Threat Adaptation and Guns – Security 101 June 14, 2016Posted by Chris Mark in Uncategorized.
Tags: assault weapon, ban, gun control, http://affa.hells-angels.com/, Orlando, sandy hook, security, terrorism
add a comment
Let me start by saying that I, like everyone, am horrified by the events in Orlando. That being said, it is important to understand some concepts inherent to security and why the argument of gun control to prevent attacks like those in Orlando is flawed.
Before I delve into my post I want to give some of my own background. I started my professional career in the US Marine Security Forces providing armed physical security for a critical national asset. I have provided Force Protection in a combat zone, was a Marine Scout/Sniper, and I have provided unarmed security in a level 3 psychiatric ward. I have conducted anti-piracy operations in and around the Gulf of Aden and finally, I have been an information security professional for nearly 20 years. I am also working in a Doctorate in CyberSecurity. I have written scores of articles and spoken at many dozens of security events. I may not know much in life but I understand security.
I read a letter from a mother of a Sandy Hook victim. In the letter she said:
“I am sorry that our tragedy here in Sandy Hook wasn’t enough to save your loved ones,”
While I feel for the mother and understand her very normal and appropriate response to losing her child, the argument simplifies the issue. Unfortunately, what we are dealing with is not a gun issue…it is a people issue. (more…)
Chris Mark in “Using Security Metrics” Book June 9, 2016Posted by Chris Mark in cybersecurity, Uncategorized.
Tags: Chris Mark, cyber, hack, network, risk, security, Security Metics, Tenable
add a comment
A number of months ago I was interviewed regarding my opinion on the effectiveness of security metrics. I was notified today that the eBook has been published. Titled “Using Security Metrics” the book includes 33 authors and according to the publisher:
“We asked 33 security experts how they communicate security program effectiveness to business executives and the Board.
They share their recommendations and best practices in this ebook. If you’re a security professional, you’ll find their insights indispensable for helping you better communicate with business executives and Board members who often do not speak the security language. Download this ebook to learn about:
- Security Metrics That Tell a Story to the Board
- Security Metrics That Help Boards Assess Risk
- Security Metrics for Threat Management
- Security Metrics that Drive Action in the Financial Services Industry
My contribution can be found starting on page 39. You can download the eBook here!.
1,000,000 InfoSec Job Openings in 2016! May 10, 2016Posted by Chris Mark in cybersecurity, Industry News, InfoSec & Privacy.
Tags: assurance, Breach, careers, Chris Mark, hack, information, job market, PCI, security
add a comment
A recent article in Forbes Magazine outlines the current and projected information security job market. According to the article the current job market is valued at $75 billion and is expected to grow to $170 Billion by 220. More profoundly, CISCO estimates that there are currently 1 million InfoSec job openings in the US with, according to Peninsula Press, 209,000 currently unfilled! According to Virginia Lehmkuhl-Dakhwe, director of the Jay Pinson STEM Education Center at San Jose State University “The number of jobs in information security is going to grow tenfold in the next 10 years,”
I have been fortunate to have had a great career in information security over the past 15 years. While my experience is unique, I have had opportunity to travel the World and work with some of the largest, and most complex companies around. I have spoken at scores of events and have published dozens of articles and white papers.
Last year I wrote a blog post about how to get into the InfoSec career field. Two things that many people may want to know off the bat. 1) a College Degree is NOT required (although often very helpful) and 2) The pay is VERY good. (basic supply and demand). In my experience most people could probably get into the field with anywhere from 9-18 months of self-study. You can get in quicker if you attend course. For more information, please read my blog post: Getting Info Information Assurance Careers.
Thank You for 1,000,000 Views! January 26, 2016Posted by Chris Mark in Uncategorized.
Tags: 1 million views, Chris Mark, InfoSec, PCI DSS, security
1 comment so far
I was just notified that the GlobalRiskInfo blog just had it’s 1 millionth view with over 850,000 visitors! I want to give a big “Thank You!” to everyone that has taken the time to read my inane drivel and for those who take the time to comment! This is simply a labor of love and I am grateful for the support. This started 4 years ago and I have published 404 blog posts. While some have been big hits others have not. Regardless..thank you!
Chris Mark speaking at Secura Risk Management Fall Forum (Oct 28-29) October 24, 2015Posted by Chris Mark in Uncategorized.
Tags: Chip and Pin, Chris Mark, cyber, cybercrime, DarkNet, Deepweb, EMV, PCI, Secura, security, TOR
add a comment
If you are a bank, credit union, or work for one and want to listen to me (Chris) speak and are looking for a reason to go to beautiful Charleston, South Carolina..check out the Secura Fall Risk Management Forum! Yours Truly will be speaking on CyberCrime and the DarkNet as well as EMV “Chip & PIN” (a misnomer but…I will not discuss here). Should be a great event and will be in one of my favorite US cities…Charleston, South Carolina!..I have not had an opportunity to speak at a Secura event yet but they appear to be very well put together and the agenda looks very compelling. Also, if you didn’t have a chance to attend the AT&T Cyber Security Conference in NYC, you can watch a replay of the event here! You can see me on the ‘big stage’ talking with Jamie Wallace on Mobile Security. It was a great event with top shelf speakers…(notice that I am rocking my Recon Jack to represent the USMC Recon Community!)