Stories by By Mathias Thurman

Taking a gander at the security landscape

Looking around at how things are done at my new company, it's pretty easy for me to find security problems lurking virtually everywhere.

Written by By Mathias Thurman03 Dec. 14 21:13

Detoured by Shellshock and Poodle

As I moved into the information security position at my new company a few weeks ago, I was anxious to do a full assessment of our security defenses. But I was immediately sidetracked by, not one, but two major vulnerabilities that couldn't be ignored. Those were fires that had to be put out before I could do anything else.

Written by By Mathias Thurman28 Oct. 14 03:00

The security function needs SMART metrics

I've become a <a href="">big fan of metrics</a>. I wasn't always, but throughout my career in information security, I've had bosses who have challenged me on metrics, and I have honed my skills so that now I feel the metrics I collect meet the "SMART" test: specific, meaningful, actionable, repeatable and time-dependent.

Written by By Mathias Thurman17 Sept. 14 21:07

Tuning the security analysts

I have told you about the need to <a href="">tune our security incident and event monitoring (SIEM) tool</a>. Now we need to tune the analysts who are monitoring the SIEM.

Written by By Mathias Thurman28 Aug. 14 22:46