Skip to main content

The WiKID Blog

Viewing posts tagged Information Security

infosec-economics-article-on-security-pipeline

There's an interesting article on Security Pipeline about the economics of information security. The article discusses why ROI is a poor measure, echoing my first post. But it misses out on a key point: that investing in security reduces your weighted average cost of capital and that you must include the cost of capital in your investment analysis.

shame-ostracism-blogs-and-xss-flaws

There is an excellent post on Security Fix Blog about cross-site scripting flaws at major financial institutions pointed out by Lance James (author Phising Exposed.

student-interest-in-wikid

We get a good number of hits from .edu domains and I was recently asked by a student about using WiKID for a class project on two-factor authentication. This is great and highly encouraged. Feel free to download the commercial server and test it for educational purposes. Obviously, you can really look under the hood of the open source version

summary-of-identity-landscape

I really need to spend more time thinking about identity and focusing on what WiKID needs to do in the identity space. You'll have an identity no matter how you authenticate, but the more you rely on your identity the more important it becomes and the more secure it should be. But I think most of the identity players are focused on making identity easier - i.e. fewer logins.

infoworld-on-how-to-become-a-great-information

Consistency, covering the basics and using metrics Great article for all management, not just information security. When problems crop up in management, it is usually because either we stopped doing some basic thing like cross-department meeting or it could have easily been avoided by implementing some new simple thing.

Recent Posts

Archive

2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom