A Security Questionnaire, RFI, VRA (Vendor Risk Assessment), VR Management…helps customers identify and evaluate the risks of using a vendor’s product or service. Performing such a review is sometimes mandatory based on the industry (e.g. healthcare). During this standard business process, customer collects written information about security capabilities of a supplier and you could barely… Continue reading Vendor Risk Assessment: Hassle or Blessing?!
Author: Kaveh Mofidi
While I enjoy working with electronics, computers, and the fields of information and cybersecurity, I believe our challenges as humans extend far beyond infosec—and even beyond technology itself. The real task, I would argue, is to discover solutions for unlimited clean energy, drinkable water, practical waste management and to address the root causes of hunger, war, and injustice on our beautiful little planet. Our primary goal—each of us—should be to keep Earth livable. That is the true challenge we face.
Coding Skills and Security Administration
Know how to code and take your computer security effectiveness to next level
Tech Staff Justifies Incompetence!
Have you ever listened to your tech team trying to justify all the tasks left behind, delayed or procrastinated? Do you have an IT team brining excuses for every project there are facing and try to blame everything except the root cause? Then you are not alone! Here is a known list of IT staff… Continue reading Tech Staff Justifies Incompetence!
ISMS is Not equal to Real Security!
Is having an information security management system equal to actual security? Nop! Having an information security management system is not an indication of quality of security controls. Management systems are easier way of administration in a standard and systematic way, but they do not necessarily an indication of security control effectiveness. As an example, ISO… Continue reading ISMS is Not equal to Real Security!
Simple Sign of Security Program Has Already Been Failed
The simple sign is your Trust and Confidence: Do you have faith in your security program? For a moment be honest and ask yourself: am I confident with my company security program? Do I have faith in our security team? Do they really know what they are doing? Does my information security officer worth pay… Continue reading Simple Sign of Security Program Has Already Been Failed
The Only Reason A System Has Not Been Hacked!
Real hackers do not randomly find a flaw in a system. There is a systematic approach to hack a system! Regardless of size and type of an online entity and its online presence, a giant company with ten thousand of employee, or a home user of the Net, the only reason a system (may) have… Continue reading The Only Reason A System Has Not Been Hacked!
One Strategy to Win the Cyber-security Battle: Change the Focus!
Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle! “Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing… Continue reading One Strategy to Win the Cyber-security Battle: Change the Focus!
Does Technology Solve Our Problems?
Real issues are not going to be solved by any of those known popular internet applications! Currently it does not but technology could solve our problems if two factors considered: Definition of ‘Problem’ Justifying practical ‘Application’ The former seems so obvious but that is actually the root cause of why technology is not able to solve… Continue reading Does Technology Solve Our Problems?
Tools vs. Techniques
Operations fail by focusing on tool rather than technique! In context of information technology, with all primary operations like Systems administration, Patching and updating, Backup and replication, Malware protection…and all related sub-tasks, focus on Tools is an enemy of the process! Defining, developing or choosing a technique in advance is crucial to an IT operation.… Continue reading Tools vs. Techniques
Good IT Exercises: Documentation!
Everybody’s talking about importance of physical exercise and routine workouts these days, and of course that’s the result of 21st century life-style which is forced through technology but how about some technology exercises and routine practices which can help reduce the pressure on tech staff workload and leads us to a healthier IT environment? Documentation… Continue reading Good IT Exercises: Documentation!