Michael Santarcangelo delivers Awareness that Works™
By Adam Dodge Well, it has happened once again. Those folks over at the EDUCAUSE Center for Applied Research (ECAR) have stolen yet another of my research ideas straight from my head before I had a chance to move forward. As always is the case, the result of their mindreading theft is far beyond what [...]
By Adam Dodge I recently returned from yet another amazing time at the EDUCAUSE Security Professionals Conference. Out of all of the different security conferences that I have had the good fortune to attend, and out of all of the conferences that have taken pity and allowed me to talk, the SPC continues to be [...]
by Adam Dodge A few months ago, Andy IT Guy (here and here) and Alan Shimel (here and here) engaged in a blog-vs-blog debate on dealing with security product salespersons. Having just returned from a great time at Source Boston, I now find myself dealing with the ever present post-conference sales calls. Instead of rehashing [...]
By Adam Dodge I have a not-so-secret secret to share with all of you today. I, Adam Dodge, tend to be a tad bit neurotic at times. Nothing very serious, mind you. I just have a tendency to obsess over the things I do. Afraid that I have somehow missed the glaringly obvious or that [...]
By Adam Dodge On January 12, 2009, MITRE and SANS announced the release of the CWE/SANS Top 25 Most Dangerous Programming Errors list. Since the release of this list, there is been a lot of talk over whether or not this latest “Top XX” security list is useful. However, that is not the focus of [...]
By Adam Dodge One of the most difficult tasks any information security practitioner faces is clearly communicating the need for information protect in terms of dollars lost. There are many obstacles that one must overcome depending on the culture of their organization, including false sense of security, truthiness, and false proof. The problem, however, is [...]
By Adam Dodge There has been a lot of discussion around the value of breach statistics and breach reporting. Personally, I feel that organizations can find a lot of value by monitoring reported breaches. By studying what breaches are being reported, especially within the same industry vertical. Organizations can get a feel for how common [...]
By Adam Dodge Lately, there has been a flurry of activity in the land of security breach reports with organizations such as Debix, Verizon, the Identity Theft Resource Center and the Department of Justice all releasing reports looking at security breaches, breach notification laws and the state of information security in general. As someone who [...]
By Adam Dodge Recently, the University of Texas, Pan American announced that a staff member lost an external hard drive containing names, address and Social Security numbers of around 1,200 UTPA staff. The good news for these individuals is that the hard drive was found by another UTPA staff member and there does not appear [...]
Engage with Michael