Technology Topics

Articles about Cybersecurity and Information Technology

Riding the AI Code Hype Train

Riding the AI Code Hype Train

I've been on the hype train before. (Flashback to the early days of Blockchain valuations) I've been a (mostly) quiet skeptic about the use of AI - specifically LLMs - for code generation. Anyone who has been writing software for a while will tell you that copying...

OpenGRC – Coming in Q1-2025

OpenGRC – Coming in Q1-2025

The data management side of GRC is not a hard problem to solve. This is why, for many small companies, an Excel spreadsheet is the tool-of-choice. But, as Security professionals know (or quickly find out), Excel GRC still comes with a bunch of downsides (e.g. Task...

DoD Classification Backgrounds

DoD Classification Backgrounds

Many years ago, while working in an Army lab, I had the need for classification backgrounds. I thought I had seen them somewhere, but no one was able to point me to them when I needed them. Years later I learned that my backgrounds had been used in labs everywhere!...

Acceptable Use Policy Template

Acceptable Use Policy Template

Many years ago I created an Acceptable Use Policy (AUP) template that was intended for use by my small business clients. I wanted a policy that was short, understandable, and written to be read (not just for compliance). Over the years, I've seen pieces of this policy...

How to Keep Up… (IT & Security Edition)

How to Keep Up… (IT & Security Edition)

IT and Security are both high-growth industries. It's easy to understand that times change, technologies change, and vendors change. It inevitable, and a certain degree of change is always expected. As IT and Security professionals, we expect that continuous education...

CyberCamp

CyberCamp

Nearly a decade ago I was approached by a defense colleague with this crazy idea of creating a high school cybersecurity summer camp program. We knew it would be a lot of work, but we also knew there was a very real need in our industry: we just don't have enough...

Common Sense Security

Common Sense Security

The occurrence of data breaches has been on a continual rise over the past 18-24 months. Some of this is arguably due to increased reporting, but what about the rest? How do some of the largest companies in the world manage to get breached by so-called “advanced”...

Adaptive Password Policies

Adaptive Password Policies

Stanford recently published a new security policy allowing their users to choose length over complexity.  Password complexity has always been the go-to answer for creating secure passwords. Of late, there has been a big push to change that; and for good...