All Stories

Cybersecurity for Machine-to-Machine (M2M) Networks

This is the nominal text of panel remarks I delivered at the Telecommunications Industry Association’s M2M & Cybersecurity Workshop on June 4th, 2013. The objective of the panel w...

In security, Jun 04, 2013

“Everything was green. Mulally thought that was odd for a company losing billions.”

I have been a fan of the Ford Motor Company ever since I was a boy. There’s no rational reason for it, but then again, experts tell us that brand preferences are formed at very early ...

In strategy, leadership, Feb 21, 2013
“Everything was green. Mulally thought that was odd for a company losing billions.”

Bully for BlackBerry. But Is It Too Late?

Last week Research In Motion announced three things:

In mobile, Feb 15, 2013

Four Things To Like About Obama’s Executive Order on Cyber-Security... and Four to Dislike

During his State of the Union Address on Tuesday night, President Obama announced an Executive Order on Cyber-Security. The full text is available in many places, including Wired. I’d...

In security, Feb 14, 2013

Moving securitymetrics.org to Octopress

Soon, I will be moving the securitymetrics.org website to a simpler, secure and more usable system – the same platform that powers Markerbench. It should be done in time for Mini-Metr...

In security, web websites, applications, Feb 04, 2013
Moving securitymetrics.org to Octopress

All Andy’s Posts Now on Markerbench

As part of a continuing experiment with static blogging, I have moved all of my historical blog posts from securitymetrics.org to Markerbench.com. Everything is now here, including th...

In blog, applications, Jan 29, 2013
All Andy’s Posts Now on Markerbench

Paving Over the Proprietary Web: The Java Security Bigger Picture

Perhaps you’ve heard about the recently disclosed Java 7 zero-day exploit. The flaw allows a remote attacker to take complete control of a computer. It has been incorporated into many...

In Java, Flash, ActiveX, Oracle, web security, Jan 21, 2013

Review of Gene Kim’s novel, “The Phoenix Project”

Over the Christmas holidays, I read an advance copy of Gene Kim’s first novel, “The Phoenix Project.” Gene’s co-authors were Kevin Behr and George Spafford. It was a better read than ...

In books, DevOps, Jan 17, 2013
Review of Gene Kim’s novel, “The Phoenix Project”

Outsource your web risks with a static website

A few weeks ago I put together my annual Predictions blog post for the coming year. In that post and accompanying webinar, I suggested five emerging risk areas that CISOs need to pay ...

In security, web websites, applications, Jan 08, 2013
Outsource your web risks with a static website

“Every time you perform arithmetic operations on ordinal numbers, God kills a kitten”

I was reading Rich Beijtlich’s blog today, and came across that quote from a commenter known only as JimmyTheGeek. Wonderfully funny, and spot on.

In humor, metrics, security, Feb 19, 2008

Featured

  1. SRE Metrics and Security Measurement
    In metrics,
  2. Five Things the Last Decade Taught Me About Security Metrics
    In metricon,
  3. The Twenty-Year War on Cybercrime
    In security, risk, big data,
  4. Review of Stephen Few’s “Information Dashboard Design, Second Edition”
    In visualization,
  5. Cybersecurity for Machine-to-Machine (M2M) Networks
    In security,
  6. “Everything was green. Mulally thought that was odd for a company losing billions.”
    In strategy, leadership,
  7. Escaping the Hamster Wheel of Pain
    In security, hamsters, books,