Secure360 (@Secure360) Data Analysis & Visualization Talk Resources #Sec360

Many thanks to all who attended the talk @jayjacobs & I gave at @Secure360 on Wednesday, May 15, 2013. As promised, here are the [slides](https://dl.dropboxusercontent.com/u/43553/Secure360-2013.pdf). We’ve enumerated quite a bit of non-slide-but-in-presentation information that we wanted to aggregate into a blog post so you can vi[sz] along at home. If you need more of a… Continue reading →

Slopegraph As A Service

@adammontville [posited](http://www.tripwire.com/state-of-security/it-security-data-protection/quick-thoughts-on-verizons-dbir-and-20-critical-security-control-mappings/) that Figure 15 from this year’s [DBIR](http://www.verizonenterprise.com/DBIR/2013/) could use some slopegraph love. As I am not one to back down from a reasonable challenge, I obliged. Here’s the original chart (produced by @jayjacobs): and, here’s a _very_ _quick_ slopegraph version of it: You can click on both/either for a larger version. If I… Continue reading →

Wait Wait…Don’t Pwn Me! (SOURCE Boston) Transcript & Thank You!

For those that wanted to play along at home, I’ve cleaned up the text and made the Wait Wait…Don’t Pwn Me! closing segment of SOURCE Boston 2013 available for download [PDF]. The video crew had cameras running, so keep checking the @SOURCEconf web site as it’ll probably get posted as they crank through all of… Continue reading →

SOURCE Boston (@SOURCEConf) Data Analysis & Visualization Talk Resources #srcbos13

Many thanks to all who attended the talk @jayjacobs & I gave at @SOURCEconf on Thursday, April 18, 2013. As promised, here are the [slides](https://dl.dropboxusercontent.com/u/43553/SOURCE-Boston-2013.pdf) which should be much less washed out than the projector version :-) We’ve enumerated quite a bit of non-slide-but-in-presentation information that we wanted to aggregate into a blog post so… Continue reading →

Bahrain eGov Conference “Risk Reality” Slides

For those finding this post from the Bahrain eGov conference, I’d like to re-extend a hearty “Thank you!” for being one of most engaging, interactive and intelligent audiences I’ve ever experienced. I truly enjoyed talking with all of you. You can find the slides on my Dropbox [PDF] and please do not hesitate to bounce… Continue reading →

Off to Bahrain

As a result of a prod by @djbphaedrus I’m off to the Bahrain International eGovernment Forum this week to host a two hour workshop on “information risk reality”. As a result, blogging & tweeting will be at significantly reduced levels, so enjoy the brief respite from my blatherings while you can :-) If you happen… Continue reading →

It’s Never About The Security…

A Wish for Snow in Spring

The basic technique of cybercrime statistics—measuring the incidence of a given phenomenon (DDoS, trojan, APT) as a percentage of overall population size—had entered the mainstream of cybersecurity thought only in the previous decade. Cybersecurity as a science was still in its infancy, as many of its basic principles had yet to be established. At the… Continue reading →

rud.is

"In God we trust. All others must bring data"

Post Category → Information Security