by John Verry | Aug 12, 2019 | InfoSec Strategies
Reading Time: 2 minutes
In part 1 of this post I introduced Vilfredo Pareto and “The Pareto Principle” as applied to information security. The goal is to mitigate 80% or more of your InfoSec risk with 20% or less of the effort, by focusing on the most...
by John Verry | May 11, 2018 | Penetration Testing
Reading Time: 2 minutes
Editor’s Note: This post was originally published in September 2015 and has been updated for accuracy and comprehensiveness. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on...
by John Verry | Apr 16, 2015 | ISO 27001 Certification
Reading Time: 3 minutes
Throughout 2014 and into 2015 with the recent Anthem Blue Cross breach, every few weeks with distressing regularity there has been a new breach or exploit of epic proportions. But the “shock and awe” surrounding December’s Sony...
by John Verry | Oct 21, 2014 | ISMS Consulting
Reading Time: 3 minutes
Recently we blogged about rogue cell towers (also called IMSI catchers, stingrays or GSM interceptors) and the potential risk they pose of intercepting cell phone calls. An ongoing investigation into the proliferation of these...
by Richard Barrus | May 28, 2010 | ISMS Consulting
Reading Time: < 1 minuteEver need to work on a remote computer which is behind a typical firewall. Well if there is no inbound connectivity, you can play a bit of leap frog using ssh in order to gain access to that server. Here’s a quick example. For this...