SECURETARGET

Author: Kaveh Mofidi

  • Offline Is the Only Real Privacy

    Offline Is the Only Real Privacy

    The Illusion of Being “Connected” We built an internet that behaves like a crowded room where every wall has a microphone. Then we pretend privacy is a setting, a toggle, a subscription, or a VPN logo glowing green. In this era, the truth is simpler and more uncomfortable: Privacy ends the moment you connect. Everything…

  • Does Internet Act As A Valid Source Of Information?

    Internet was built with the initial goal of providing the most validated data to the corresponding party. Today we are so far away from that mindset but still, how much we can rely on the data provided via the Net? The answer is simply depends on the source of data. People usually believe what they…

  • No Silver Bullet in Computer Security

    No Silver Bullet in Computer Security

    There is no silver bullet in any aspect of information security. All the answers like EDR, MFA, SIEM… might get you in a better or worse security posture, it all depends to how you implement and manage but none of them are silver bullet in their area (malware protection, authentication, monitoring…). It is all about…

  • Troubleshooting with Google is useless because you won’t learn

    Troubleshooting with Google is useless because you won’t learn

    problem solving is not searching searching might give you an answer. but it won’t give you understanding. “water usually finds the way out of a leaky pipe, but it won’t fix the plumbing.” systems are complex. success is luck without insight. troubleshooting is its own skill you learn to troubleshoot by knowing what parts interact.…

  • Accurate Vendor Risk Assessment

    Accurate Vendor Risk Assessment

    How to have an accurate vendor risk assessment?  Assessing your vendors, suppliers, business associates…or any other term you give to who is providing services to your firm is crucial and even might be required from a regulatory stand point (i.e. like in HIPAA). I do not want to get into detail of what would be…

  • Vendor Risk Assessment: Hassle or Blessing?!

    A Security Questionnaire, RFI, VRA (Vendor Risk Assessment), VR Management…helps customers identify and evaluate the risks of using a vendor’s product or service. Performing such a review is sometimes mandatory based on the industry (e.g. healthcare). During this standard business process, customer collects written information about security capabilities of a supplier and you could barely…

  • Coding Skills and Security Administration

    Coding Skills and Security Administration

    Know how to code and take your computer security effectiveness to next level

  • Tech Staff Justifies Incompetence!

    Have you ever listened to your tech team trying to justify all the tasks left behind, delayed or procrastinated? Do you have an IT team brining excuses for every project there are facing and try to blame everything except the root cause? Then you are not alone! Here is a known list of IT staff…

  • ISMS is Not equal to Real Security!

    Is having an information security management system equal to actual security?  Nop! Having an information security management system is not an indication of quality of security controls. Management systems are easier way of administration in a standard and systematic way, but they do not necessarily an indication of security control effectiveness.  As an example, ISO…

  • Simple Sign of Security Program Has Already Been Failed

    The simple sign is your Trust and Confidence: Do you have faith in your security program?   For a moment be honest and ask yourself: am I confident with my company security program? Do I have faith in our security team? Do they really know what they are doing? Does my information security officer worth pay…