How to become an Info Assurance Analyst

So, CNN/Money ran a story on the best 100 jobs in the United States, based on pay, projected job growth over the next 10 years, and quality of life ratings. And there was my job title, at #9. I think you should want to become one, so here’s how to become an Info Assurance Analyst.

The field desperately needs more of us, so I’m happy to share with you how to become someone like me. Read more

Anthem, HIPAA, and encryption

Late last week, the Wall Street Journal reported that Anthem wasn’t encrypting the database containing tens of millions of health records that were stolen by sophisticated hackers.

There are numerous problems with that story, the first being that we don’t know yet whether the data was encrypted. There are other unconfirmed reports that say the attackers used a stolen username and password to get at the data, which, if that’s true, likely would have allowed them to decrypt the data anyway.

Still, I’m seeing calls now for the government to revise HIPAA to require encryption, rather than merely encourage it. And of course there are good and bad things about that as well.

Read more

“It was a sophisticated attack.”

Every breach report contains the words “sophisticated attack.” Security pros like me see it as pure spin. Here’s why.

Read more

R.I.P. Radio Shack. I’ll miss what you once were.

R.I.P. Radio Shack. I’ll miss what you once were.

I’ve tried several times to write a eulogy for Radio Shack. It’s not easy. The demise has been a foregone conclusion for a very long time, and it’s clear they could have done any number of things differently and survived in some form.

But they didn’t. Let me tell you about the last time I almost went to Radio Shack. Yes, almost.

Read more

Why every breach is different

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected.

I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not necessarily helpful.

Read more

Not quite a new floor in a bottle, but…

There are several acrylic floor finishes–sometimes mistakenly called wax–that promise they’re like a new floor in a bottle. That’s a bit of an exaggeration, but if you have reasonable expectations, they definitely can make a floor look better and easier to clean. And depending on how you use them, they can even make the floor last longer.

Read more

Why you need a hobby

As security professionals, we deal with a tremendous amount of stress. Like my boss circa 2015 told me about a week into our tenure together, we tend to be perfectionists, and frequently we’re asked to deal with the most cavalier people in our organization. It’s a toxic combination.

One of the first things that boss asked me after we met was what I think about at home. In all honesty, I can’t help but think about work sometimes. But I have a lot of other things I think about at home too. Important things like my family of course, but other important things too, like trains and baseball and baseball cards. And for the last few years I’ve been in the position of mentoring younger members of my team. I always tell them to get a hobby if they don’t have one.

Read more

How to ensure you never get another Windows tech support scam call again

How to ensure you never get another Windows tech support scam call again

I haven’t received a fake Windows tech support call in a very long time. A couple of the operations doing this have been shut down, but based on the continued popularity of the things I’ve written about them, I wonder if some people are still getting them.

That makes me reluctant to block them, just in case they call me again, but if you’re getting those calls and want them to stop, I can tell you how to do that.

Read more

My 11th ’35 Goudey: Four Dodgers

Like my 10th card, my 11th card was also an Ebay win. It featured four Dodgers players. It’s a common card, with no Hall of Famers, but all of the players were starters for the Dodgers–no filling up space with utility infielders or middle relievers on this card, at least. A Dodgers fan unwrapping this card in 1935 wouldn’t have been too disappointed.

And even though there are no Hall of Famers on the card, there are some interesting stories here. Two of the players were once traded for each other before becoming teammates, and one of the players was the oldest surviving player to play for all three New York teams when he died at the age of 99.

Read more

My 10th ’35 Goudey: Ted Lyons and Mule Haas

Once I’d drained my local supply of 1935 Goudeys, I turned to Ebay. To keep some sport in it and keep costs down a bit, initially I decided to limit myself to auction listings rather than buy-it-nows.

The first time I looked, I could have bought every ’35 I lacked, spare one, via buy-it-now, and the one I couldn’t find wasn’t an expensive card. To me, that’s not really collecting. Collecting ought to involve some chase, and waiting an extra week for a com

So, in that spirit, I bid on a 1935 card featuring four Chicago White Sox one Sunday evening, and won.

Read more