My Writing
- Malware Evolving Threats: The Long Tail of Potential Data Breach Victims The "long tail" of potential breach victims—numerous SMBs comprising 80% of the population—attracts attackers who prefer quantity over quality. These targets have weaker defenses and there are many...
- Risk Management Border Bias and Risk Perception in Information Security Research shows people irrationally believe state borders can protect against disasters, underestimating risks from across the line. In security, firewalls and other devices may create similar...
- Social Networking Using Twitter for Public Relations During a Data Breach Incident Twitter can be effective for data breach PR—research shows tweets reduce negative feelings and decrease support calls, especially when from employees rather than executives. Use it to acknowledge...
- Malware Protect Files From Malware With Windows Integrity Levels Windows integrity levels can protect sensitive files from malware. Use the Chml tool to set a file to High integrity level with "no read up" policy enabled. Since malware typically runs at Medium...
- Encryption Fun Ways to Change Behavior and Improve Security Fun can act as positive reinforcement for security behaviors—more powerful than negative reinforcement. Ideas include rewarding badge swipes with jokes, entering complex password users in raffles,...
- Malware Protect Processes from Spyware With Windows Integrity Levels Windows mandatory integrity levels (Low/Medium/High) can protect against keyloggers. User-mode malware typically runs at Medium level; launching sensitive applications like password vaults with "Run...