Slavish adherence to guidelines considered…inadvisable?

Posted on November 20, 2015 in Security • Tagged with security, logging, linux, audit, breach, IT, business, CIS, guidelines • 7 min read

Industry “best practices” are STILL no substitute for expert help. Yes, this is one of ‘those’ stories.

Recently I was going over some logs trying to track down a mysterious ‘disappearing’ directory. Situations like this are typically not mysterious in the least, since directories don’t disappear. Either they’re …


Continue reading

Dealing With Breaches

Posted on July 31, 2014 in Security • Tagged with security, breach, IT, business • 6 min read

Security is hard. Much too hard to treat effectively in any one blog post or even one book. It’s a complicated, multifarious discipline that combines a host of observational and technical sub-disciplines. The same is true, to a lesser degree, for breach management. On the one hand, a large …


Continue reading