l am still sitting in the parliament room of the Council of Europe at the celebration event for the Budapest Convention. It was another very good event advancing the challenges fighting Cybercrime. Let me try to summarize a few thoughts:
The Budapest Convention is probably the best convention out there allowing a wide adoption of . . . → Read More: Council of Europe Octopus Conference- Some Thoughts
A few years back a customer’s CSO left the room when I said that this customer should start thinking about a scenario, where selected users bring their own devices – he called me “nuts”. Well, I think the smartphone area proofed me right. Basically the smartphones were the first Bring Your Own Device (BYOD) as . . . → Read More: How to manage “Bring your own device”
A lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy.
This made us thinking about what . . . → Read More: Cybersecurity–More than a good headline
A few years ago I posted on DaRT after having seen it: Microsoft Diagnostics and Recovery Toolset. It is a really good an interesting tool for a lot of problems, one of them being incident response. I just stumbled across one article describing this: Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response.
. . . → Read More: Using the Microsoft Diagnostics and Recovery Toolset (DaRT) for Incident Response
Wow, I guess the reason for you clicking on the link is this statement – right? Well, “unfortunately” I cannot claim ownership of it. It was made by a Google representative during an interview in Australia: Google: Who cares where your data is?
To me, the whole Cloud discussion sometimes drives into interesting directions. I . . . → Read More: Who cares where your data is?
Quite a while ago, I blogged about the File Classification Infrastructure in Windows Server 2008 R2:
File Classification Infrastructure in Windows Server 2008 R2 File Classification Infrastructure:More content
In my opinion, this is an interesting tool, built in to your server platform.
Now, we just published a paper about how we use this File Classification . . . → Read More: How Microsoft Uses File Classification Infrastructure
Fairly often I am asked whether the Security Guides for our products still exist. The good news is: They do. The bad news is: They are called differently
The previously stand-alone Microsoft product-specific security guides are now included within the Microsoft Security Compliance Manager (SCM) tool, which I blogged about several times already (e.g. . . . → Read More: Rediscover Microsoft Security Guides
A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether we . . . → Read More: Mutual Authentication in Real Life–Launching a Nuclear Missile…
Do you know the feeling? You should share a large file with somebody outside your organization. The file is too big to be sent by e-mail. What can you do? Well, you might have a service by internal IT (we have one) which is not really user-friendly, hard to use and – as you do . . . → Read More: Aligning Security with the Business
The longer the more I see articles and posts that claim that security could actually improve if you migrate to the Cloud. And the longer the more I am a firm believer of these statements. It is not about forgetting best practices and just handing over everything to the Cloud provider. It is about adapting your practices to the new reality. . . . → Read More: Quit Worrying About Cloud Security?