For U.S. Defense Contractors, the National Industrial Security Program Operating Manual (NISPOM) is the bible of process, procedure and how things are accomplished for every contractor. Additionally, every cleared employee must be provided security training. And you the contractor or the contractor’s security representative are responsible for its creation and presentation. Your cleared personnel are also individually responsible, as noted …
Do You Know Where Your Data Is?
The following appeared in the Canadian online magazine Security Matters: Location Based Services: Do you know where your data is? Do you know where your data is? By Christopher Burgess Everywhere you look, retailers and other entities are offering to collect your data using one of the many location-based services available to collate your whereabouts and analyze your behavior. Are …
Crimeware – a book review by Christopher
Five stars to Jakobsson & Ramzan for a most useful guide to understanding the underbelly of the internet. The strength exhibited by this book lies within the all-star lineup of contributors and the thorough dissection of the numerous forms of crimeware. Their book is a must read for anyone who has responsibility or an interest in protecting Personal Identifying Information (PII), Private Consumer Information (PCI) or Intellectual Property (IP).
Security Monitoring – a book review by Christopher
The guide is a professional guide, with exemplars which can be used in a sandbox, or to assist you in noodling through specific infrastructure monitoring issues – such as “tuning” so the incident logs tell you the story, and don’t drown you in event data. This book should be in every incident responset team’s professional library.
2008 – Presentations by Christopher Burgess
In 2008, the publication of Secrets Stolen, Fortunes Lost, proved to be the entree to a great many speaking engagements. Once again, I was invited to NATO’s information assurance conference, and to the AFIO annual intelligence symposium. All in all 2008, saw a diverse and exiciting schedule of events, all of which served to continue to increase the awareness of …
2007 – Presentations by Christopher Burgess
In 2007 I learned much about the concept of “Thought Leadership” and was pleased to have been invited by both public and private entities to speak to their organizations and personnel. Visting Purdue University, Massachusetts for the E-Government Summit, and NATO for their Information Assurance conference, and supporting the HTCIA, ASIS, WRG and AGMA and getting to meet their constituents. I thoroughly enjoyed visiting the many …