Barcode Hacking

Posted January 13th, 2010 by

A little presentation I did for NoVA Hackers.  Basic intent was to be more workshop than something more formal and to give everybody the tools to do their own experimentation at home.

I even inspired Jack to write a blog post.

Caveat: this has nothing to do with FISMA or Government InfoSec.  =)

Links in the Presentation:

Links of interest:

Similar Posts:

Posted in Hack the Planet, Speaking, Technical | 6 Comments »

Building A Modern Security Policy For Social Media and Government

Posted December 13th, 2009 by

A small presentation Dan Philpott and I put together for Potomac Forum about getting sane social media policy out of your security staff. I also recommend reading something I put out a couple of months ago about Social Media Threats and Web 2.0.

Similar Posts:

Posted in FISMA, NIST, Outsourcing, Risk Management, Speaking | 4 Comments »

DojoCon 2009 Presentation

Posted November 7th, 2009 by

For those of you who didn’t know the real purpose of DojoCon, it was to raise money and awareness for Hackers for Charity. If you like anything that is in this post, go to HFC and make a donation of time, equipment, tech support, and maybe money. If you’ve never heard of HFC because you’re not one of the “InfoSec Cool Kids”, now is your chance–go read about them.

The video of my dojocon presentation. The microphone was off for the first couple of minutes but I look pretty animated.

And then the compliance panel that I tried not to dominate:

And finally, my slides are up on slideshare:

Similar Posts:

Posted in FISMA, Speaking | 6 Comments »

Massively Scaled Security Solutions for Massively Scaled IT

Posted October 16th, 2009 by

My presentation slides from Sector 2009.  This was a really fun conference, the Ontario people are really, really nice.

Presentation Abstract:

The US Federal Government is the world’s largest consumer of IT products and, by extension, one of the largest consumers of IT security products and services. This talk covers some of the problems with security on such a massive scale; how and why some technical, operational, and managerial solutions are working or not working; and how these lessons can be applied to smaller-scale security environments.

Similar Posts:

Posted in FISMA, NIST, Public Policy, Speaking, The Guerilla CISO, What Works | No Comments »

I’m on the OWASP Podcast

Posted October 1st, 2009 by

I sat down with Jim Manico a month or so ago when he was in DC and recorded a podcast for the OWASP Podcast.  It’s now live, check it out.

Similar Posts:

Posted in FISMA, NIST, Public Policy, Rants, Speaking, The Guerilla CISO | No Comments »

Where is Rybolov?

Posted September 21st, 2009 by

Been busy lately.  This is a quick rundown on where I’ll be over the next couple of months so you can stalk me.

  • October 5-7: SecTor, Toronto, ON, Canada.  I’ll be talking about “Massively Scaled Security Solutions for Massively Scaled IT” which an allusion to the size of the US Federal Government IT budget and techniques that they use to manage it.  The Rybolov Layered Information Security Management Model seen here earlier weighs heavily into the presentation, as does a ton of other ideas trying to get people to understand that hazy information security management area above the enterprise.
  • November 6-7: DojoCon, Laurel, MD.  I’ll be talking about the “Current State of Compliance” which somewhere along the lines has a punchline of “It’s going to happen anyway, might as well drive the bus instead of being under the bus”.  There is also a compliance panel following my talk and I’ll be on it with Cyberhiker and Dan Philpott.
  • November 10-14: AppSec DC, Washington, DC.  I’ll be running amok making part of the conference work.  I’m not speaking at this one which is a good thing because, well, everytime I start talking web apps and security it takes me back to all the bad code I wrote in the late 90’s.  But hey, didn’t we all?

So in between preparing slides, running amok as a volunteer, and the usual work-life imbalance, I haven’t had much free time lately to add to the blog.  Plenty of ideas and blog fodder are floating around inside my head.  After the conventions I’ll put up my materials for the rest of the world to pick on.

Similar Posts:

Posted in Speaking, The Guerilla CISO | 5 Comments »

« Previous Entries Next Entries »

Visitor Geolocationing Widget: