8 reasons why your security awareness program sucks

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing. I have to admit that it is frustrating to have to argue with people who claim that awareness is always bad. They argue that since there will always be a single failing, then it is not worth the effort to have an awareness program in the first place. Of course, I vehemently disagree. However to debate people, and address their points, at least in the eyes of decision makers, you need to understand the foundation of their arguments and accept the premises that are true.To read this article in full or to leave a comment, please click here(Insider Story)

8 reasons why your security awareness program sucks

As a person who primarily focuses on the human aspects of security and implementing security awareness programs, people are surprised when I am neither upset nor surprised when there is an inevitable human failing. The reason is that I have come to the conclusion that most awareness programs are just very bad, and that like all security countermeasures, there will be an inevitable failing.To read this article in full or to leave a comment, please click here(Insider Story)

Human error biggest risk to health IT

In the race to digitize the healthcare industry, providers, insurers and others in the multi-layered ecosystem have failed to take some of the most basic steps to protect consumers' sensitive health information, a senior government official is warning.Servio Medina, acting COO at the Defense Health Agency's policy branch, cautioned during a recent presentation that too many healthcare breaches are the product of basic mistakes, ignorance or employee negligence.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "These are things that could be prevented," Medina said. "Today's training and awareness efforts that we provide currently are simply not effective. They are not enough. We have to do something radically more and different."To read this article in full or to leave a comment, please click here

Human error biggest risk to health IT

In the race to digitize the healthcare industry, providers, insurers and others in the multi-layered ecosystem have failed to take some of the most basic steps to protect consumers' sensitive health information, a senior government official is warning.Servio Medina, acting COO at the Defense Health Agency's policy branch, cautioned during a recent presentation that too many healthcare breaches are the product of basic mistakes, ignorance or employee negligence.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "These are things that could be prevented," Medina said. "Today's training and awareness efforts that we provide currently are simply not effective. They are not enough. We have to do something radically more and different."To read this article in full or to leave a comment, please click here

Top Raspberry Pi news of the week: Magic mirror; Micro:Bit gets real; more on Android

This week for our Raspberry Pi roundup, we check out a little bit of magic, check in on the competition and follow up on some exciting Android-related buzz.Magic mirror – from Microsoft? Raspberry Pi Foundation official blog The magic mirror is a popular Raspberry Pi project, combining relative ease of construction with a pretty eye-catching result – who wouldn’t want a mirror that shows you the weather, your appointments and maybe the news when you look into it in the morning?To read this article in full or to leave a comment, please click here

Micro-segmentation Defined – NSX Securing “Anywhere”

The landscape of the modern data center is rapidly evolving. The migration from physical to virtualized workloads, move towards software-defined data centers, advent of a multi-cloud landscape, proliferation of mobile devices accessing the corporate data center, and adoption of new architectural and deployment models such as microservices and containers has assured the only constant in modern data center evolution is the quest for higher levels of agility and service efficiency. This march forward is not without peril as security often ends up being an afterthought. The operational dexterity achieved through the ability to rapidly deploy new applications overtakes the ability of traditional networking and security controls to maintain an acceptable security posture for those application workloads. That is in addition to a fundamental problem of traditionally structured security not working adequately in more conventional and static data centers.

Without a flexible approach to risk management, which adapts to the onset of new technology paradigms, security silos using disparate approaches are created. These silos act as control islands, making it difficult to apply risk-focused predictability into your corporate security posture, causing unforeseen risks to be realized. These actualized risks cause an organization’s attack surface to grow as the adoption of new compute Continue reading

Useful Utilities

Troubleshooting and managing a network is much easier when you have the proper tools. Anybody who has been in the IT world for a time likely has a stash of small, portable, and often free programs they use to help in this area. Here is a list of my most-used utilities. To skip the descriptions […]

The post Useful Utilities appeared first on Packet Pushers.

Technology Short Take #67

Welcome to Technology Short Take #67. Here’s hoping something I’ve collected for you here proves useful!

Networking

  • Anthony Burke has written a script that uses VMware NSX to protect VMware Log Insight instances. More information on the script is in his blog post.
  • Russ White tackles the issue of networking engineers needing to learn to code. Is it necessary? Russ thinks so—but probably not for the reasons you might think. I tend to agree with Russ’ line of thinking.
  • This article from Marcos Hernandez shows one way to do dynamic routing in OpenStack. It’s a bit of a hack, to be honest, but it gets the job done until dynamic routing makes its way into OpenStack Neutron (which looks like it may have landed in the Mitaka release—can anyone confirm?).
  • Jason Messer has an article describing how networking works with Windows containers.
  • Tom Hollingsworth discusses how the rise of overlay networks killed large layer 2 networks and tools for building large layer 2 networks, like TRILL.
  • Dmitri Kalintsev examines some options for addressing storage-related connectivity in NSX environments.

Servers/Hardware

My fellow Republicans: don’t support Trump

Scott Adams, the creator of the Dilbert comic strip, has a post claiming a Trump presidency wouldn't be as bad as people fear. It's a good post. But it's wrong.

Trump is certainly not as bad as his haters claim. Trump not only disables the critical-thinking ability of his supporters, but also of his enemies. In most conversations, I end up defending Trump -- not because I support him as a candidate, but because I support critical-thinking. He's only racist sometimes, most of the time I love his political incorrectness.

But with all that said, he would indeed be a horrible president. As a long-term Republican, I'd prefer a Hillary Clinton presidency, and I hate Hillary to the depths of my soul. She's corrupt, and worst of all, she's a leftist.

But there's a thing worse than being a leftist (or right-winger) and that's being a "populist demagogue". Populist demagogues tell you that all your problems are caused by them (you know, those people), and present unrealistic solutions to problems. They appeal to base emotion and ignorance.

When nations fail because of politics, it's almost always due to populist demagogues. Virtually all dictators are a "man of the people", protecting Continue reading

Apple sends out invites for WWDC 2016

We already knew the dates for WWDC, but now it's 100% official. Apple yesterday began sending out invitations to select media outlets confirming that its annual developers conference will kick off at 10 am Pacific Time at the Bill Graham Civic Auditorium in San Francisco on June 13.Per usual, Apple's WWDC event will primarily, if not exclusively, focus on updates to various pieces of Apple software. That being the case, we'll most definitely get a sneak peak at iOS 10 and there's a good chance we'll also get a glimpse at the next-gen version of OS X.Operating systems aside, rumblings from the rumor mill suggest that Apple this year will finally open up Siri to third-party developers by way of an SDK. What's more, there's also a slight chance that Apple will roll out a complete overhaul of Siri itself. Also rumored to be on the agenda is a revamp of Apple Music. Though Apple's streaming music service already has upwards of 13 million subscribers, the service has been riddled with UI and various functionality issues.To read this article in full or to leave a comment, please click here

Apple’s enterprise partnerships, big and small, start to pay off

Apple has been the target of recent criticism for its current pace of innovation. However, though the company's slow-and-steady approach to the enterprise may not be winning over financial analysts, it is proving to be an effective strategy for expansion into the business market. Apple set the stage for a formal courtship of the enterprise nearly two years ago, when it inked an alliance with IBM. Since then, the company has struck deals with Cisco and SAP to tap the strengths of these stalwarts in enterprise services and mobility, in additional to a number of smaller players. To read this article in full or to leave a comment, please click here

1 2,886 2,887 2,888 2,889 2,890 3,808