redlion

CCPA and why you should care (DPAC)

California Consumer Privacy Act of 2018, (CCPA), is just the first state bill after GDPR came through. Will there be more? How much interruption of your business will it entail? Should you care at all? Why or why not? Current CCPA Legislation: https:/leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375 Refrences: https:/www.bna.com/ten-things-probably-b57982096045/ https:/www.techdirt.com/articles/20160329/08514034038/att-tries-to-claim-that-charging-users-more-privacy-is-discount.shtml https:/blog.returnpath.com/gdpr-vs-ccpa/ Link to the slides:  https:/www.slideshare.net/swl126/california-consumer-privacy-act-of-2018-ccpa-dpac-call/swl126/california-consumer-privacy-act-of-2018-ccpa-dpac-call

GDPR Trickery

  Blockchain is a technology designed for several goals. It’s designed to be immutable, where nothing can be changed. It’s designed to be decentralized, where multiple people can hold copies of the database. And it’s designed to be non-repudiatable, as a side effect, really, of the immutability. So we’ve got a database where nothing can …

GDPR Trickery Read More »

Hackers aren’t all bad… $15k for Puerto Rico Recovery

Janice Paulson, my wife, and I attend quite a few hacker conventions every year. We run BSidesDE, are semi-officially listed on the organizer’s council for BSidesDC, attend BSidesLV and Defcon, work Derbycon and Shmoocon, and probably go to another 2-3 conferences a year, besides these. And at Derbycon, in Louisville, KY, I met up with …

Hackers aren’t all bad… $15k for Puerto Rico Recovery Read More »

Focusing on the fundamentals in the software development process.

Build secure software Peter Hesse of 10Pearls wrote an article about the future and failure of information security. From Security Today, “Why is the Security Industry Failing?” is a wonderful recitation of the problems besetting the information security industry. Peter describes the money-hungry vendor culture, where every problem is seen as a potential billion dollar …

Focusing on the fundamentals in the software development process. Read More »

How Technologists and the Business don’t communicate.

Initially released February 6, 2017 for MISTI – Business for Technologists – Technologists are the bedrock of IT and IT security. They innovate, create, build, implement, maintain, and decommission the most amazing software and hardware systems ever compiled. Even something as simple as a file server, which is only supposed to store and backup files, has to …

How Technologists and the Business don’t communicate. Read More »

Business Development – The best non-four letter dirty word in infosec.

Business Development is not a dirty word. Everyone today wants to start their own business. I mean Dave Kennedy did it, how hard could it be? (Love you, Dave!) So you gather your team.  You can do the pen-testing and Jimmy over there can handle Incident Response, right? So what’s the big deal? Why aren’t …

Business Development – The best non-four letter dirty word in infosec. Read More »

X