Top IT Security Bloggers

  • Who cares about Security Awareness? (or: why “Just Say Security” doesn’t work)

    Mad Security
    I spend a lot of time talking with people about our awareness training efforts.  And the first thing that almost every one of our clients who “gets it” tells me is the same thing:  ”We don’t want security awareness.” That’s not how they say it, but that’s what they’re ultimately saying.   What their actual [...]

  • Everything Old is New Again…

    Mad Security
    There’s a common theme among the last couple of posts on here: first, I ranted about SANS new Securing the Human program, and then Josh got all ranty about Forrester’s “Zero Trust Model”.   Here’s the thing – my biggest frustration with both of these “innovations” in our industry is that they’re nothing new.  Both [...]

  • Trust No One – Then What?

    Mad Security
    At long last, we have been presented with the Holy Grail of information security management and protection strategies. Forrester Research recently declared the Zero Trust Model (http://goo.gl/PT348) that aims to fix the current – broken – model in terms of inherent trust levels, which areas of the network should be protected and from which perspective. [...]