All Stories
Cybersecurity for Machine-to-Machine (M2M) Networks
This is the nominal text of panel remarks I delivered at the Telecommunications Industry Association’s M2M & Cybersecurity Workshop on June 4th, 2013. The objective of the panel w...
In security, Jun 04, 2013“Everything was green. Mulally thought that was odd for a company losing billions.”
I have been a fan of the Ford Motor Company ever since I was a boy. There’s no rational reason for it, but then again, experts tell us that brand preferences are formed at very early ...
In strategy, leadership, Feb 21, 2013Bully for BlackBerry. But Is It Too Late?
Last week Research In Motion announced three things:
In mobile, Feb 15, 2013Four Things To Like About Obama’s Executive Order on Cyber-Security... and Four to Dislike
During his State of the Union Address on Tuesday night, President Obama announced an Executive Order on Cyber-Security. The full text is available in many places, including Wired. I’d...
In security, Feb 14, 2013Moving securitymetrics.org to Octopress
Soon, I will be moving the securitymetrics.org website to a simpler, secure and more usable system – the same platform that powers Markerbench. It should be done in time for Mini-Metr...
In security, web websites, applications, Feb 04, 2013All Andy’s Posts Now on Markerbench
As part of a continuing experiment with static blogging, I have moved all of my historical blog posts from securitymetrics.org to Markerbench.com. Everything is now here, including th...
In blog, applications, Jan 29, 2013Paving Over the Proprietary Web: The Java Security Bigger Picture
Perhaps you’ve heard about the recently disclosed Java 7 zero-day exploit. The flaw allows a remote attacker to take complete control of a computer. It has been incorporated into many...
In Java, Flash, ActiveX, Oracle, web security, Jan 21, 2013Review of Gene Kim’s novel, “The Phoenix Project”
Over the Christmas holidays, I read an advance copy of Gene Kim’s first novel, “The Phoenix Project.” Gene’s co-authors were Kevin Behr and George Spafford. It was a better read than ...
In books, DevOps, Jan 17, 2013Outsource your web risks with a static website
A few weeks ago I put together my annual Predictions blog post for the coming year. In that post and accompanying webinar, I suggested five emerging risk areas that CISOs need to pay ...
In security, web websites, applications, Jan 08, 2013“Every time you perform arithmetic operations on ordinal numbers, God kills a kitten”
I was reading Rich Beijtlich’s blog today, and came across that quote from a commenter known only as JimmyTheGeek. Wonderfully funny, and spot on.
In humor, metrics, security, Feb 19, 2008Featured
-
SRE Metrics and Security Measurement
In metrics, -
Five Things the Last Decade Taught Me About Security Metrics
In metricon, -
The Twenty-Year War on Cybercrime
In security, risk, big data, -
Review of Stephen Few’s “Information Dashboard Design, Second Edition”
In visualization, -
Cybersecurity for Machine-to-Machine (M2M) Networks
In security, -
“Everything was green. Mulally thought that was odd for a company losing billions.”
In strategy, leadership, -
Escaping the Hamster Wheel of Pain
In security, hamsters, books,