Infosec

Where I’m Going and What I’m Leaving Behind

by Bill Brenner May 16, 2016 Infosec

Last week I announced my impending move from Akamai to encryption company PKWARE, where I’ll be senior content strategist. This post is for those who have asked why. It’s also a tribute to the company I’m leaving behind. Mood music: I’m leaving because I’m ready for a new adventure, the next step of my professional evolution. After several conversations with the folks at PKWARE, it became clear that I could make a mark there and have…  [Read More]

4 Tips to Beat Fear and Anxiety at #RSAC2016

by Bill Brenner February 3, 2016 Infosec

The first time I attended RSA in 2005, fear and anxiety threatened to consume me. I feared the flights, the crowds and the prospect of failing professionally. Fast-forward to 2016: I’m a veteran infosec journalist who has been to too many conferences to count. I can’t say that I’m done with fear and anxiety, but I’ve brought it largely under control. I’ve met a lot of people who suffer the same debilitating anxiety I used to experience over…  [Read More]

Potential Positive of “CSI: Cyber” at RSA Conference 2016

by Bill Brenner January 27, 2016 Infosec

The information security community is losing its collective mind because actors from the much-maligned CSI: Cyber TV series are on the keynote schedule for RSA Conference 2016. Dave Lewis, writing as @gattaca, captured the sentiment: Wait…wait… just…wait. Actors from CSI:Cyber are giving keynotes at RSA? O_o A lot of analysis has been devoted to RSA’s decision. I like the suggestion Violet Blue makes about how maybe, just maybe, RSA is playing a clever joke on us: What if RSA’s ongoing keynote…  [Read More]

4 Problems with Krypt3ia’s Krampus List

by Bill Brenner December 7, 2015 Infosec

I like Scot “Krypt3ia” Terban. The security researcher has a crotchety communication method I enjoy, and I read his posts a lot. I especially enjoy when he goes after security vendors for FUD (fear, uncertainty and doubt). So when he released his annual Krampus List — a naughty list for the security community — I read it and laughed a lot. But as I read through it, I found some of it mean spirited. By…  [Read More]

These Squabbles Make Us Small

by Bill Brenner October 5, 2015 Infosec

Some of you asked why I don’t write as much as I used to. Partial answer: My real job and a lot of family business leave me with less time and motivation to do so. But there’s something else, and it’s had a bigger impact. Mood music: The squabbling on social media has gotten so childish that it’s not worth commenting on anymore. This is especially true in infosec. My job used to be writing…  [Read More]

Schooled By a 14-Year-Old on Good (and Bad) Passwords

by Bill Brenner September 7, 2015 Infosec

This is about an information security practitioner getting schooled by a 14-year-old about something as basic as an iPhone PIN number. Mood music: Since I work in information security, family expects me to be THE expert. And sometimes I ask for trouble when I try to teach people a lesson — like grabbing phones and writing on the owners’ Facebook walls to demonstrate the value of having a security PIN on the phone. One day…  [Read More]

This #BSidesLV 2015 Panel Captures How I Feel

by Bill Brenner August 14, 2015 Infosec

While I was away on vacation last week, some of my good friends in the InfoSec community did this panel at BSidesLV 2015. They discussed the importance of doing over talking, and captured the problem of trash talking in the community more eloquently than I have up to this point. The problems they touched upon are some of the things I found in myself when I wrote this post about the “InfoSec Rock Star” complex. Please…  [Read More]

Cut Mary Ann Davidson Some Slack

by Bill Brenner August 12, 2015 Infosec

These last two days the infosec community has been consumed by a blog post Oracle CSO Mary Ann Davidson wrote. In that post she railed against security researchers who reverse-engineer Oracle’s code and nudge the database giant with their vulnerability findings. (Oracle removed the post, but The Wayback Machine captured it and it’s been distributed far and wide anyway.) Mood music: Davidson argued that Oracle does just fine finding and fixing its vulnerabilities and that…  [Read More]

On Skipping Security Cons

by Bill Brenner June 15, 2015 Infosec

On Twitter last month, friend and fellow infosec professional Marcus Carey suggested industry peers place too much importance on conferences: There is no way these people that speak & appear at every conference should be taken as serious practitioners of their craft. — Marcus J. Carey (@marcusjcarey) May 15, 2015 One can take the tweet several ways. Mood music: Some might say he’s criticizing conference organizers for roping in people who spend all their time…  [Read More]

The Women at RSA Conference 2015

by Bill Brenner April 7, 2015 Infosec

Renowned writer Violet Blue recently noted that the speaking agenda at RSA Conference 2015 includes only five women and only one of which is a security practitioner: 25 RSA keynotes. Of the 5 women, 1 has “security” in her bio (she works @ RSA), 3 are there to talk about children. http://t.co/corEpuujh7 — Violet Blue ® (@violetblue) March 27, 2015 At least one person on Twitter felt it was an unfair observation; that there’s nothing wrong…  [Read More]