William Slater's Cybersecurity Blog

William Slater's Cybersecurity Blog
M.S. in Cybersecurity at Bellevue University

Friday, January 13, 2012

Post 006 - Cybersecurity




New 2011 Cybersecurity Report Announcement - Cyber Threats to National Security


My employer, CACI, working with the U.S. Naval Institute, has co-produced a free new report on Cybersecurity and Asymmetric Threats.  It is an excellent 40-page report that defines the dimensions and threats associated with cybersecurity, the implications on a national security level and recommendations for future steps to secure cyberspace in the U.S.  The information about the report, as well as links  the executive summary and the full version, can be found at this link:

http://www.caci.com/announcement/asym5.shtml

Enjoy!

==========================================================
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
Chicago, IL
United States of America


Master of Science in Cybersecurity (MS)
College of Information Technology
Bellevue University, Bellevue, Nebraska

M.S. in Cybersecurity Program at Bellevue University

CIS 608 Information Security Management

CYBR 515 - Security Architecture and Design

CYBR 510 Physical, Operations, and Personnel Security

CIS 537 Introduction to Cyber Ethics

CYBR 610 Risk Management Studies

CYBR 520 Human Aspects of Cybersecurity

CIS 607 Computer Forensics

CYBR 615 Cybersecurity Governance and Compliance

CYBR 625 Business Continuity Planning and Recovery

DET 630 Cyber Warfare & Deterrence

CYBR 525 Ethical Hacking and Response

CYBR 650 Current Trends in Cybersecurity

Mastering Security

Career

Certifications

Credentials

ISO 27001





Friday, December 30, 2011

Post 005 - Cybersecurity






Sun Tzu and Cyber War


Sun Tzu and Cyber War, is an excellent 23-page paper by Kenneth Geers and it compares what is known today about the nature of cyberwarfare with ideas from the classic, most famous book ever written about war, the Art of War, by Sun Tzu (Geers, 2011).  Find it here: http://www.ccdcoe.org/articles/2011/Geers_SunTzuandCyberWar.pdf


Because the idea of cyberwarfare is rapidly evolving, Geers believes that the students of cyberwarfare and cybersecurity would do well do understand the basic foundations of warfare as laid out by Sun Tzu 2500 years ago in his book, the Art of War (Geers, 2011). 


Geers has been studying and writing about cyberwarfare for years.  In 2009, he co-wrote and published, The Virtual Battlefield: Perspectives on Cyber Warfare.  (Czosseck and Geers, 2009)


A full version of The Art of War can be retrieved at this link:  http://www.iluminaci.pl/info/sztuka-wojny-sun-tzu (Illuminati, 2012).




References



Czosseck, C. and Geers, K. (2009).  The Virtual Battlefield: Perspectives on Cyber Warfare.  IOS Press.


Illuminati - Freemasonry - YEAR 2012. (2012).  Sun Tzu's Art of War.  Retrieved from the web at 
http://www.iluminaci.pl/info/sztuka-wojny-sun-tzu on December 30, 2011.


Geers, K. (2011). Sun Tzu and Cyber War.  A professional technical paper published on February 9, 2011 at the Cooperative Cyber Defence Center of Excellence in Tallin, Estonia. Retrieved from the web at http://www.ccdcoe.org/articles/2011/Geers_SunTzuandCyberWar.pdf on December 25, 2011.







= = = = = = = = = = = = = = = = = = = = = = =

William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
Chicago, IL
United States of America

M.S. in Cybersecurity Program at Bellevue University

CIS 537 Introduction to Cyber Ethics

CIS 608 Information Security Management

CYBR 515 - Security Architecture and Design

CYBR 510 Physical, Operations, and Personnel Security

CYBR 610 Risk Management Studies

CYBR 520 Human Aspects of Cybersecurity

CIS 607 Computer Forensics

CYBR 615 Cybersecurity Governance and Compliance

CYBR 625 Business Continuity Planning and Recovery

DET 630 Cyber Warfare & Deterrence

CYBR 525 Ethical Hacking and Response

CYBR 650 Current Trends in Cybersecurity

Mastering Security

Career

Certifications

Credentials

ISO 27001



Friday, September 9, 2011

Post 004

Here are some more good and free resources on Information Security topics:

Cybersecurity Plan for the State of Michigan

http://www.michigan.gov/documents/itstrategicplan/I_Cyber_Security_Web_234559_7.pdf

Security in a Windows Infrastructure

http://www.microsoft.com/brasil/security/content/resources/resources/SOG_download.pdf

Security and Privacy Made Simpler

http://www.bbb.org/us/storage/16/documents/SecurityPrivacyMadeSimpler.pdf

Telecommunication Security

http://www.iso.org/iso/telecommunication_security_h_bertine_gsc.pdf

Security Policy

http://security.arizona.edu/files/ISS701.pdf

Lifecycle of Document Security

http://www.adobe.com/security/pdfs/acrobat_livecycle_security_wp.pdf

Post 003

Weather Forecast: Partly Cloudy with a Chance of Certifications

I think that we will look back at 2011 as the point when Cloud Computing got real and finally took off. And with all the government focus to control IT budgets and move IT operations and applications into secure Cloud Data Centers.

Be sure and read the IEEE Computer Magazine from August 2011. They are already publishing scholarly articles about the best uses for Cloud applications on Mobile Devices and using mathematical principles to model how to determine the best configuration for your Cloud Planning. Translation: This represents a big departure from the previous crop of Cloud Articles that just addressed security in the Cloud. In other words, people assume “it's real; it's here; so now what's the best way to use it?"

The Windows Live Public Skydrive link below has some important resources to get ramped up on knowledge about Cloud Computing: https://skydrive.live.com/redir.aspx?cid=bf9ea3001ee4c8dc&resid=BF9EA3001EE4C8DC!160

I am also in a Cloud Computing Pathway certification program that is online, self-paced and self-study. I passed my Cloud Computing Foundation certification exam on June 28, 2011. Just four more courses and exams and I will earn the Cloud Computing Expert Certification. More about the program at this link: http://store.theartofservice.com/all-products/cloud-computing-pathway-comple-elearning-bundle.html

By the way, I have known all this Cloud Stuff was coming for the last 6 years, when Bill Gates and Ray Ozzie wrote their famous "Cloud Memos" as publicly released documents, to the employees at Microsoft in October 2005. You will find those memos on that skydrive link, which is of course, in the Microsoft Cloud: https://skydrive.live.com/redir.aspx?cid=bf9ea3001ee4c8dc&resid=BF9EA3001EE4C8DC!160

Also, many of you will remember that in 2008 I was the first Data Center Manager for Microsoft's Flagship Cloud Data Center - the Chicago Data Center, located in a suburb of Chicago. So I have been kind of a "Cloud Computing Advocate" for quite a while now.

This is an article I wrote about Cloud Computing at the end of 2008. Welcome to the Cloud (Again)!

This is my Cloud page.

See you in the Cloud, my friends!

Best regards,

Bill
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation

Project Manager / Program Manager
slater@billslater.com
williamslater@gmail.com
http://billslater.com/career

Post 002

Here are some good, free resources on Information Security topics:

Engineering Security

http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf

COINTELPRO and the Subversion of Anonymous

http://www.sott.net/articles/show/234259-The-New-COINTELPRO-Cyberwarfare-hacktivists-and-the-Subversion-of-Anonymous

Reengineering Security

http://classic.marshall.usc.edu/assets/036/8598.pdf

Computer Security Accidents that Might Have Led to Nuclear War

http://nuclearfiles.org/menu/key-issues/nuclear-weapons/issues/accidents/20-mishaps-maybe-caused-nuclear-war.htm

IT Security and Audit Policies

http://it.delhigovt.nic.in/doit/IT_Security_Audit_Policy.pdf

Social Networking Treatise

http://www.law.cornell.edu/socsec/spring01/readings/martin.pdf

Introduction to Network Analysis

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/SecurityTactics/1597490733.pdf

PERL Scripting and Live Response

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/SecurityTactics/159749173X.pdf

Dumpster Diving

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/SecurityTactics/1597492159.pdf

Targeting Intellectual Property

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/SecurityTactics/1597492558.pdf

Open Source Security

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/OpenSourceSecurity/1597490741.pdf

Advanced Operators - Security Tactics

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/SecurityTactics/1597491764.pdf

Introducing NMAP

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/OpenSourceSecurity/1597492418.pdf

Vulnerability Assessment

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/OpenSourceSecurity/1931836086.pdf

Trademarks and Domain Names

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/9781597492560.pdf

Controls and Safeguards

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/9781597492393.pdf

Business Continuity/Disaster Recovery Plan Development

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/1597491721.pdf

Having Fun with Sysinternals

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/1597490792.pdf

Creating an Attack Lab

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/1597490113.pdf

Behind Cybercrime

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/Cybercrime/1597490482.pdf

Incident Response - Live Forensics and Investigations

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/Cybercrime/1597491330.pdf

Initial Triage and Live Response: Data Analysis

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/Cybercrime/9781597492690.pdf

PDA, Blackberry, and iPod Forensics

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/Certification/9781597491976.pdf

Handheld Forensics

http://www.elsevierdirect.com/downloads/SyngressFreeE-booklets/ITManagement/1597491381.pdf

Monday, August 29, 2011

Post 001

Welcome to the master blog for the M.S. in Cybersecurity online program at Bellevue University! I started this program on Monday, August 29, 2011. The links below will take you to the course blog that has been set up for each course in this program:

=========================================================

CIS 608 - Information Security Management
CYBR 515 - Security Architecture and Design
CYBR 510 - Physical, Operations, and Personnel Security
CIS 537 - Introduction to Cyber Ethics
CIS 607 - Computer Forensics
CYBR 520 - Human Aspects of Cybersecurity
CYBR 610 - Risk Management Studies
CYBR 615 - Cybersecurity Governance and Compliance
CYBR 625 - Business Continuity Planning and Recovery
DET 630 - Cyber Warfare & Deterrence
CYBR 525 - Ethical Hacking and Response
CYBR 650 - Current Trends in Cybersecurity


=========================================================

If you are interested in me and my career, here are some additional links:

Resume
Career
Certifications
Credentials
ISO 27001
M.S.
MBA
Bio
Writing
Thoughts
Secrets
Chicago
Love Story

====================================


Best regards,

William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
slater@billslater.com
Chicago, IL