Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “PunkSPIDER Back for More in 2.0”, 2) “New Cybersecurity Framework – First Step of Many”, and 1) “QOTD – Worrying about Investing in Training Employees”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference.
A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
New Cybersecurity Framework – First Step of Many: NIST finally released their official Cybersecurity Framework earlier this week. As usual not everyone is happy about this great accomplishment. The removal of the privacy appendix in January and the lack of incentives frustrated many. Personally, I am not necessarily for or against it however the framework does layout something we can all rally behind. Something that is a lot simpler and more effective than the FISMA paperwork drill of the past decade. (continued here)
QOTD – Worrying about Investing in Training Employees: I’ve heard this quote before but just saw it on the Twitters again recently so I thought I’d post it here as a quick reference for myself and others. (continued here)
PunkSPIDER Back for More in 2.0: We covered PunkSPIDER last year and it looks like they are back with version 2.0 as of January 2014. Updates include a revamped site crawler, a new user interface, a rewritten back end, updated firewall rules, and a Chrome Extension. See the video below that shows the new extension performing instant analysis of a site’s security. My only complaint is that we are not listed in the index yet. (continued here)
DoD Approved 8570 Baseline Certifications: I unfortunately find myself having to reference the approved certifications for DoD 8570 a lot lately. Instead of searching for it each time, I thought I would just post it here as a quick reference for myself and any others out there. (continued here)
Wim Remes Elected as Chairman of the (ISC)2 Board of Directors: Two years ago Wim Remes shocked the security world (or at least (ISC)2 and the security community) by winning a seat on (ISC)2?s board of directors based on a platform for change. More recently though he has been elected chairman of this board. With big plans to better support membership and boost the value of CISSP, Wim recently gave an interview with SearchSecurity on his continued plans for “change.” (continued here)
Can Too Much Security Be a Bad Thing?: Here is a really interesting article from Gemini Security relating security to drugs. In the pharmaceutical field they have a concept known as the Minimum Effective Dose or MED. This value represents the least amount of a drug needed to achieve the desired effect. Taking too much of a drug though could have negative effects (e.g., overdosing). (continued here)
Hope everyone had a wonderful week! Have a great weekend!