Four inches of snow fell in Denver last week and—after grumbling about the need to schlepp heavy, potted tropical plans inside to winter overseeing the snow launched the first anxiety attack about the need to prepare for ski season. Start the 100-lunges-per-day routine, work on core strengthening, checking the condition of gear. The feeling of […]
Simply Cyber (vol 19): Back to Schooling and Retooling
So much excitement around the first month of school! Assembling the essential tools: glue stick, pencils, erasers, pens, notebooks (analog and digital). Catching up with schoolmates that you’ve missed. The National NIST MEP Summit (September 15 to 18) had that same back-to-school feel: reboot of MEP initiatives, and new tools and techniques shared. MEP Cyber […]
Simply Cyber (vol 18): SETTING YOUR PACE—SECURING YOUR SPACE
How do you pace yourself? Slow and steady? Intense sprints with mini-breaks? Crazy fast like Tyler Andrews, the person who ran the 61km Salkantay Inca Trail in a FKT (fastest known time) of 6:13:03? We all perform at a different pace. My summer group hikes invariably start in a kind of peloton that then stretches […]
Simply Cyber (vol 17) – Cyber Safe Summer Travel Tips
Packing up for summer vacation? There’s an app for that—multiple apps, actually, including the top five recommended by the guru of credit card cognoscenti, The Points Guy. Personal hygiene and clothing tips rank high on these thou-shalt advisories. Alas, cyber hygiene tips are not included in these curated packing lists! Here are a few recommended […]
Simply Cyber (vol 16) – ALL ABOARD: DESTINATION DFARS COMPLIANCE AND NIST 800-171 Rev 2!
The Department of Defense is launching an acquisitions and procurement model that specifically targets supply chain security and is bringing in third-party auditors to promote enforcement. The draft version of NIST 800-171 Rev 2 (the promised next iteration of the DFARS 7012 clause enforcement effort) was released for comment on 19 June 2019. A companion […]
Simply Cyber (vol 15) – CYBER SPRING CLEANING: KATA TAKES
To keep or not to keep, that is the question, whether you celebrate National Spring Cleaning Week (UK: March 4 to March 10), or National Pack Rat Day (US: May 17), or National Cleaning Day (Sierra Leone: monthly). Whether a day, a week, a month . . . the point is to start changing behavior […]
Simply Cyber (vol 14) – HORSE SENSE: BETTING ON NIST 800-171 COMPLIANCE
The “Run for the Roses” can be lost by a nose: Split-second decisions by jockeys may determine who wins/who loses in the 145th Kentucky Derby (4 May 2019). A “sure bet” is not guaranteed. Oddsmakers take a long view in their decision-making, however. They study records and performance to reduce the risk of betting on […]
Simply Cyber (vol 13): The Reqs They Are A-Changing
Come gather ’round people Wherever you roam And admit that the waters Around you have grown And accept it that soon You’ll be drenched to the bone. If your time to you Is worth savin’ Then you better start swimmin’ Or you’ll sink like a stone For the times [reqs] they are a-changin’.[i] Bob Dylan […]
Simply Cyber (vol 12): The Cyber Security Kaizen Challenge
Deploy MAC filters, obscure identifier feedback, employ replay-resistant authentication: Cyber security techno-advice can be as difficult to unwrap as the excess packaging around children’s toys. (How many metal staples does it really take to secure Barbie’s head?) Two of the fundamental principles underlying cyber security — integrity and availability — are especially familiar to manufacturers who […]
Simply Cyber (vol. 11) – Rethinking My Participation in the (Information) Sharing Economy: New Year’s Resolutions
Cybersecurity incidents are ringing out the old year with the early December announcements of compromised users accounts: 500 million for Marriott/Starwood Preferred Guest (SPG), 100 million for Quora (a “self-organizing” question-and-answer forum), and 52 million for Google+. Next year I intend to distance myself a bit from the sharing economy by managing more closely what […]