Security Minded - from Kai the Security Guy

Some thoughts on security (and other stuff) from a Microsoft security professional

Browse by Tags

Related Posts
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part VII) - Moving Data Out of Your Organization

    Well, if you've been following along...we talked about who the insiders are and the metrics behind economic espionage. We've discussed why they do it and how they get the data. But I know this probably hasn't been very technical for most of you. Today that is going to change. Today we're going to talk...
  • Blog Post: Well, maybe I’ll get a great refund in in 2009

    Apparently the IRS just realized that they had about 1,800 unauthorized web servers attached to their corporate network !!! Now I’m glad to hear that their CIO is working to get them removed, but sounds to me this is a great opportunity for them to implement a domain isolation model using IPsec. Now...
  • Blog Post: Where's Kai? RSA Conference 2008!!

    Well...if you're an IT Security Professional, you owe it to yourself to make the journey to the annual RSA Conference at least once in your life. It's the world's biggest security conference and many a great new announcement is made here. This year, it's my turn! They have some awesome speakers here...
  • Blog Post: The Security Show: Episode Two – Stopping James Bond (Part II)

    In this part, we get some good advice from the FBI on how to have that talk with your executives who like to travel out of the country and don’t really understand the risk that they assume when they carry that laptop, cell phone, or other electronic device with them. Good stuff!
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part V)

    I've done a lot of work in the past few weeks trying to get you to truly understand the person we've dubbed "The Insider". We've discussed who they are, and why they do what they do. Today I'm going to be looking at exactly what it is these insiders are trying to take. What are the targets? Intellectual...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part VI) - Social Engineering

    If you've been with us the past few months, we've been talking about the who and why of economic espionage/insider threat. Starting today....we're about to make all you wannabe James Bonds out there understand the how. A New Degree in Engineering Still one of the hottest attacks around is one that you...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part IX) - Oldies, but Goodies

    Well....I received an absolutely unexpected and pleasure of an email from one of the excellent speakers over at the The Centre for Counterintelligence and Security Studies about my blog posts! I'm not sure they were reading or simply scanning for references to their website, but hey...I'm not picky!...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part VIII) - Phone Home + The Power of the PMP!

    " Hey IT Guy , c heck out my cool phone! I can use it as a modem for my laptop! " Ever heard that from one of those end users? I'm sure you have. Sounds much better than " Check out my cool wireless bridge I've been using to exfil sensitive data out of our company! " No matter if you've got the latest...
  • Blog Post: The Security Show: Episode Two – Stopping James Bond (Part I)

    I got it to work! I had some issues with the video playback in Silverlight after it came out of post-production in Sony Vegas. I really wish there was an easy way for Expressions Encoder to sort of “save your profile” so you wouldn’t have to go and tweak settings each and every time. Pretty much a hassle...
  • Blog Post: The Security Show: Episode Two – Stopping James Bond (Part III)

    I hope this is waking some folks up with regards to the huge issue that insider threat poses within your own company. We discuss some of the common characteristics that these people show and how we identify them. What are some of the triggers that make these folks turn against you? What are the warning...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat

    This is currently an area I've been focusing on for the past month or so. I've been doing a lot of reading, fact finding, research, etc. around the topic of data leakage that occurs when users are essentially stealing data from within your business. This ties into economic espionage, which is another...
  • Blog Post: The Security Show: Episode Two – Stopping James Bond (Part IV)

    This is the last of Episode Two and I hope everyone has been enjoying this interesting session with the FBI. In this final session, we wrapup and get a few comments from the audience. Good stuff.   Next time, I’ll be posting Episode 3 titled “Gate, Guards, and Guns” where we’ll spend some time talking...
  • Blog Post: Microsoft IT Security and Data Leakage: TechNet Radio Edition

    I've chatted with our internal MSIT data leakage expert, Olav Opedal in private as I've put together my session on Insider Threat. Recently I had the opportunity to interview Olav a few weeks ago for a public TechNet Radio session, titled " How Microsoft Does IT: Enabling Information Security through...
  • Blog Post: The FBI Celebrates it’s 100th Anniversary!

    I had the distinct honor this week, of attending the Bureau’s 100th Anniversary celebration event here at the Dallas FBI Field Office . (I’m the one that’s not blurry in the picture on the left) The event itself was very well done and the speeches by both Special Agent in Charge Casey and by Sen. Kay...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part II)

    In the last post, I touched upon the reasons that Insider Threat is often ignore by corporations and businesses (yes.....this probably means you.) I also discussed the reasons why this threat is of much greater than concern than some 17-year old kid in some remote former Eastern Bloc country, hacking...
  • Blog Post: RSA 2008 - Day 2: Windows vs. Linux, PLUS Insider Threat Experts, and The Parties

    Day 2. I'm a but wore out since I was up into the wee hours trying to get my new video blogging mess figured out. The process that I thought would be (encoding and uploading).....wasn't. But the part that I thought would be easy (quality of the HD stream).....was. Still trying to work out exactly why...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part III)

    Today I'm going to discuss exactly who the these "insiders" are. As I mentioned earlier, the book " Insider Threat: Protecting the Enterprise from Sabotage, Spying and Theft " by Eric Cole and Sandra Ring has some terrific analysis and classification. Here's the breakdown: "We Love Bob!" " Hey everyone...
  • Blog Post: Oh Canada!

    You know you've made it when you land on the Canadian IT Pro User Blog . I just returned from a whirlwind tour of Western Canada where I hit 4 cities in 4 days (Calgary, Edmonton, Vancouver, and Victoria) and then had less than 20 hours at home before my next international adventure. I had a great time...
  • Blog Post: Is Kai Axford Speaking at TechEd 2008?

    The short answer is YES! However, I'm not going to be confined to a single breakout room like I was last year. (ESPNism: " You cannot stop him, you can only hope to contain him .") If you remember, we had such a huge amount of folks wanting to get into the session I did with the FBI that we had to turn...
  • Blog Post: Dripping Data: Understanding and Reducing Insider Threat (Part IV)

    After traveling the past 4 weeks non-stop, with barely enough time to figure out what time zone I'm actually in....I'm back with another installment of Insider Threat. Today we'll discuss the motivators for why this is happening. Let's get started! "Why Mr. Bond......thank you for your service." I had...