See all products »
Curah! curation service
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Server and Tools Blogs
TechNet Flash Newsletter
Cloud and Datacenter
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Microsoft Download Center
TechNet Evaluation Center
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Second shot for certification
Born To Learn blog
Find technical communities in your area
For small and midsize businesses
For IT professionals
For technical support
For home users
Microsoft Premier Online
Microsoft Fix It Center
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Roger's Security Blog
As Chief Security Advisor of Microsoft EMEA - lets share interesting security information
Chief Security Advisor
Critical Infrastructure Protection
Freedom of Speech
Securing My Infrastructure
Security Intelligence Report
Browse by Tags
Roger's Security Blog
critical infrastructure protection
Analysis of the Estonian Attacks
I just read a paper on the political analysis of the Estonian Attack. If you are interested reading my post on my other blog (as the analysis is not really technical but interesting) there you go: Analysis of the Estonian Attacks Roger
21 May 2008
The Importance of International Collaboration–Even in Exercises
One of the biggest challenges in Critical Infrastructure Protection or Incident Response is collaboration. Collaboration between the public and the private sector as the private sector is most often running the critical infrastructure; collaboration between different governments as well as incidents...
16 Jun 2010
Bill would give Obama power to shut down Internet, networks during cyber attacks
Interesting: Bill would give Obama power to shut down Internet, networks during cyber attacks Roger
3 Apr 2009
Technology in the Mumbai Attacks
One of the questions I often get is my position on Cyber-Terrorism. I doubt that there will be “isolated” technology-related terrorism. What we see much more is the use of high-tech during classical terrorism attacks. If you look at the recent terrorism events in Mumbai, there was some pretty interesting...
2 Dec 2008
How long does it take to hack a Power Plant?
I start to get scared – more and more. Back in September I blogged on Critical Infrastructure Protection – Live which shows what would happen if somebody would be able to tamper with power generators. Now, during RSA there was a guy called Ira Winkler telling the audience that they had the job to do...
14 Apr 2008
Security Risks in the Supply Chain?
At the moment I am travelling through the Gulf in order to launch the Security Intelligence Report v5 with local data. During one of the discussions today, a question was raised which I was thinking about quite some while (but – honestly - do not have an answer yet): How do you manage the risks in your...
24 Nov 2008
Estonia’s Cyber Security Strategy
Following the attacks on Estonia, they published a pretty interesting paper called Cyber Security Strategy by the Ministry of Defense in Estonia. One thing which I see again and again is that most of the people looking into such strategies conclude that strong collaboration is needed between the different...
8 Oct 2008
10 Years of Trustworthy Computing at Microsoft
Before joining Microsoft a little bit more than 10 years ago, I ran a team at PricewarehoureCoopers on e-Business Risk Management – classical security consulting in the Internet bubble time. When I announced that I will leave PwC and join Microsoft, I got interesting reactions (and remember, this...
12 Jan 2012
Security Intelligence Report: “Scareware” on the Raise
You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let me try to give you an overview of the “highlights” of the report from my point of view: As I wrote in the title and as I blogged about this summer ( „Scareware“ on the Raise ) one if the biggest growing...
8 Apr 2009
Hacking is destroying economic growth
As usual (and probably as most of you) I started today scanning through my mails and RSS feeds for important and urgent information. By doing that, I stumbled across an article called Hackers and Nigeria vulnerability to cyber terrorism and I started to read it. As you know, I blogged several times...
26 Sep 2008
Cyber Security: The Road Ahead
This paper by the Geneva Centre for the Democratic Control of Armed Forces (DCAF) was just brought to my attention. A piece of work, which is definitely worth working through. It lays out the problem space and then does a deep dive into the different sections: Governments Legislative Bodies The Armed...
14 Apr 2011
A Detailed Analysis of an Attack – Do We Need an International Incident Sharing Database?
I recently came across a paper called Shadows in the Cloud , which is actually a follow-up report of Tracking GhostNet: Investigating a Cyber Espionage Network , an investigation of the attacks on the office of the Dalai Lama and some governmental bodies. The report is written by two bodies who had the...
21 Apr 2010
How to Build a CERT
Often, when governments look into Critical Infrastructure Protection, they start to build a CERT (Computer Emergency Response Team) or a CSIRT (Computer Security and Incident Response Team). The questions then always comes up: How do you do that? ENISA (European Network and Information Security Agency...
21 Jan 2011
Algeria: Conference on Certification (eID)
When I tweeted last week that I am on my way to Algeria, I got quite some reactions and questions that I shall report how it was. So, let me try to briefly summarize my impressions. I was invited to speak at a conference on certification in Algiers. Well, initially I pushed back as I did not understand...
17 Dec 2009
Attacks on MS08-067
As we were pushing on our Out-of-Band release earlier this month we tried to make you understand that immediate deployment is needed as the vulnerability is high risk. Otherwise we would not have gone out of band… Interestingly enough, we have not seen widespread attacks since now. Earlier today now...
26 Nov 2008
Comments on US-CERTs Advisory on Auto-Run
You might have seen the advisory of the US-CERT titled Microsoft Windows Does Not Disable AutoRun Properly – if not, you will definitely have seen one of the articles covering this issue and telling you that our advice on how to prevent Conficker is flawed. This statement is not quite true the way it...
22 Jan 2009
Publishing Secret or Sensitive Information
With a lot of interest I followed the media on the latest Wikileaks’ publication of sensitive documents from the US Government. At least here in Europe, there is a huge debate whether this publication is really problematic for the United States. A discussion I do not want to comment here, as I am not...
30 Nov 2010
SANS Commits $1 Million to Fight Cybercrime in Developing Countries
You know that I criticize SANS from time to time. Especially when it come to their handlers, I am convinced that they are creating the problem rather than solving it. This time I have to say that I am impressed as they are helping developing countries to help to fight Cybercrime. This is as "we are...
24 May 2008
Mutual Authentication in Real Life–Launching a Nuclear Missile…
A few years ago, I wanted to run an exercise with our incident response team in Switzerland. A customer, the government and me came together to develop the goals and the scenario. One of the key question we tried to answer together with the university, which we wanted to use as observers was, whether...
30 Mar 2011
Why I do not like e-Voting (Part 2)
As you might know, I blogged on e-Voting recently ( Why I do not like e-Voting ) and got quite some reactions. A few here but most of them privately. Most of you seem to like e-Voting. Now, think again! Look at this article here Evaluating the Security of Electronic Voting Systems . There is a video...
9 Sep 2008
Keep all your software updated and current
I know that I keep going and going on that. When I talk to customers and mainly to providers of the critical infrastructure about security, one of the key things to me is to keep the software updated. It is about patching and it is about staying on the latest version of your software. To me, today Windows...
13 Apr 2012
The “Year-2010” Problem: Failure of ATM cards!
When the industry prepared for the Year 2000, I was working in a consulting company living good from doing reviews on Y2k-projects. Then the year 2000 came and nothing happened (besides a big party). Then year 2010 came – and the bug actually got hold of us. Initially I thought that I was reading a joke...
6 Jan 2010
Should the Government be able to enforce security updates?
This is actually an interesting question. A lot of governments enforce rules and regulations on how you have to run your car, how often you have to check it, in which condition you have to keep your tires etc. The same is true for a lot of other devices we are using. Now, it seems that the US just...
13 Jun 2010
Council of Europe Octopus Conference- Some Thoughts
l am still sitting in the parliament room of the Council of Europe at the celebration event for the Budapest Convention. It was another very good event advancing the challenges fighting Cybercrime. Let me try to summarize a few thoughts: The Budapest Convention is probably the best convention out there...
23 Nov 2011
Cybersecurity–More than a good headline
A lot of governments all across the globe are working on starting, restarting or pushing their Cybersecurity initiative. What often concerns me is, that the last real headline has more impact on the strategy and the themes to be addressed than a structure or a plan or a strategy. This made us thinking...
27 Oct 2011
© 2015 Microsoft Corporation.
Privacy & Cookies