My Writing

• Assessments Security Assessment Testing for Client-Side Vulnerabilities
  Client-side penetration testing mimics real attacks by targeting unpatched desktop software via malicious emails or websites. Three approaches offer increasing intrusiveness: tracking link clicks to...
• Risk Management Herd Behavior in Cybersecurity: The Good and The Bad
  Cybersecurity exhibits herd-like behavior, with both benefits and drawbacks. Higher vigilance by some professionals lets others focus elsewhere, which strengthens collective defense. But anxiety is...
• Tools Remotely Find Outdated Adobe Reader With HBGary AcroScrub
  HBGary's free AcroScrub utility remotely scans Windows hosts via WMI to find outdated Adobe Reader installations. During malware outbreaks exploiting Reader vulnerabilities, such lightweight...
• Risk Management Fear vs. Anxiety in Cybersecurity: What We Can Do
  Fear involves specific threats that can be addressed, while anxiety is a reaction to abstract concerns that's harder to resolve. Much security FUD induces anxiety rather than actionable fear....
• Leadership 4 Reasons Why Computer Users Dread Installing Security Updates
  Users avoid updates because they require too many clicks, downloads are heavy, finalizing requires reboots, and mechanisms fail for non-privileged users. Google Chrome and Windows Update show better...
• Leadership Limitations of Frameworks in Information Security
  Security frameworks like ISO 27002 and PCI DSS provide structure, but organizations often adopt them blindly without considering applicability. Companies misinterpret prescriptive standards to suit...