Sister CISA CISSP:

Tearing My Hair Out


January 27, 2010  2:52 AM

One More Acronym & I’m Going to Scream – Part 3



Posted by: Arian Eigen Heald
Start Laughing Now, Stupid Technology, Tearing My Hair Out

OK, I admit it's a pet peeve. And it's certainly not going to be an annual report any more. But I can't imagine how people outside of the technical sector could possibly understand why we have so many different acronyms for the same thing. In the material below, there are four...

January 1, 2010  1:47 AM

Better Late Than Never…..



Posted by: Arian Eigen Heald
ACH Fraud, Banking Fraud, Data Breaches, data security, information security, Tearing My Hair Out

The Federal authorities and the American Banking Association have issued an alert to small and medium-sized businesses to use a dedicated PC for banking. "The alert advises businesses to dedicate a single computer for online banking activity that is never used for reading e-mail or surfing...


December 22, 2009  7:09 PM

The Forest or The Trees – Part 2



Posted by: Arian Eigen Heald
Admins and Auditors, Tearing My Hair Out

In a previous article, I talked about the issues faced by IT Security and financial auditors, in trying to come together. Financial auditors only care about financial systems and...


December 4, 2009  10:46 PM

The Forest or The Trees; Why Can’t We Have Both?



Posted by: Arian Eigen Heald
Admins and Auditors, Tearing My Hair Out

It often seems as if IT Security and auditors will never meet in the middle. As a person with one foot in either side of the fence, I'm often amazed how two groups with fundamentally the same goals can't seem to agree. Usually, when this happens, I'm an auditor sitting with IT Security people,...


October 30, 2009  12:53 AM

When a “Fix” is Not a Fix – The Fix is In



Posted by: Arian Eigen Heald
Data Breaches, Hardware & InfoSec, information security, Stupid Technology, TCM (Truly Clueless Management), Tearing My Hair Out, Wireless

In my previous post, I discussed the Time Warner/SMC modem enormous security flaw. Lo and behold, I am visited and left a comment by "Adam Wood" defending SMC,...


October 21, 2009  6:52 PM

Using Time-Warner as Your Internet Provider? Check Your Modem QUICKLY



Posted by: Arian Eigen Heald
Data Breaches, data security, information security, Stupid Technology, Tearing My Hair Out, Wireless

As lf 10/20/09, a software maven has written of a major security hole (one you can drive a TRUCK through) in the wifi/cable modem models issued to customers who don't want to use their own equipment. Here's the link, in all its' details, by David Chen,...


April 29, 2009  11:46 AM

Encrypt Your Laptops NOW



Posted by: Arian Eigen Heald
Data Breaches, laptop encryption, laptop security, Tearing My Hair Out

SC Magazine has reported that a laptop belonging to the State of Oklahoma was stolen, with 1 million names, Social Security numbers, birth dates and home addresses of Oklahoma's Human...


March 17, 2009  2:13 AM

The Emperor Has No Clothes



Posted by: Arian Eigen Heald
Data Breaches, PCI DSS, Start Laughing Now, Tearing My Hair Out

Visa is in a difficult position: it has said that merchants must be compliant, and the ultimate threat is to pull processing permissions from non-compliant merchants. But if one of the merchants turns out to be a payment processor that generates huge profits for Visa, do they cut off their nose...


February 5, 2009  6:12 PM

I Need a Really Big Stick



Posted by: Arian Eigen Heald
Data Breaches, TCM (Truly Clueless Management), Tearing My Hair Out

The Ponemon Institute (I keep wanting to say Pokemon, don't you?) is about to release it's fourth annual study on data breach activity. What differentiates this report from the study provided by McAfee? Well, for...


January 22, 2009  5:49 PM

When a Patch is Not a Fix – We Have the Downadup Worm



Posted by: Arian Eigen Heald
Microsoft Windows, Security, Tearing My Hair Out

If you haven't heard by now, the "downadup" worm (renamed various other things by competing vendors) is propagating itself like crazy across the Internet. Various software vendors have added some artificial hype about how fast it is spreading, but I didn't get sweaty palms until I read that US_CERT...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: