Category Archives: Security

Trolls

I hate it when I get caught by trolls. No, there is no new LinkedIn breach. I read the article and missed the date on it. Thanks Jayson Street for pointing out the date to me. 

Posted in InfoSec | Tagged , , | Comments Off on Trolls

Eric Update

As many of you probably know by now, we sold Core Security. Courion and Core Security will be merging as a result of the sale. This is good for Core. At the same time, I am leaving Core Security and … Continue reading

Posted in Career, General, Life and Times, Security | Tagged , , | 1 Comment

Information Security and Tanks

Not too long ago my good friend, Michael Farnum, invited me to be the closing speaker at HouSecCon. I told him I would love to … then he asked me to give a talk that involved my military experience and … Continue reading

Posted in Career, InfoSec, Life and Times, Military | Tagged , , , | Comments Off on Information Security and Tanks

Emergency Preparedness and Cyber Security

This week I had the opportunity to be the plenary speaker for the Alaska Homeland Security Preparedness Conference. It was a great chance to talk to folks who worry about terrorism and natural disasters and convey to them the impact that … Continue reading

Posted in Conferences, CyberWar, InfoSec, Security | Tagged , , , | Comments Off on Emergency Preparedness and Cyber Security

Thinking About Reducing Risk

Wow, it’s been a long time since I’ve posted here. I’ve been kinda busy, tons of travel, sending a kid off to college, BlackHat and DefCon and DerbyCon, lots of engagement with customers around the idea of a mature vulnerability … Continue reading

Posted in Risk Management | Tagged , , | Comments Off on Thinking About Reducing Risk

Recently a CEO that I worked for in the past reached out to me. Like many successful CEO’s, he has “retired”. But do you ever really retire at that point? John now sits on the board of a few companies … Continue reading

Posted on by ecowper | Comments Off on Advice for Board Members

Do The Security Basics Well ….. AGAIN (and again, and again)

I’m not really sure what it is going to take for people to do Information Security basics well. Just how many multi-million credit card breach, PLA attacks a hospital company, hacktivists use insider to breach you headlines is it going … Continue reading

Posted in Career, InfoSec, Security | Tagged , , , | Comments Off on Do The Security Basics Well ….. AGAIN (and again, and again)

The Threat & Vulnerability Management Maturity Model Arrives

If you follow my blog, you know the Threat & Vulnerability Management Maturity Model has been in the works for a while now. I’m happy to report the full model has finally been published in Core Security’s latest white paper. What’s … Continue reading

Posted in InfoSec, Security, Vulnerability Management | Tagged , , , , , , | Comments Off on The Threat & Vulnerability Management Maturity Model Arrives

23 Years is a Long Time

I woke up in the Middle East this morning. In Dubai in the United Arab Emirates, to be precise. This isn’t the first time I have been in the Middle East. I’ve been to Saudi Arabia, Kuwait, Iraq, Egypt and … Continue reading

Posted in Conferences, Travel | Tagged , , , , , , | Comments Off on 23 Years is a Long Time

Another Preventable Breach

Another entry in the “Preventable Breach” and “We could have prevented this” columns. This appears to be all about change and configuration management. An area that really needs some work, clearly. Brian Krebs announced last night that there has been a … Continue reading

Posted in InfoSec, Security, Vulnerability Management | Tagged , , , , | Comments Off on Another Preventable Breach