Michael R. Brown – Page 6 – WindowsTechs.com

SANS Miami 2016

Posted on November 25, 2016 by Michael R. Brown

A couple of weeks ago I attended the SANS Miami 2016 conference. While I have taken a few SANS courses, this was actually the largest SANS event I’ve been able to attend. The previous events I was at were SANS Community events, one with onl… Continue reading SANS Miami 2016→

2016 ISSA International Conference

Posted on November 23, 2016 by Michael R. Brown

Well, a bit behind in this posting.November 2-3, 2016, the Information System Security Association (ISSA) had their International Conference in Dallas, TX. I was part of the Steering Committee and also attended the ISSA Chapter Leaders Summi… Continue reading 2016 ISSA International Conference→

FFIEC updates (finally) their Information Security IT Examination Handbook

Posted on September 26, 2016 by Michael R. Brown

Well, after ten years, the FFIEC has finally updated their Information Security IT Examination Handbook.So probably some are wondering what this is and why should they care. If you don’t work in the financial industry, you may not be aware of all… Continue reading FFIEC updates (finally) their Information Security IT Examination Handbook→

Updates to the CIS Critical Security Controls

Posted on September 19, 2016 by Michael R. Brown

Hopefully most people are aware of the Critical Security Controls, which are too often called the “SANS Top 20” or the like, even tho SANS no longer manage them.

SANS actually turned them over to a group called the Council on CyberSecurity in 2013, at put out atleast version 5.0 of the controls. The Council merged with the Center for Internet Security in 2015, who released version 6.0. Properly they are the CIS Critical Security Controls, or CIS CSC.

With v6.0, they did some revamping and re-ordering the controls.

And CIS has continued to support the CSC.

And CIS has released some new items.

We now have a incremental update of the CSC to v6.1. The main change is to restore the scheme of identifying each sub-Control as either “Foundational” or “Advanced” as an aid to
prioritization and planning. This restores something that had been in version 5.x, but dropped in 6.0.

As to the new items, we get:

An Executive Summary
A Practical Guidance for Implementing the Critical Security Controls

These are short documents, only a few pages long.

And if you’re not aware, there are several other support documents that people may not be aware of:

CIS Controls Internet of Things Companion Guide
CIS Controls Mobile Security Companion Guide
CIS Controls Privacy Companion
CIS Controls Measurement Companion Guide

So if you’re using the CSC, these companion guides may be of use. Check them out.

Continue reading Updates to the CIS Critical Security Controls→

Michael on Security 2016-08-31 11:00:00

Posted on August 31, 2016 by Michael R. Brown

I recently attending the 2016 GRC Conference. This conference was a joint event of IIA & ISACA, and was held in my area in Ft. Lauderdale. It was a two day conference with speakers in several tracks, along with an exhibitor area. There were some special sessions before and after the main conference. Not sure how many times they have done this conference. Next year’s event will be in Texas.

For me, I attended because they had several sessions on cybersecurity. I was able to attend for free because I volunteered at the conference as a member of ISACA.

So who are the groups behind this event? The Institute of Internal Auditors (IIA) is the professional association for those doing internal audits (financial, usually, but also IT) within corporations. They offer several professional certifications. ISACA is a professional association for those involved in IT controls, risk, and governance. They are the group behind COBIT. And they have a set of professional certifications. In recent years they have been getting more into cybersecurity with a new set of certs.

Now, the conference has presentations in one of 4 tracks:

Cyber: Risks, Controls and Probabilities
IT Audit Core Principles
Internal Audit – Personal Brand Enhancement Strategies
Internal Audit Core Skills Refinement

The work I do, I was most interesting in the Cyber track, and a bit in the IT Audit track. I do a lot of working with companies assessing and advising them on improving their overall security program, what is known as an ISMS (Information Security Management System).

There were several that I looked forward to, but the sad thing is for me many of these weren’t at the level I was looking for. As someone who is more technical, thanks to several years of technical IT experience, I look for more technical presentations. The sort I find at the various infosec conferences I attend like BSides, ISSA, etc. I find that too many people from the audit side of things, even IT audit, too often don’t have that level of knowledge and experience, so this is too often absent.

Not to digress, but this is part of my concern with ISACA getting into cybersecurity. Who is their target audience? IT audit folks trying to get into cybersecurity? Or the technical hacker types getting into infosec? One thing I see as a disconnect is in the cost of these events. I found this conference VERY expensive in compared to infosec conferences. Even ISACA’s CSX conference, which is aimed at cybersecurity is over a thousand. As compared to ISSA or DefCon at a few hundred and the various BSides conference which are either nominal or free. And if infosec people are going to drop a lot of money, its more likely to be on SANS.

As I said, the sessions were good, but most not at the level I was looking at. Ira Winkler’s session on security awareness program was great. I’ve long heard him criticize such programs, but didn’t know what he felt was the right way to do things. Now I know. This will be useful in the work I do. The sessions on the NIST CSF was good, but would have like to have learned more about assessments then what the CSF is (am fully aware of that) and the CIS Critical Security Controls. Other sessions I got bits and pieces of interesting info. I thought it interesting that 2 sessions touched on the importance of corporate culture on IT auditing, as often the culture will affect how people will follow policies and procedures, which is something I look for.

The exhibit hall had a good number of vendors and groups. Was surprised by the several other orgs exhibiting, such as IT Service Management Forum, The Risk Management Society, and Society of Corporate Compliance and Ethics, along with CMMI Institute and Center of Internet Security. The rest were mainly made up of GRC and ERM vendors and some of the national/international consulting firms. Were a few I would have expected to be exhibiting who weren’t there, tho they sponsored.

This is not a bad conference, just that I’m not quite the target audience for it.

Continue reading Michael on Security 2016-08-31 11:00:00→

SFISSA’s 2016 Hack the Flag/Chili Cookoff FINAL UPDATE

Posted on August 29, 2016 by Michael R. Brown

The South Florida ISSA Chapter is again holding our annual Hack the Flag/Chili Cookoff in 2016. This is looking to be our biggest ever.New location.New stuff,Want to be a part of it??? Register TODAY!!! Go HERE to register. Want… Continue reading SFISSA’s 2016 Hack the Flag/Chili Cookoff FINAL UPDATE→

SFISSA 2016 Hack the Flag/Chili Cookoff UPDATE

Posted on July 25, 2016 by Michael R. Brown

The South Florida ISSA Chapter is again our annual Hack the Flag/Chili Cookoff in 2016. This is looking to be our biggest ever.New location.New stuff,Want to be a part of it??? Register TODAY!!! Go HERE to register. Want to be a… Continue reading SFISSA 2016 Hack the Flag/Chili Cookoff UPDATE→

Intel meets Arduino: Galileo, Edison, Curie

Posted on July 5, 2016 by Michael R. Brown

When I was getting into computers, we had a variety of companies making different microprocessors. There was Intel, Zilog, Sun, IBM, Motorola, MOS Technology, National Semiconductor, MIPS, Acorn, HP, and several others.

It seemed that in the home market, at that time made up of Apple, Atari, and Commodore (and a few others), most chips were derived from the Motorola 6800. (the 6502 was a derivative of the 6800). So these were called the “6ers”. Their next generation systems were all based on the Motorola 68000 processors and successors.

In the business market, most were first based on the Zilog Z80 (the CP/M machines), later supplanted by the Intel 8088 and follow-on chips. So these were called the “8ers”.

Within the Unix workstation world, most started with the more powerful Motorola 68000 before going with a variety of RISC-based processors (Sun SPARC, HP PA-RISC, IBM PowerRISC, etc).

Eventually things shuck out, and Intel and Intel-based processors came to dominate pretty much all of the desktop and laptop market and most of the server market (for Windows Servers and Linux Servers). Intel has won out. (please note this is a very simplified version of history)

But not so in the world of smartphones, tablets, and the Internet of Things. Surprisingly, most of these systems use chips based on Acorn’s RISC architecture, called ARM (the “A” originally stood for Acorn). With the decline in desktop/laptop sales, Intel has struggled to get into the world of smartphone, IoT, etc, with limited success. Very few cellphones are Intel-based. I can only think of the Motorola RAZR i. I had heard Intel was pushing to get into smartphones, but no idea where that went. I think the only tablets that are Intel-based are the later Surface models.

They have also been trying to get into the world of IoT several ways. Here I’ll look a at their work with Arduino: the Intel Galileo, the Intel Edison, and the Intel Curie. Arduino boards have been using various ARM-based microcontrollers and the such. All these use SOCs within Intel’s Quark line.

Intel Galileo

This early foray (there have been 2 versions so far, there are differences in the 2 boards) was developed with the Arduino folks, and is Arduino compatible. It can use Arduino shields and can be programmed with the Arduino IDE.

The Generation 2 board has an Intel® Quark™ X1000, which is a 32-bit Intel® Pentium® processor-class SOC, operating at speeds up to 400MHz. This processor supports the Yocto 1.4 Poky Linux distribution.

The board is larger then the standards Arduino board, having more connectors including a full-sized mini-PCI Express slot, 100 Mb Ethernet port, microSD slot, USB host port, and USB client port. In the area of memory, it has 256 MB DDR3, 512 kb embedded SRAM, 8 MB NOR Flash, and 8 kb EEPROM standard.

The board is a bit pricey, running around $75, so not sure how widely used it is.

For information on the board, there are a few sources on-line.

Intel info on the Galileo Gen2. Their documentation page is HERE.

Arduino info on the Galileo Gen 2. Getting Started with the Galileo Gen2.

Sparkfun info on the Galileo Gen 2.

Books on the Galileo:

Intel Edison

A different device is Intel’s Edison. The ultra small Edison module is basically a small single-board computer which packs an Intel® Atom™ SoC dual-core CPU with integrated WiFi, Bluetooth LE along with 1GB RAM and 4GB of Flash memory. By default it has Yocto Linux installed, which is an embedded Linux distribution, tho others can replace it. The module was originally planned to be the size of an SD card, but wound up being a little larger.

The module has a compact 70-pin connector. It can be connected to an variety of boards or “blocks”. Intel has 2, one a mini-breakout, the other is an Arduino breakout, which allows for Arduino shields to be used. Sparkfun has a variety of blocks that can use the Edison and can be stacked.

Intel Edison PAGE

Sparkfun Edison stuff: HERE

Yocto Project HERE

Lifehacker on Edison HERE Instructables on Edison HERE

Benchmarks HERE

Books on the Edison:

Intel Curie

A newer device is Intel’s Curie module. At present, I think it’s only available thru the Arduino 101 board. Not even sure you can purchase the module by itself. When it was first spoken of, it was planned to be button sized, and the final product is close to that. It’s intended to be used in wearable items.

Intel Curie page

Arduino 101 page Getting Started page

Sparkfun Experiment Guide for Arduino 101

Books: so far none, but look like some are coming.

I have an Edison, but haven’t had the chance to work with it to the extent I’d like. If others have done so, please comment. Continue reading Intel meets Arduino: Galileo, Edison, Curie→

Upcoming Security Events (I plan to be at) in 2016

Posted on July 1, 2016 by Michael R. Brown

Well, there are several upcoming events I hope to be involved within the coming months. Several of these I hope to have further postings to promote them, but here is a quick run down.2016 GRCAugust 22-24 here in South Florida, 2016 GRC is a confe… Continue reading Upcoming Security Events (I plan to be at) in 2016→

20 Books: The CERT Guide to Insider Threats

Posted on June 28, 2016 by Michael R. Brown

This is part of a sub-series of postings based on the “20 Books Cybersecurity Professionals Should Read Now”. The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud). B… Continue reading 20 Books: The CERT Guide to Insider Threats→