By beginning of October 2017 I started Security Predictions experimental web site. It has been built to harness the ‘wisdom of crowds’. I experiment how we can use crowd-sourced security intelligence to predict future events. Feel free to contribute with your … Continued
The National Institute of Standards and Technology (NIST) announced on October 2, 2012 the selection of KECCAK as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm. Keccak makes use of the sponge construction … Continued
There are three possible approaches to information security: reactive, proactive, and predictive. Reactive Information Security – Post incident detection, analysis, notification, containment, eradication, and remediation. Proactive Information Security – Avoiding or opposing threats against computers and networks through understanding the … Continued
During period April – October 2011, I have gone through trainings, passed the exams and obtained new certificates: Certified ISMS Lead Auditor – ISO / IEC 27001 Information Security Management System PCI ISA (Payment Card Industry Internal Security Assessor), PCI … Continued
Two colleagues and I presented paper titled “Security Risk Management for Critical Infrastructures” at itAIS 2011 Conference, “Information Systems: a crossroads for organization, management, accounting and engineering”, held in Rome, Italy, October 7 – 8, 2011. Abstract: This paper presents … Continued
On September 28th, I delivered presentation on topic “Location Based Services – Security and Privacy Aspects” on global group Telenor Security Conference 2011. Abstract: Location based services are fast growing area in various types of businesses, particularly concerning mobile operators … Continued
One statement from our earlier book, which has been published 2007, was cited at IEEE Conference Journal. It is interesting and actual for many organizations at moment: “Security is a process of keeping necessary level of risk in acceptable boundaries. That means security is a continual process and not a final state. Organization or institution can’t consider itself “secured” after last security check. That process needs to be continual.”
DOI link: https://doi.ieeecomputersociety.org/10.1109/BCI.2009.20.