Leonardo

I guess I would have to say that the key point of the class is that data never lies, but it sometimes provides too much information to be useful. So to truly make use of data a person has to learn the tools and […]

The ideas in this article can be applied to a lot of elements of security. While the article focuses on the speed of the millions of transactions being run, the idea of “shining a light” on what is past the 99th […]

Since we talk so much about data and analysis in this class I thought this would be a good article to share with all of you. […]

http://krebsonsecurity.com/2014/04/crimeware-helps-file-fraudulent-tax-returns/

Crackers have found a way to steal information from the HR departments of companies to steal information for the sake of filing […]

I prefer mindmaps over most types of visualization because the process of creating a mind map can also help you to see connections that you could not see before. Because the mind map deals more with concepts than […]

http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html

We have all read about the heartbleed vulnerability. The revelation that the NSA may have been aware of the […]

Here is one of the “Hacks” that applies to ATMs. If the Hacker is going to do all this work, then they are going to be able to get around most of the defenses an OS could provide.

How to Hack an ATM

I have no read any information anywhere to make me think that ATMs will be more vulnerable after Microsoft discontinues its support of XP. The hacks of ATMs that I have seen involved some sort of modification of […]

I agree with both of the comments above regarding unusual behavior. Although an auditor might want to keep in mind that workaholics do exist. The problem is when a person will not let go of work and moves to […]

I’m not going to discuss what went wrong with the Target case, but I think that Oyin raises a great point with her questions. Why was there such a mismanagement of the situation? We all read the things that went […]

If I were a consultant at Disney I would worry about data leaks, and people stealing the information of other guests or using the accounts of other guests to make purchases. It has been documented that RFID […]

What advice would you give to make sure an ERD accurately represents the business event it is supposed to capture?

I would have the databases end users involved in the design of the ERD. Although a database […]

1.As many people have mentioned this information is sufficient for a person to commit credit card fraud or to find out more about you. Once you have a person’s name, social, and date of birth its not difficult to […]

https://www.linkedin.com/today/post/article/20140215200145-131079-the-myth-of-the-bell-curve?_mSplash=1&_ga=1.35075746.263806796.1365624026

I found this article about the bell curve to be pretty interesting.

I agree with Oyin, in that the incentives were focused on the wrong people and gaming the system was entirely too easy.

While active recruiting is always difficult this system is entirely too easy to abuse […]

I would focus on perimeter security and network security.

on a daily basis I would monitor intrusions, depth of penetration, and network traffic and outgoing traffic.
on a weekly basis I would monitor […]

What’s an example of knowledge you possess–something you know?

What is the line between knowledge and skills that have been acquired? I agree with Oyin, in the article by Mr. Weinberger is that he seems to be […]

Continuous Audit is a useful technique for various reasons:
-it increases control effectiveness
-it enables quick response
-it sets the right tone if supported by management
-It can help create benchmarks […]

Just got your email. Looking forward to class next week.