Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Since then, many people … Continue reading
Although traditional methods of communications like RESTful APIs can be used for IOT communications, MQTT and CoAP are the two major IoT protocols for exchanging messages in IoT networks. This is a quick overview of both of these protocols.
Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC … Continue reading
Information Security is a rapidly changing field as advancements due to disruptive technologies, like SDN, IoT, NFV and others, have direct impact on security management programs. Information Security professionals, in general, are perceived to be slow in adapting to new technologies … Continue reading
Initiatives for Digital Transformation are at front and center of every major corporation to keep their business competitive and relevant. Many technology research organizations are publishing papers about different aspects of digital transformation, which is categorized as a new industrial … Continue reading
Please note that this is an older post An updated MindMap available here. It took some time to update the CISO MindMap but finally it is here. Thanks to all who provided suggestions for this update. A very rapid change … Continue reading
Embedding security into architecture and design of major IoT projects is the best way to catch problems earlier, avoid costly patchwork, lower the risk of data breaches, and to meet compliance needs. However, research shows that most of the times … Continue reading
IoT is not only about connecting machines; the technology can do countless other amazing things. Recently I had the privilege of working with few non-profit organizations promoting education. The solution involved Raspberry Pi, which is used in many IoT application, to … Continue reading
Phishing is becoming a major threat vector and preferred method for attackers to break into victim networks. Verizon Data Breach Investigations Report shows that more than two-third attacks in espionage category used phishing as an attack vector. Typical phishing attacks … Continue reading
Data Breach Digest is the latest report from Verizon RISK team. This is the same Verizon team that publishes Verizon Data Breach Investigations Report or more commonly known as DBIR. The main idea behind the Data Breach Digest is to … Continue reading