By beginning of October 2017 I started Security Predictions experimental web site. It has been built to harness the ‘wisdom of crowds’. I experiment how we can use crowd-sourced security intelligence to predict future events. Feel free to contribute with your … Continued
This is “Dragan on Security” blog. It has been moved from https://conwex.info/blog/ to this domain. It is not too active at present time as it was earlier, but stay tuned. Share this…
The National Institute of Standards and Technology (NIST) announced on October 2, 2012 the selection of KECCAK as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm. Keccak makes use of the sponge construction … Continued
There are three possible approaches to information security: reactive, proactive, and predictive. Reactive Information Security – Post incident detection, analysis, notification, containment, eradication, and remediation. Proactive Information Security – Avoiding or opposing threats against computers and networks through understanding the … Continued
During period April – October 2011, I have gone through trainings, passed the exams and obtained new certificates: Certified ISMS Lead Auditor – ISO / IEC 27001 Information Security Management System PCI ISA (Payment Card Industry Internal Security Assessor), PCI … Continued
Two colleagues and I presented paper titled “Security Risk Management for Critical Infrastructures” at itAIS 2011 Conference, “Information Systems: a crossroads for organization, management, accounting and engineering”, held in Rome, Italy, October 7 – 8, 2011. Abstract: This paper presents … Continued
On September 28th, I delivered presentation on topic “Location Based Services – Security and Privacy Aspects” on global group Telenor Security Conference 2011. Abstract: Location based services are fast growing area in various types of businesses, particularly concerning mobile operators … Continued
Welcome to new age of my blog “Dragan on Security”. After more than seven years of blogging on previous platform (since August 28, 2005), I decided to move and to switch to new look and structure of blog. I have … Continued
One statement from our earlier book, which has been published 2007, was cited at IEEE Conference Journal. It is interesting and actual for many organizations at moment: “Security is a process of keeping necessary level of risk in acceptable boundaries. That means security is a continual process and not a final state. Organization or institution can’t consider itself “secured” after last security check. That process needs to be continual.”
DOI link: https://doi.ieeecomputersociety.org/10.1109/BCI.2009.20.
I was cited and quoted couple of times in IEEE Computer Magazine article “Fighting Intrusions into Wireless Networks”, Springer Link Book “Novel Algorithms and Techniques in Telecommunications and Networking” and Telektronikk Journal.