Author: SysRisk

Reverse, Malware Development, Red Team Ops, Security Operations Management
CybersecurityLeave a comment

Timely, Consistent, and Accurate Event Handling

SysRisk

One of the things that we see when responding to security events is that each event is unique, which makes it interesting. There are silos, for example within DLP we have egress unencrypted email attachment as one silo, then have egress unencrypted one’s own personal information, egress encrypted potentially secret, egress unencrypted secret, and maybe one or two others. Below is a chart for the Private Information Domain when performing data leakage prevention measures and analyzing data coming in but only one domain. There are others related to egress of company secret IP and other types of information that should be encrypted via email. Continue reading Timely, Consistent, and Accurate Event Handling

CybersecurityLeave a comment

Consistent Event Management

SysRisk

The balance in handling incidents comes in at the analysis phase where you start out looking for anything, but even parts of this phase involve procedures – ensuring that triage is complete, the required level of system isolation or sandboxing is setup, backup copies are preserved, and other details. Up to that phase, where events are raised, reviewed, and escalated/closed requires a consistent approach, because during the event handling phase inconsistent handling could break down the whole basis for reporting the incident in the first place. Incidents require resources to review, analyze, report, and close, and most of those resources are not expected to handle incidents full-time. Continue reading Consistent Event Management

CybersecurityLeave a comment

Human Intervention In Event Analysis

SysRisk

The argument on this subject consistently goes both ways. On one hand we have the machine learning and artificial intelligence technologists that would argue against human intervention. Then on the other hand, there are professionals that argue when machines handle event analysis alone, that too many false positives come forward (that is poor filtering, actually), or too many false negatives may consistently go undetected. The operational word in that last sentence meaning “consistently”. Consistency is where a machine outperforms the human counterpart, but the types of events is rather vast. Eventually, you could map out a massive logic flow but the more difficult challenge would be to update such a workflow for changing technology, processes, people, and attack vectors. Continue reading Human Intervention In Event Analysis

Cybersecurity, Development, Governance, Risk, and Compliance, SocialLeave a comment

Getting In The Groove

SysRisk

As many of you know, I left Deloitte late last month and have moved onto a position within IT Audit at SMBC Nikko Securities. This new position puts me in the thick of a Japanese working environment, which is challenging on many levels – language being the least of which. I look forward to this career change since it pulls out of the rat race that Big Four job have turned into. Long gone are the days where Big Four managers could get regular work and charge exorbitant rates. The competition is stiff and the rates are falling through the … Continue reading Getting In The Groove

Development, Electronics, Social, SocietyLeave a comment

Lazy Sunday

SysRisk

I’m back in Japan and back to the grind after a good, short vacation on Guam. I was called back to JP for some clean-up work before I change jobs, and also thought it would be a good idea to do some programming on the home development server to release WorkPapers Windy 2011; which is about two weeks past due.Lately, I have been programming a lot of python in order to create a REST API for WorkPapers (http://workpapers.pro). The first version of this API will be used for push/pull/replication functions in this upcoming release of the desktop application. While working … Continue reading Lazy Sunday

SocialLeave a comment

Funny Job Posting On Elance

SysRisk

I was perusing freelance programming postings on elance and found this one:================================================= Following is needed:1) Recommend the most cost effective Java host for developing a small web app2) Set up this host, AND development environment (IDE) — I am a rusty programmer who does not know Java.3) Provide working Java code samples that perform the same/similar functions on each of the following web APIs: Facebook, Google, LinkedIn, Yahoo, Twitter. These functions are:a. Authenticate/login (store a user’s login credentials for each and login to each API)b. Perform a query against each (e.g., find people I know with last name “Smith”).4) Provide … Continue reading Funny Job Posting On Elance

politics, Social, SocietyLeave a comment

Back To Normal

SysRisk

Or, as normal as a foreigner living in a Japanese nuclear leakage zone can be. Packed my brief case, put on a necktie, and headed into Tokyo this morning. Was interesting with dark train cars, no heating on the trains, darker train stations, and all the escalators shut down. It’s a different Japan and will be different well into summer of this year. Our house is zoned outside of the regular power outages, so I can keep this new home server humming and continue to develop, script, and otherwise hack unencumbered. Well, almost unencumbered. This little server screams – it … Continue reading Back To Normal

politics, Social, SocietyLeave a comment

Sensation Sells – CNN Is A Cauldron Of Liars

SysRisk

Throughout my life, the wiser individuals have pointed out propaganda, sensationalism, and how one should only believe a part of the news that’s broadcast. This experience has been a big lesson and has made those advisories so clear; especially as it applies to CNN and Wolf Blitzer. I am in Japan and have lived in Japan for a third of my life at this point. I read, write, and speak the language fluently at a near-native level. I am not confused by the events here… unlike the stupid American reporters that keep claiming ‘mixed signals’ or ‘unclear messages’ or ‘changing … Continue reading Sensation Sells – CNN Is A Cauldron Of Liars