With the Washington Capitals having made the Stanley Cup Playoffs, the Phrase “Off Center” means something a bit different than it might have a week ago. Regardless I had a great time recording Mark Amtower’s… Broadcast of My Interview w/Mark Amtower – Amtower Off Center
I teach a class at the University of Maryland University College (UMUC) about the future of Information Technology.
One of the great things about doing this is how much I learn each semester, I find I always gain much, much more than I bring to the class (pointed out to me by the observant students …).
In a recent discussion thread one of the students had some interesting things to say about telecommuting which I thought deserved a wider audience. So with a tip of the hat to Neelima Jampani …Thoughts On Teleworking
Reposted from AOL Government, http://gov.aol.com/2011/12/12/why-fedramp-is-worth-caring-about/.
If you have been at a recent Washington Capitals hockey game when the opponent scores a goal, you know the crowd routinely shouts out “Who cares!”
Last week, Steven VanRoekel, Federal CIO, released the long awaited OMB plan for the Federal Risk and Authorization Management Program, or FedRAMP; which reminds me to be thankful for pronounceable acronyms. The purpose of FedRAMP per the implementing OMB memorandum, is to “provide a cost-effective, risk-based approach for the adoption and use of cloud services”.
This last weekend I attended the Executive Leadership Conference (ELC) sponsored by ACT-IAC in Williamsburg. The opening night keynote speaker Scott Klososky, presented some interesting points but I felt left out some key issues; probably… Reflections At ELC: Why Klososky’s Keynote Missed The Mark
When I was at the Department of Transportation …
It occurs to me that a lot of my writing starts with that phrase. I haven’t yet decided if I use it because I learned a lot there or because I think people will be more likely to listen if I start a discussion with it.
Regardless, when I was at the Department of Transportation we would do emergency training. What if there was another 9/11 attack, what if there was a cybersecurity attack, and so forth. Some of us got to go to semi-secret locations and stay underground, walk down long corridors with lights along the top casting shadows, lots of clacking of shoes on the floor, eating together in the cafeteria, periodically getting messages of incident updates, doing reports, watching the pretend (or real) Secretary, talking to the (always) pretend President, and so on. It was pretty cool, like getting to go back to camp for a day. Some of the exercises were pretty extensive involving multiple Government agencies including in some cases State and Local governments.Earthquakes, Emergency Training, and COOP
This is my third (and thankfully to most readers, last) post about a class at I gave at George Washington University earlier this year. The professor, Dr. Robert McCreight, invites me to be a guest lecturer on cyber-security from time to time. I posted a copy of my slides in the previous two posts and do so again here:
George Washington University Slides on Cyber-Security
In the last post I returned as I often do to the question “How to be secure when each component of your solution is itself insecure?”. I find that most practitioners, and in particular their management, are in denial on this issue. While my first suggested step which is to practice security hygiene is useful it does not help against a determined attacker.
While I am not sure if anything short of not connecting to anyone will work all the time, two possible approaches seem promising.
Previously, I had written about a class at George Washington University to which the professor, Dr. Robert McCreight, invites me to be a guest lecturer on cyber-security from time to time. I posted a copy of… My GWU Discussion – Part 2 – What to do About Cybersecurity
Every year or so I am lucky to be invited by Dr. Robert McCreight who teaches a graduate class on National Security and Technology to be a guest lecturer on Cybersecurity.
Since the classes I teach at the University of Maryland and Syracuse University are on-line distance learning, it is always a treat for me to have actual live students in the same classroom as I am to interact with. This year the exchange of information was really great, Dr. McCreight has a wonderful class. For all of these activities, I deal with what I call the “avoidance of appearing like an idiot in front of people syndrome”, which forces me to at least to scan and keep up with the literature before the class is held.
While I am one of those people who learn best by doing, being able to talk to and/or discuss with bright students is still very helpful and fun to do.
I have posted my presentation below and during the next few weeks hope to write a few columns based on the later slides, of course I have still not written my last two posts I promised on cloud computing, as as usual what I plan to do with this blog and what actually happens continues to diverge.
My Guest Lecture at George Washington University on Cybersecurity
I am finishing up grading final papers for my Syracuse University class on security policy. Each semester I find I learn a great deal from reading the papers and interacting with the students about them.… Brief Thoughts On Security and Other IT Policies