â| https://www.linkedin.com/in/mikevj/ | |
| Shadowserver | https://shadowserver.org |
| Podcast | https://cisoseries.com |
In the first report, we analyzed 25 security practices against 11 outcomes to see which ones had the strongest statistical correlations.
Last year, we took the top five most correlated practices and looked more deeply at WHY they seemed to have the most impact across the board.
This year, we focused on security resilience. What do practitioners think it means? What outcomes do they associate with resilience? And which practices are most strongly correlated with resilience outcomes?
As usual, the data holds some surprises in store. Check out the report when it launches on December 6th.
I just wrote a post about the current state of growth in infosec.exchange at the one month mark post E-day here: https://blog.infosec.exchange/2022/11/27/an-update-on-growth-of-infosec-exchange/
Note: I installed a plugin that will allow you to follow blog posts there by following @[email protected]
You are never too important or too advanced to lend a helping hand. It's just that simple.
Sleepy, ill-advised rant: to all of the folks who mock the "we take the security of your data very seriously" part of a breach notification, have you ever had to write a security notification? Actually admitting to a security issue (breach/vulnerability/etc) is a huge step for a company. Those notices have to cover a broad range of audiences, not just security experts, but all customers of a service (and also the press, too, BTW). This isn't easy.
Frankly, even publishing them in the first place is a triumph for most companies. If adding platitudes that annoy the security field but make the company feel a little more open to posting the notification, then I welcome the platitudes and will simply scroll right past them.
@stevetran Every now and again I glance at a #raspberrypi I have hanging from a wall in my network closet and think "I can't remember what that does". By the time I get back to a computer, I forget to try and find out.
I can relate with random #raspberrypi findings.
Mastodon is going through growing pains just. like. every. other. social network did. Every network that spins up goes through a period of "new net, who dis" while the humans try to figure what they want to get out of the network. There's moderation issues (over/under moderation), assholes and trolls, and general discussions of acceptability that eventually converges on a concept of acceptable content. Brands eventually showed up and participated, government representatives eventually saw social networks as a way of interacting with the people they serve. In the early days of social networks, government regulation wasn't a thing - Mastodon might be allowed some runway why they try and figure it out.
Sorting through all of these took /years/. I know people are excited right now about Mastodon, but this is going to take time to sort out. Make sure you participate, post the things you want to post, follow the people you want to follow, boost the content you enjoy. Put. in. the. work. to make this what you want to to be. But know that it's going to take time and if you don't stay here and participate, Mastodon will not rise into something that can continue on its own momentum.
Wendy Nather
Jerry đĻđđĻ
Alyssa Miller đŠī¸â 
â
Cat đđĨ (D.Burch) 
â 
f00f/eris/continuum/etc