Making Common Sense out of
Security

Making Common Sense out of Security Making Common Sense out of Security Making Common Sense out of Security

Making Common Sense out of
Security

Making Common Sense out of Security Making Common Sense out of Security Making Common Sense out of Security
  • Home
  • Our Value
  • Our Philosophy
  • My writings
  • Profile
  • Areas of Practices
  • Need Help?
  • More
    • Home
    • Our Value
    • Our Philosophy
    • My writings
    • Profile
    • Areas of Practices
    • Need Help?
  • Home
  • Our Value
  • Our Philosophy
  • My writings
  • Profile
  • Areas of Practices
  • Need Help?

PDF Viewer

Newtons Second Law of Motion and Information Security


Friends, One more attempt from my end to give back to the professional community . Staying true to my motto of " Keep it Simple, " here is an attempt to map Newton's Second law of Motion and Information Security . Hope it helps clear some misconceptions 

PDF Viewer

Syllogism and Information Security

 Syllogism - Classical form of Deduction and Information Security .
Syllogism is a type of argument mostly used in the legal world . This article is an effort to blend syllogism with information security as we see it today. 
Black swan events are a “Reality” and so is the “Butterfly effect. “The universe needs one “Edward Lorenz” to change theories accepted for centuries and usher in a revolutionary change in the way things are seen and perceived.  

PDF Viewer

Security is Everybody's business

PDF Viewer

Principles of Security and Human Sickness-A Correlation

FOOD FOR THOUGHT

ZERO-DAY Vulnerabilities

Zero-day vulnerabilities are software flaws that leave users exposed to cyber-attacks before a patch or workaround is available. In short, a vulnerability exists but has not yet been patched. 

The simple reason for the patch not being available is BECAUSE - The Defenders and Creators – people who are Security researchers and people who are developers - have not yet become aware of them.  

Playing the Devil’s advocate here –  With the above in context, I want to use another term - Probability as used in RISK Management. 

It can be simply defined as “When the outcome of an event is unknown or unsure, it is best to discuss this in terms of probability- how likely something is going to happen”.  

Food for Thought 

1)  Can end customers trust the plethora of applications, operating systems, network devices, security devices deployed in their premises to REBOUND BACK and resume business operations after a ZERO-DAY vulnerability has been targeted by a ZERO-DAY Exploit. 

2)   Is “Defense-In-Depth” the ANSSWER to this scourge or Security Pandemic as I would like to call it. OR

3)   should organization’s look at “DEPTH-OF- DEFENSE” in addition to “DEFENSE-IN-DEPTH”. which to me means “Continuous Monitoring and Validation in a Consistent manner". 

To make this happen an organization would need multiple tools and technologies in the areas of Artificial Intelligence, Machine Learning, Threat Intelligence, Analysis, Co-relation, Detection and Response.  


So while we find answers to these questions , our customers and we as security professionals can continue to remain confused.

FOOD FOR THOUGHT

Cardiac death vs. brain death

 The most common and accepted form of death is cardiac death—the absence of the heart contracting and pumping blood due to a disturbance in its electrical activity. 

A less common type of death is brain death—the irreversible absence of all brain activity. 

  • The world is moving towards an application based digital economy. 
  • Risk Management and Governance in all shapes and forms has become more CRITICAL, then ever before. 
  • People perform processes using technology to produce the desired results. 
  • Results contribute to the fulfilment of Objectives, Goals and Missions to achieve the overall Enterprise Vision. 
  • Risks to People, Process and Technology interfere with EFFECTIVE and EFFICIENT production of Results. 
  • Attacks on organization’s digital assets are on the rise. 

All matured organizations – the Leaders, with advanced GRC processes understand one aspect better than the followers- COMMON SENSE. 

Many organizations are Brain Dead and are fast galloping towards a Cardiac Death, unless they put in corrective measures. 

Do you agree? 

COVID-19 and Cloud

First published in Feb 2021

At a recent visit to my Dr. we stuck up an interesting conversation – COVID-19 and ICU beds. The Dr informed me that no hospital however big (this is more for the Middle East) would have an ICU with more than 10 Beds. This was based on the probability of current and past threats and vulnerabilities related to human health. COVID-19 changed it all. The initial wave completely overwhelmed the system 

A few of my observations 

1) Like Cloud technologies the ICU’s in hospital could not provide Vertical and Horizontal scaling / No elasticity / No Redundancy or backup sites to fall back on 

2) People (frontline workers – Nurses, Doctors, hospital staff) were in short supply – People in the people, process, technology triad. 

3) The initial response was Protection (lockdowns, social distancing, trial and testing of different medicines to treat the virus, etc.) 

4) Later the response was more on EARLY “DETECTIONS” – Proactive testing, quarantines, isolations. This led to opening of the economy and more free movement of people. 

5) The RECOVERY, process is now in progress – Vaccinations. 

6) The Wheel is moving – Identify and Protect- Further research into new strains found in UK, Visit by WHO team to Wuhan etc. 

Do you agree?

Learn More

The content provided here is not intended to cause any harm, discomfort pain or  anguish to the readers , especially to one who have suffered the worse during the pandemic and who might have been infected with the virus. As security practitioners it is our profound duty to give back to the community at large in the larger efforts to make a better cyber world. This article is also intended to intensify efforts to decode the marketing jargons surrounding IT and Cybersecurity in particular and present a simple view which makes sense to the common man 

PDF Viewer

WHAT POWERFUL LESSONS CAN WE LEARN FROM NATURAL DISASTERS

Copyright © 2023 Making Common Sense out of Security - All Rights Reserved.

Powered by GoDaddy

This website uses cookies.

We use cookies to give you a better experience. 

Sorry I am on DIET SWEET !