SECURETARGET

Author: Kaveh Mofidi

  • Security and Quality

    Security is a matter of usability and one of elements of quality of a system. ain’t it literally a matter of “safety”? how come Quality does care about a defect related to safety of a user in physical world but not the virtual world? security bug is named differently: security vulnerability, but ain’t just a…

  • Cyber Security: The Essential Role of Internet Service Provider

    It has been logically proven to me that some elements of cyber security of any internet user is solely on shoulder of ISP but that has been the last thing we ever cared perhaps because we tend to complicate simple things! ISP is supposed to be the only owner, or main layer to internet user…

  • Regulating Dark Web!

    I came across an article the other day on Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources!  A publication from justice.gov with interesting insight but opened an old wound for me! Trying to regulate an environment which is naturally unregulated sounds not reasonable. it is like saying you can…

  • Fix Cybersecurity Issues vs Making Money Out of Them!

    Have we really been fixing cyber-security issues and challenges, or we just want to make money out of “lack of awareness”? The simplest analogy I can think of is cigarette and generally tabaco industry. If we really believed that those are against society and individual health, how much is cost of cancer and other complications…

  • Organic Compliance! Deep Dive into a Clause, No Matter which…

    One of the effective techniques to handle ISO 27001 or any other security management standard or framework is to go deep into a matter regardless of where you want to start or even where to are forced to start.  In practice, the main challenging question and the answer for that to many organizations, when they…

  • Is EFS secure?

    I have seen many official statements about EFS being so insecure and we should not use it blah blah…and that is so surprising for me something from professional sources hearing a unprofessional statement, or better say, inaccurate assumption about one of the simplest and effective ways towards cryptographic practices!  Assuming you know what Encrypting File…

  • Management Without Understanding Is Not Management

    The same problem, only louder Looks like nothing has changed. The same leadership failures I talked about years ago are still here, only more polished, more decorated, and more destructive. Companies keep pretending they have “leadership,” but what they really have is a chain of people giving deadlines without understanding the work behind them. The…

  • The Main Source of Cyber Threat Intelligence

    Which firm, company or solution can have the most comprehensive source of threat intelligence? The question should come to your mind when you are shopping for this security matter for any reason. Sources can have different type of data and then convert it to useful information via either active or passive mechanisms to gather intelligence,…

  • Do Managed Security Services Elevate Overall Security Posture?

    Does a managed security service enhance overall security posture? Usually No!  Managed security services are highly built on customer expectation instead of precise protocols to build a security barrier for client. There are many factors involved in quality of security services after migration to a managed service but most effective one is “client expectations”, or…

  • Does Cloud Guarantees Security?

    There is a wrong perception of Cloud security among consumers of the Cloud solutions and platforms. Actually, classic Clouds are more insecure than traditional computing even though it is set on stone for most people even many “IT professionals” that Cloud computing is natively more secure, or by default it is at least more secure…