I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective. I think most any CISSP will answer that question similarly, so I’ll take a stab at it.
I saw this new headline regarding Edward Snowden, discussing his NSA hacking training. Don’t be impressed. For several years, I lived in that same world Snowden lived in. I’ve gone out of my way to avoid mentioning this, but from 2005-2012, I was a consultant. I worked for several different companies, due to contracts changing […]
I had lunch on Friday with the recruiter who placed me at my current gig. We talked about a lot of things, including our families, but we talked a lot about the tech labor market. It’s growing, finally, and going to grow a lot more in the next few years as Boeing relocates its IT […]
My tell-all about my encounter with “Computer Maintenance Department” was a little heavy on the jargon yesterday. It occurs to me that explaining what some of the terminology means, and the problem with their reasoning, may be helpful. I’ve also heard a few questions through various channels, and I think those are worth answering.
I was catching up on security podcasts this week, and a brief statement in one of them really grabbed me. The panel was talking about people who steal online gaming accounts, I think. The exact content isn’t terribly important–what’s very important is what this person found in the forums where the people who perform this […]
I had a job interview Monday. I have at least one observation from it–the things on my resume that impress recruiters don’t necessarily impress a good hiring manager. Not on their own, at least. Let’s do some post-mortem.
Ars Technica posted an overview of asymmetric encryption recently.
This week Cnet interviewed Phil Lapsley, the author of Exploding the Phone, a book about the early history of phone phreaking. Phone phreaking is absolutely fair game for the CISSP exam. I couldn’t tell you anymore how many phone phreaking questions I had to answer, but let me just say I’m glad I’d read those […]
Longtime reader/commenter Joseph asked two questions yesterday: What’s the boundary between gray and black-hat hacking, and is it moral to pick and choose between moral and immoral laws? The first question is easier than the second. So I’ll tackle that one first.