Tools for Reducing Software Vulnerabilities
NIST, the US National Institute of Standards and Technology, released a report last December, “Dramatically Reducing Software Vulnerabilities.” It has multiple useful and interesting ideas for improving vulnerabilities in software. I want to highlight two that I felt were most important. 1. Education There is no technological substitute for developer discipline. Education is not just […]
3 Ways Lists Can Help You Prepare For the CompTIA Security+ Exam
After teaching Learning Tree’s CompTIA Security+ exam preparation course I don’t know how many times, I am more convinced than ever that, at most, about one person out of every twenty is ready to take the test on the morning after the last day of the course. Even those uncommon people benefit from the review […]
Asimov Created Three Laws of Robotics, So How About Cyber Security?
Someone asked me why cyber security seems so vaguely defined. Surely there must be some standard set of laws like in Asimov’s fiction. No, not that I know of, but maybe I could help. In “I, Robot”, a 1950 collection of nine short stories, Isaac Asimov introduced his Three Laws of Robotics: 1: A robot may […]
Are Programming Languages Secure?
The informative and instructive posts on this blog about programming in the R Programming Language, and a colleague’s recent suggestion that I use F# for a particular task, got me thinking about the current proliferation of programming languages. As a working college student, I designed and implemented a couple of programming languages and modified […]
Cyber Security: Where Do I Begin?
When I teach Learning Tree’s System and Network Security Introduction, participants often ask me similar questions at the end of the course: “There is a lot of material here, how can I begin to implement it at work?” “How do I know our security plan is good enough?” “Is there any help on ensuring that […]