The SAS 70 Emperor Has No Clothes
A commonly cited auditing standard has little use for cybersecurity. When you put your data into the cloud, you turn over control. Operational responsibility moves to your cloud provider and you also lose visibility. You no longer do the work, you can’t even watch the work being done. However, you are still responsible for its […]
We Need Randomness!
What is entropy? if you ask a chemist or physicist, entropy is disorder or heat. If you ask an electrical engineer, entropy is both of those but it is also a measure of potential information content. James Glieck’s wonderful book The Information addresses this in detail, but the short version is that an unpredictable data […]
Circles are Bad. OVAL is Good.
In information assurance, it is critical to have the best reporting about your vulnerabilities. Vulnerabilities, as you may recall from an earlier blog, are software flaws that may leave a system open to exploitation. There are tools that help identify and assess vulnerabilities. They are called vulnerability scanners, or VA tools. These are tools designed […]
Welcome to Our Cybersecurity Blog
Welcome to our newest blog, Perspectives on Security and Information Assurance! Learning Tree offers a range of cybersecurity courses from CompTIA certification to Cloud Security Essentials to CEH: Certified Ethical Hacker and more. This blog will feature perspectives of expert Learning Tree authors and instructors, covering all the latest in cybersecurity trends, news, and training […]