think I meant job security.
Very much this. #securityisntsecure
2/ The only thing more broken than how CEOs view cybersecurity is how cybersecurity experts view cybersecurity. We have this flawed view that cybersecurity is a moral imperative, that it's an aim by itself. We are convince that people are wrong for not taking security seriously.
It's so incredibly frustrating. The great value of hotel data sets and their attractiveness to organised crime has been obvious for over 10 years. finextra.com/blogposting/31… But #securityisntsecure. Security spend is orders of magnitude smaller than the value of the assets.
Things that never used to be computers are now disasters waiting to happen. #IoT #securityisntsecure
Sure everyone knows their phones have more computer power than the computers used to land people on the moon. But did you know your phone's *Charger* probably has more CPU power than the computers that controlled Apollo forrestheller.com/Apollo-11-Comp…
Is there a better example of underspending on cyber security? #SecurityisntSecure
.@Windows 10 security breach highlights third-party vulnerabilities bit.ly/2uCXF3R @TechTarget @JesseScardina @Steve_Lockstep @constellationr
Agreed. Moreover process is a management fashion. The primary response to most breaches is more training, more audits, new procedures. #securityisntsecure
13/ Yes, this often comes down to "what pill can I take to make this rash go away", because CEOs are simpletons. But whatever answer you think of, like "security is a process, not a product", is really no better. Process isn't a quick fix here, either.
Agreed. Security like safety needs the less flashy stuff. Simpler system designs. Simpler code. Careful painstaking code design. Design reviews. Testing. Training. Legal sanctions for deficient product. #securityisntsecure
Who else thinks a “cybersecurity moonshot” is a horrible way to think about security? Getting safely to the moon and back, before 1970, was a discrete goal, against the laws of physics and nature. “Cybersecurity” is a never-ending process vs an intelligent, adaptive adversary.
"Security" cameras? Ha! Can someone sue the manufacturers and installers for false & deceptive product labeling? #securityisntsecure abc.net.au/news/2020-06-2…
Is there a better example of underspending on cyber security? #SecurityisntSecure
But seriously now: lockstep.com.au/policy-fads-an… lockstep.com.au/security-isnt-… Quality is dead! And #securityisntsecure!
... I've long been concerned that the intellectual basis for conventional cybersecurity is busted and needs an overhaul. Critically, the word "secure" in cyber is not what regular people think or expect. See constellationr.com/blog-news/secu… And I tagged a few examples #securityisntsecure.
Agreed. Moreover process is a management fashion. The primary response to most breaches is more training, more audits, new procedures. #securityisntsecure
13/ Yes, this often comes down to "what pill can I take to make this rash go away", because CEOs are simpletons. But whatever answer you think of, like "security is a process, not a product", is really no better. Process isn't a quick fix here, either.
Very much this. #securityisntsecure
2/ The only thing more broken than how CEOs view cybersecurity is how cybersecurity experts view cybersecurity. We have this flawed view that cybersecurity is a moral imperative, that it's an aim by itself. We are convince that people are wrong for not taking security seriously.
"Security" cameras? Ha! Can someone sue the manufacturers and installers for false & deceptive product labeling? #securityisntsecure abc.net.au/news/2020-06-2…
Things that never used to be computers are now disasters waiting to happen. #IoT #securityisntsecure
Sure everyone knows their phones have more computer power than the computers used to land people on the moon. But did you know your phone's *Charger* probably has more CPU power than the computers that controlled Apollo forrestheller.com/Apollo-11-Comp…
My periodic reminder that when a security pro tells you “it’s inevitable you will be beached”, they’ve become an insecurity professional. “Security” has become bastardized. #securityisntsecure #wordsmatter
A few of us have called out cyber security practice as fundamentally broken. The word “secure” is cheapened gravely when infosec professionals tell us, po-faced, that breaches are *inevitable*. #securityisntsecure
“Wake up call?” FFS it’s a revive-the-stone-cold-dead. How do people build systems with so little forethought? I seriously think their risk assessment begins and ends with “Meh. It’s not going to happen to me!” #securityisntsecure
.@Windows 10 security breach highlights third-party vulnerabilities bit.ly/2uCXF3R @TechTarget @JesseScardina @Steve_Lockstep @constellationr
“We’ve made everything worse in the past 25 years” by connecting everything so everything can be hacked - @dgwbirch #KNOW2019 Yup. #securityisntsecure
And so #securityisntsecure. If physical security was so awful, nobody would use the word “secure”. Information Security is an oxymoron but the really embarrassing thing is its practitioners don’t realise it.
Just another day in InfoSec: -Facebook leaves millions of user passwords exposed in plain text for years. -Google fined €1.5bn by EU regulator for blocking competitor’s ads. -UK's Police Federation infected with ransomware, deleting DBs, email systems, and their backups.
QSAs have admitted to me, straight faced, there is no way they can say a company is still compliant the day after an audit. I say they shouldn't use the word "secure". People deserve some lasting confidence in the security of an audited organisation. #securityisntsecure #PCIDSS
“Intellectually” is the qualifier to make my terse hashtag more precise #securityisntsecure. People might think I meant job security.
It's so incredibly frustrating. The great value of hotel data sets and their attractiveness to organised crime has been obvious for over 10 years. finextra.com/blogposting/31… But #securityisntsecure. Security spend is orders of magnitude smaller than the value of the assets.
It’s a good point that data custodians seem to lose interest or motivation over time (which is why old Personal Data should be deleted when no longer needed). But I’m also reminded that security doesn’t degrade smoothly. It’s highly nonlinear. #securityisntsecure
Indeed. Security isn’t a game. The practice needs a root-and-branch overhaul. lockstep.com.au/blog/2014/01/2… #securityisntsecure
Agreed. Security like safety needs the less flashy stuff. Simpler system designs. Simpler code. Careful painstaking code design. Design reviews. Testing. Training. Legal sanctions for deficient product. #securityisntsecure
Who else thinks a “cybersecurity moonshot” is a horrible way to think about security? Getting safely to the moon and back, before 1970, was a discrete goal, against the laws of physics and nature. “Cybersecurity” is a never-ending process vs an intelligent, adaptive adversary.
Terrific security panel at #CCE2018. MyPOV: Time to move past the geeky romance of colored-hat hacking, and the dominant combative military metaphors. #Cybersecurity comes with simpler systems, slower more careful coding, and testing testing testing. #securityisntsecure
Excited to be at #CCE2017! Panel discussion with @chenxiwang @chief_ventures @jeffnolan @mdkail #securityisntsecure #CISO
We are sleep walking into #IoT chaos: 2014.conference.auscert.org.au/program/speake… #securityisntsecure. @vicenews
Security comes to #CCE2017! Thrilled to moderate a great panel! w @chenxiwang @chief_ventures @jeffnolan @mdkail #securityisntsecure #CISO
MyPOV: Conventional #infosec isn't working in the highly non-linear digital world. #securityisntsecure
I say #SecurityisntSecure. Its intellectual basis is fundamentally flawed. The last thing we need is another stupid metaphor. #GartnerSEC
Are we really going to put up with cars needing to be patched like crappy PCs? #IoT #securityisntsecure
The drug pump's Wi-Fi password is available in the device, in plain text. #BBSecurity < MyPOV: #securityisntsecure
Are things so bad that the @US_FDA needs to coach device manfacturers to this degree?? #securityisntsecure
Aren't #infosec audits a sham if anything goes between audits? constellationr.com/content/securi… #securityisntsecure
What does the word "secure" mean anymore, when experts say breaches are inevitable? #Medicare breach, #CNPfraud #SecurityIsntSecure
.@azavery quotes Larry Ellison: people will lose the #infosec wars to computers. #oraclesecuritysummit MyPOV: especially when the average infosec worker - honestly - can’t be very good. Look at the job market asymmetry. #securityisntsecure
Something went wrong.
Something went wrong.
United States Trends
- 1. Cheney 82.4K posts
- 2. Sedition 162K posts
- 3. Lamelo 5,032 posts
- 4. Seditious 87.3K posts
- 5. First Take 47K posts
- 6. Jeanie 1,893 posts
- 7. Mark Walter 1,409 posts
- 8. Constitution 112K posts
- 9. Coast Guard 21.9K posts
- 10. Commander in Chief 51.3K posts
- 11. Seager 1,062 posts
- 12. Trump and Vance 36.7K posts
- 13. Elon Musk 279K posts
- 14. Cam Newton 4,345 posts
- 15. UNLAWFUL 76.2K posts
- 16. UCMJ 9,877 posts
- 17. Shayy 13.6K posts
- 18. Nano Banana Pro 24.2K posts
- 19. #WeekndTourLeaks 1,456 posts
- 20. Dameon Pierce N/A