All Stories

Cybersecurity for Machine-to-Machine (M2M) Networks

This is the nominal text of panel remarks I delivered at the Telecommunications Industry Association’s M2M & Cybersecurity Workshop on June 4th, 2013. The objective of the panel w...

In security, Jun 04, 2013

“Everything was green. Mulally thought that was odd for a company losing billions.”

I have been a fan of the Ford Motor Company ever since I was a boy. There’s no rational reason for it, but then again, experts tell us that brand preferences are formed at very early ...

In strategy, leadership, Feb 21, 2013

Bully for BlackBerry. But Is It Too Late?

Last week Research In Motion announced three things:

In mobile, Feb 15, 2013

Four Things To Like About Obama’s Executive Order on Cyber-Security... and Four to Dislike

During his State of the Union Address on Tuesday night, President Obama announced an Executive Order on Cyber-Security. The full text is available in many places, including Wired. I’d...

In security, Feb 14, 2013

Moving to Octopress

Soon, I will be moving the website to a simpler, secure and more usable system – the same platform that powers Markerbench. It should be done in time for Mini-Metr...

In security, web websites, applications, Feb 04, 2013

All Andy’s Posts Now on Markerbench

As part of a continuing experiment with static blogging, I have moved all of my historical blog posts from to Everything is now here, including th...

In blog, applications, Jan 29, 2013

Paving Over the Proprietary Web: The Java Security Bigger Picture

Perhaps you’ve heard about the recently disclosed Java 7 zero-day exploit. The flaw allows a remote attacker to take complete control of a computer. It has been incorporated into many...

In Java, Flash, ActiveX, Oracle, web security, Jan 21, 2013

Review of Gene Kim’s novel, “The Phoenix Project”

Over the Christmas holidays, I read an advance copy of Gene Kim’s first novel, “The Phoenix Project.” Gene’s co-authors were Kevin Behr and George Spafford. It was a better read than ...

In books, DevOps, Jan 17, 2013

Outsource your web risks with a static website

A few weeks ago I put together my annual Predictions blog post for the coming year. In that post and accompanying webinar, I suggested five emerging risk areas that CISOs need to pay ...

In security, web websites, applications, Jan 08, 2013

“Every time you perform arithmetic operations on ordinal numbers, God kills a kitten”

I was reading Rich Beijtlich’s blog today, and came across that quote from a commenter known only as JimmyTheGeek. Wonderfully funny, and spot on.

In humor, metrics, security, Feb 19, 2008