- Risk Management Shrinking vs. Slicing the Pie of Online and Computer Crime
Most security defenses "slice the pie"—making your target less attractive shifts attackers elsewhere without reducing overall crime. "Shrinking the pie" requires disrupting the ecosystem: stronger...
- Risk Management The Role of Rituals in Information Security
Security practices often function as rituals—painstaking steps we follow out of habit that provide a sense of control. Rituals reduce stress by overloading working memory, blocking intrusive...
- Tools Analyze Memory of an Infected System With Mandiant's Redline
Mandiant's free Redline tool triages potentially compromised hosts through live memory analysis, replacing Audit Viewer. It uses Memoryze to capture memory, assigns Malware Risk Index scores using...
- Risk Management Herd Behavior in Cybersecurity: The Good and The Bad
Cybersecurity exhibits herd-like behavior, with both benefits and drawbacks. Higher vigilance by some professionals lets others focus elsewhere, which strengthens collective defense. But anxiety is...
- Risk Management Fear vs. Anxiety in Cybersecurity: What We Can Do
Fear involves specific threats that can be addressed, while anxiety is a reaction to abstract concerns that's harder to resolve. Much security FUD induces anxiety rather than actionable fear....
- Leadership Limitations of Frameworks in Information Security
Security frameworks like ISO 27002 and PCI DSS provide structure, but organizations often adopt them blindly without considering applicability. Companies misinterpret prescriptive standards to suit...