Video detailing the hijack of the torpig botnet January this year, presented by the UCSB professor leading the university’s seclab - Richard Kemmerer.
I know, it’s old news. Still interesting content if you’re new to botnets, or haven’t kept up on this particular story. Runtime is 1:14hrs
Telus and the University of Toronto have teamed up to deliver their second annual ‘Joint Study on Canadian IT Security Practices’.
A few weeks ago, I was invited to the ISACA presentation in Toronto where the authors of this report reviewed the executive summary. I’m still getting through the full report, but so far it’s an incredible wealth of information. I’m really surprised that this isn’t something that’s seen a lot of media attention and I haven’t seen it picked up on any of the major security news feeds or mailing lists.
Anyhow, the full report is available here (free registration required): http://www.telus.com/securitystudy
It’s great to see specific information for IT security in this country. Constant comparisons to US or global surveys isn’t always the best and tends to differ enough from what I’m seeing here, that it’s not always useful for influencing decisions.
A few highlights:
Definitely check this one out. I’d rank its value with that of the annual Verizon Data Breach Investigations Report.
They always start this way. It’s a rule or something.
As some of you may have guessed, this is a blog. Welcome! I’m Erik. I work at a Canadian IT services/hosting company managing everything security. This includes incident response, sales, engineering, compliance, audit, risk management, training and privacy matters. In my spare time I try to change the culture to accept security as something as near and dear to its heart as profit is.
Yeah, it’s an uphill battle, but such is this line of work. You either have to be the kind of person to always cheer for the underdog, love a challenge, and be seriously OCD. I happen to be all three.
Anyhow, my primary intent of this whole blog is to write content that people can learn from and build upon. I’ve spent years leeching information from tens of thousands of email threads, RSS feeds, forums, IRC channels, vendor articles, user groups, government reports and the like. I think it’s long due that I begin adding to this community I love. Hopefully one of these posts helps someone, somewhere. Lord knows, we could use more people with clue and passion.
Enjoy.
