-
Andres Galarza posted a new activity comment 8 years ago
Barack Obama Talks AI, Robo-Cars, and the Future of the World
President Obama had an interview in November’s issue of Wired and he made a few interesting points about cyber security.
OBAMA: “Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls. Increasingly, I find myself looking to…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Oops I guess it doesn’t like “” brackets.
I am using myuserID.pem and trying to decrypt myuserID_theiruserID.enc
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Running into an issue with Practical Assignment 5.2
The final step of this section where we are supposed to use our private key to decrypt the .enc file that is a combination of our userID and a partner’s userID I am given the following error.
“unable to load Private Key”
I am using the following command
1. openssl rsutl -decrypt – i…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
https://www.sec.gov/news/pressrelease/2016-133.html
“SEC Proposes Rule Requiring Investment Advisers to Adopt Business Continuity and Transition Plans”
Registered investment advisers would be required to have and execute written business continuity plans.
This could be a great thing for clients and investors who are concerned about what…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
So, I was a little confused in answering this question, because I’m not sure if you’re looking for a “X amount of hours” answer or a more general “this is what RTO” is answer. In either case, the FEMA document you mentioned as a hint has the following in Annex H, Subsection 7:
“Organizations must ensure that the communications capabilities…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
For the “health” of the business, it is very practical to do testing of the Business Continuity Plan (BCP). However, testing (by nature) can be disruptive and intrusive. In the “Disaster Recovery and Business Continuity Planning” article by Yusufali Musaji that we read this week, he gives four methods for testing.
They are:
– Hypothetical
-…[Read more] -
Andres Galarza posted a new activity comment 8 years, 1 month ago
As Dr. Singleton points out in our “What Every IT Auditor Should Know About Backup and Recovery” reading, Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) are two distinct concepts.
The DRP is put in place to address the loss or interruption of digital/business infrastructure as a result of a disaster, such as a fire or a…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Anthony,
Thanks for the detailed explanation and sources. As someone who (regrettably) didn’t do so hot in many of his math classes, this week’s Cryptography topic has been a challenge to learn. Between your post and some YouTube lectures I found, I think I have a better understanding.
For others, here are the videos I found:
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
For an organization choosing among Denver Colorado, Miami Florida, Redlands California and Tulsa Oklahoma, from a physical security perspective – where would be the best place to locate their data center? Why is this place better and the other places worse?
As others have said, Denver, CO would be the best location for the data center to be l…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
‘Security Fatigue’ Can Cause Computer Users to Feel Hopeless and Act Recklessly, New Study Suggests
NIST conducted a study on the weariness that users express when they are forced to adhere to certain types of security policies. Our program makes it clear that the largest vulnerability in an organization is it’s people. However, I think it’…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Security Design: Stop Trying to Fix the User
https://www.schneier.com/blog/archives/2016/10/security_design.htmlI think that Mr. Schneier wouldn’t necessarily absolve end-users of all responsibility, but his point on security professionals laying too much of a burden on users is well taken.
The internet has given us tools that make life…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
– Just 26% said notifying the CEO is among their top priorities, ahead of the rest of the staff (25%) and customers (18%).
That’s crazy. The article reeks of “this is not really a priority for the business leaders”.
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Yu,
That YouTube video is amazing.
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Although this deviates a little bit from the question being asked this week, I wanted to share a blacklisting example I run into a lot at my work.
My employer has two network types that it uses to connect to the internet. The first is used mostly for enterprise-wide communication (Outlook), the second is used mainly to conduct research and…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 1 month ago
Linux or Windows? Seems like nothing starts a war in the IT department like this topic… but which is better?
I’m a lifelong Windows user and have never used Linux. However, I’d hesitate to say one is comprehensively better than the other. Windows obviously enjoys a huge market share advantage over Linux in desktops, but Linux has more or c…[Read more]
-
Andres Galarza changed their profile picture 8 years, 1 month ago
-
Andres Galarza changed their profile picture 8 years, 1 month ago
-
Andres Galarza changed their profile picture 8 years, 1 month ago
-
Andres Galarza posted a new activity comment 8 years, 2 months ago
Anthony,
“For one, if the logon credentials don’t yield access to sensitive information, there is little to no risk. Additionally, if the convenience factor of Single Sign-On increases productivity significantly, the financial gains the company reaps could outweigh the risk of logon credentials being compromised.”
I think this is key to t…[Read more]
-
Andres Galarza posted a new activity comment 8 years, 2 months ago
This is my first semester in the ITACS program. I live in Center City, Philadelphia with my wife and 2 cats. I became interested in the program because I currently work as a Cyber Security Systems Engineer for the navy. That fancy sounding title just means that I help secure the information technology systems that operate a ship’s mechanical…[Read more]