End of the year and time to reflect on a few things. Every year I try and make some predictions, see how I’ve done on some others, and plan out some goals for the rest of the year. I also…
Thinking about cyber conflict and the role of metaphors in strategy and tactics
Technology and tactics within the realm of cyber conflict are fairly well understood. Networks have been with us for a long time, and we have a fairly good grasp on the exploitation of vulnerabilities. Yet there is an unhealthy focus…
Threats and heuristics in enterprise risk management (infosec)
When trying to assess enterprise risk and the threats vectors that create risk there are standard models or derivations of frameworks that are found in the literature such as NIST and Octave-Allegro . The current practice is to take the various…
Why a cyber Billy Mitchell/Hyman Rickover won’t fix this…
Rickover and Mitchell were visionary ambassadors and petty tyrants of their respective domains of war fighting. Each working in their own peculiar way eviscerated leadership on the way to promoting new ways of waging war. The history is pretty detailed…
Vegan Ravioli
Here is one of the challenges I have been facing our vegetarian diet. My husband love ravioli. He is also lactose intolerant. The challenge has been to find a no cheese ravioli. You can easily find ravioli filled with meat…
Who wrote Stuxnet?
Who cares?
Blood is thicker than TCP/IP
Jeffrey Carr predicts 2012 isn’t going to be a pretty way forward for information security professionals, industry or governments. He has a couple of points I’d like to dissect a little bit. I’m not much for alarm bells. We’ve had…
Positions on risk and information security
Consider the risk management of information and the principles of risk themselves. Do we have a culture that is working so far to right of the normalized curve of expectations that we’re expending huge amounts of resources for very little…
Concept Map: Enterprise Risk Management
EDIT 2/27/2012 — A lot of people are showing up looking at this lately. I have an update on it that I can post if you are interested. Using the comment function is onerous but let me know if you…
An argument for a comprehensive definition of cyberspace
Contention: There is a contention that cyber is the electromagnetic spectrum and that point is countered by a position that cyber is larger than or composed of more than the electromagnetic spectrum. The proponents of the electromagnetic spectrum say that cyber…
Who would show up at your funeral?
The Internet has done strange things to us. We think we are more important than we are and we have ways to measure that. We think we have relationships with people we have never met and are not likely to…
Evaluation of the balance of scholarship and research effecting gender issues of environment and cognitive model processes
Abstract This paper explores two areas of the gender and technology in education issues. The first issue explored is the cultural and environmental issue that has a significant amount of scholarship associated with the specific elements. The second issue is…
Less is more: Orphan computers and mission assurance
Unlike a lot of technologists I don’t have a bevy of personal computers I use. I only have one primary computing device, one phone, and that’s it. Yes I have a couple of computers for work that are used at…
The scientist dilemma: How innovation was murdered by politicians
I see a problem with the continuing move toward corporate science. As corporations upgrade their research arms (good) there is not an associated upgrade to public research (bad). I trace a lot of the current scientific redundancy back to the…
Draft: Cyber paradigm: Depiction of educational divergence
Another graphic from Sam’s little black book of ideas. This graphic is based on a lot of work I did while at Purdue. There isn’t anybody looking at the cyber schism currently, but what it shows is the difference in…