Company Blog
At the NRECA conference
I had the opportunity to address a group of electrical cooperatives at a recent conference in sunny Atlanta, which was actually snowy. I always welcome the challenge of bringing technical security concepts to a new audience and this was an excellent crowd. The ensuing Q&A showed the broad range of concerns from these small electrical [...]
Smart Grid equals Dumb Security?
I recently had the pleasure of giving a keynote at the NRECA annual conference in Atlanta. The conference brings together senior management and Board members from rural electric cooperatives throughout the country. Some coops are large in terms of the number of subscribers, and some are large in terms of geographic area covered (those numbers [...]
SDL, ARA and SAE
I don’t often make the time to write up some of the more interesting aspects of work we do for clients, but I was forced to make some time to do so last week (well perhaps encouraged is a more polite way to put it) . The effort culminated in a webcast with MSDN and [...]
BSIMM2: The Magic Number 30
BSIMM2 is the 30 firm version of BSIMM. I wrote up an article with Brian Chess and Sammy Migues (my BSIMM co-creators) called “Software [In]security: What Works in Software Security — Fifteen Common Activities from BSIMM2.” In addition to highlighting the fifteen most common BSIMM activities, the article also provides the 30 firm data for [...]
