40 posts categorized "Martin McKeay"

March 01, 2013

Security Blogger Award Winners 2013

Well it was an epic Security Blogger Meetup and awards this year. In many ways it was the best one we have had. But nothing is perfect and we are already planning to be bigger, better and more inclusive next year.  In the meantime I know many folks have been waiting to see who the winners of the Social Security Blogger Awards were.  So without further adieu, for the record here are the nominees and winners:

Best Corporate Security Blog

Other nominees:

McAfee Blog: click here

CloudFlare Blog: click here

SecureWorks Blog: click here

Solutionary Minds Blog: click here

Kaspersky Lab Securelist Blog: click here

Veracode Blog: click here

Trend Micro Blog: click here

AND THE WINNER IS:

Naked Security Blog: click here

Best Security Podcast

Other nominees:

Liquidmatrix Security Digest: click here

EuroTrashSecurity: click here

SANS Internet Storm Center: click here

Southern Fried Security: click here

Risky Business: click here

Sophos Security Chet Chat: click here

And the winner is:

Paul Dotcom: click here

The Most Educational Security Blog

Other nominees:

BH Consulting's Security Watch Blog: click here

Security Uncorked Blog: click here

Dr. Kees Leune's Blog: click here

Securosis Blog: click here

Social-Engineer.org Blog: click here

Critical Watch Blog: click here

The Security Skeptic Blog: click here

The New School of Information Security Blog: click here

And the winner is:

Krebs On Security: click here

The Most Entertaining Security Blog

Other nominees:

Packet Pushers Blog: click here

Securosis Blog: click here

Errata Security Blog: click here

Naked Security Blog: click here

Uncommon Sense Security Blog: click here

PSilvas Blog: click here

And the winner is:

J4VV4D's Blog: click here

The Blog That Best Represents The Security Industry

Other nominees:

SpiderLabs Anterior Blog: click here

1 Raindrop Blog: click here

Naked Security Blog: click here

The Firewall (Forbes) Blog: click here

Threat Level (Wired) Blog: click here

Securosis Blog: click here

Michael Peters Blog: click here

And the winner is:

Krebs On Security Blog: click here

The Single Best Blog Post or Podcast Of The Year

Other nominees:

The Epic Hacking of Mat Honan and Our Identity Challenge: click here

Application Security Debt and Application Interest Rates: click here

Why XSS is serious business (and why Tesco needs to pay attention): click here

Levelling up in the real world: click here

Secure Business Growth, Corporate Responsibility with Ben Tomhave: click here

And the winner is:

Meet The Hackers Who Sell Spies The Tools To Crack Your PC (And Get Paid Six-Figure Fees): click here

The Security Bloggers Hall Of Fame

The other nominees are:

Richard Bejtlich

Gunnar Peterson

Naked Security Blog

Wendy Nather

And the winner is:

Jack Daniel

Congratulations to all of the nominees and of course congrats to the winners.  See you next year at the Security Bloggers Meetup. If you did not get an invite this year, be sure to write to info@securitybloggersnetwork.com requesting to add your blog and be on the list!

Special thanks to our sponsors: Qualys, Sourcefire, Akamai, Fortinet, Barracuda Networks and Jeanne Friedman and the RSA Conference!  Also a special shout out to Trainer Communications for helping with the voting as always!

Posted at 08:24 AM in amrit williams, awards and PR, Martin McKeay, RSA, security bloggers network, Security Incite, Weblogs | | TrackBack (0)

January 06, 2012

And The Nominees Are . . .

social security bloggers awards 12No I am not announcing the choices for the Oscars.  Something even better.  It is time to announce the nominees for the 2012 Social Security Bloggers Awards.  Voting will open today and remain open until January 30th.  Of course the winners will be announced live at the 6th annual Security Bloggers Meet up at RSA Conference!

So before we get to our nominees, a word from our sponsors:

sponsors meetup

Actually a few other things to mention first as well:

1. Our judges - The nominees for the Social Security Blogger Awards are made by our blue ribbon panel of judges.  We did not announce their names before hand this year to limit the "lobbying" that they have been subjected to in the past. But now that the nominations are public, they are open to be influenced by food, liquor, baubles or other means.  Seriously a huge thank you to our judges:

Kelly Jackson Higgins

Bill Brenner

Larry Walsh

and special guest judge:

Wendy Nather

2. Eligibility - In years past anyone associated with organizing the bloggers meet up was DQ'ed from being nominated. Frankly that was silly. The fact is that Rich, Martin, Jen and Jeanne (my organizing committee fellow members), don't have a lot to do with the awards.  So the only one not eligible for any awards is me. It isn't fair to keep good blogs and people down.  Also judges could not nominate their own work, but other judges could nominate someone who is judging.  So for instance, Wendy Nather was nominated by another judge unbeknownst to her.

3. New Category - This year we are adding a new category for Security Bloggers Hall of Fame. I will be adding this to the Security Bloggers Network Site after RSA. This category is sort of a lifetime achievement award for security bloggers.  But it doesn't mean they are on their last leg.  This first year we are going to add two bloggers to the Hall of Fame.  In future years we will add one new blogger a year.

4. Who can vote - Again, I did not want to go through the ballot box stuffing that we had a few years back. So only security bloggers and podcasters can vote. If you write on security and have a URL to prove it, you can vote. Me and my election commission members will be going through each vote by hand, so please don't even bother trying to game this. Don't ruin a fun event with bad form.

OK with that out of the way, here are the nominations for the 2012 Social Security Bloggers Awards:

Best Corporate Security Blog:

Fortinet Security Blog http://blog.fortinet.com/

Denim Group http://blog.denimgroup.com/

Trend Micro Cloud Security Blog http://cloudsecurity.trendmicro.com/

Veracode Security Blog http://www.veracode.com/blog/

Kaspersky Lab Blog https://www.securelist.com/en/

Sophos Naked Security Blog http://nakedsecurity.sophos.com/

Best Security Podcast:

Threat Post http://threatpost.com/en_us/podcast

The Network Security Podcast http://netsecpodcast.com/

Eurotrash Security Podcast http://www.eurotrashsecurity.eu/index.php/Main_Page

Pauldotcom http://pauldotcom.com/

Exotic Liability http://www.exoticliability.com/

The Southern Fried Security Podcast http://www.southernfriedsecurity.com/

The Most Educational Security Blog:

Cognitive Dissidents http://blog.cognitivedissidents.com/

Tao Security http://taosecurity.blogspot.com/

F-Secure blog http://www.f-secure.com/weblog/

The New School Security Blog http://newschoolsecurity.com/

AppSecInc Blog http://blog.appsecinc.com/

Evil Bytes/John Sawyer http://www.darkreading.com/blog/archives/evil-bytes/index.html

The Most Entertaining Security Blog:

Rational Survivability http://www.rationalsurvivability.com/blog/

Andrew Hay's Blog http://www.andrewhay.ca/

Uncommon Sense Security/Jack Daniel http://blog.uncommonsensesecurity.com/

New School Of Information Security/Adam Shostack http://newschoolsecurity.com/

Naked Security http://nakedsecurity.sophos.com/

Securosis Blog http://securosis.com/blog

The Blog That Best Represents The Security Industry:

Krebs On Security http://krebsonsecurity.com/

Uncommon Sense Security http://blog.uncommonsensesecurity.com/

SANS Internet Storm Center http://isc.sans.org/

Securosis blog https://securosis.com/blog

The Single Best Blog Post or Podcast Of The Year:

Martin McKeay, Curing the Credit Card Cancer http://www.mckeay.net/2011/11/28/curing-the-credit-card-cancer/

Veracode Blog http://www.veracode.com/blog/2011/08/musings-on-custers-last-stand/

Moxie Marlinspike's ThoughtCrime Labs http://blog.thoughtcrime.org/authenticity-is-broken-in-ssl-but-your-app-ha

Idoneous Security http://idoneous-security.blogspot.com/2011/12/what-your-analyst-wishes-you-knew.html

The First Two Members Of The Security Bloggers Hall Of Fame: (please pick 2)

Adam Shostack (Emergent Chaos, New School of Security)

Brian Krebs (Washington Post, Krebs on Security)

Rich Bejtlich, Tao Security

Chris Hoff, Rational Survivability

Graham Cluley, Naked Security

Bruce Schneier, Schneier On Security

OK, there you have it. Your 2012 Nominees for the Social Security Blogger Awards. You can vote if you like, right now by clicking here

Posted at 10:18 AM in awards and PR, Martin McKeay, rich mogull, security bloggers network, the security industry, tradeshows | | TrackBack (0)

February 18, 2011

2011 Social Security Bloggers Awards Winners

Sorry for being so late, but I caught a mean cold on the plane home (or maybe it was the cold rainy weather in San Fran).  Anyway, the Security Bloggers Meet up was a blast. I think everyone had a great time.  You can check out photos on Facebook here.

Every blog nominated for the finalists was a winner. But as selected by you, here are the 2011 award winners:

Best Corporate Security Blog

Best Security podcast

Most educational security blog

Most entertaining security blog

Security Blog that best represents the industry

The single best security blog post of the year

It was our strongest year ever in terms of the finalists.  Congrats to all of you.  One message for next year:  Keep Blogging!

Posted at 03:12 PM in General Background, Martin McKeay, security bloggers network, Weblogs | | TrackBack (0)

January 18, 2011

Don’t Forget To Vote

Just wanted to put out a reminder that there are less than two weeks left for voting in this years Social Security Blogger Awards. You can vote here:http://www.zoomerang.com/Survey/WEB22BQFS9A3BN/.

Remember you must leave a verifiable email address and blog address in order for your vote to count. From what I am told, our votes this year have already exceed the total number of votes last year. But make your choices known.

Here are the finalists:

Best Corporate Security Blog

Best Security podcast

Most educational security blog

Most entertaining security blog

Security Blog that best represents the industry

The single best security blog post of the year

This may be our strongest slate of finalists ever. Every single nominee is a strong contender. I am sure the races will be close, so every vote counts.  Don’t wait vote now!

Related articles
Enhanced by Zemanta

Posted at 10:24 AM in awards and PR, Chris Hoff, General Background, Martin McKeay, rich mogull, security bloggers network, the security industry, tradeshows, Weblogs | | TrackBack (0)

December 13, 2010

Are Smartphones Killing Blogs? Is reading blogs too hard?

Over the past few months I and others have bemoaned the fact that “not enough people are blogging regularly anymore”, especially on security.  Some have blamed Twitter.  Yes, it is quick and fast to just put your thoughts into 140 characters and be done with it, rather than actually dive into a subject.  My friend Martin McKeay is a perfect example. He tweets all day, commenting on everything and anything. I am sure less tweets would mean more blogs in his case. I am no better. I blog and podcast all over the place and sometimes find nothing left to say here at ashimmy.com. 

But I personally have always thought there was another culprit. For me blogging was often in response to other blogs I read.  When I used the NewsGator web based reader and stood in front of my laptop most of the time, I was devouring blogs voraciously. Then NewsGator phased out its web browser. I switched to Google Reader.  It took me a really long time to get used to Google Reader. Fact is I never really liked it and found reading blogs in Reader just not fun. 

On top of the reader issue, I started interacting on the net more and more via my phone rather than my laptop. Since I use an iPhone, it is just painful to type anything for me.  The 140 character limit of Twitter is a lot easier than actually trying to compose something on a phone. Sometimes I will make a note to write a full post later, but more often than not I never get to it.

Worse on the iPhone is reading blogs. I have the NewsGator mobile reader but never use it. I just find the screen too small to do any serious reading.  Today I saw a tweet from Jack Daniel. Jack said:

@jack_daniel Unintended consequence of Evo, I'm actually regularly reading blogs again. Google Reader, big screen, I can keep up.

Maybe that is the answer. Maybe as we move to tablets and bigger screens, reading blogs will be easy again. Once reading blogs are easy, responding to blog posts with comments and other blogs will pick up too. 

That would make me really happy. I love the blog format. I tend to think of Twitter as just a lead in for the blog.  Would love to start reading and writing more security blogs. How about you?

Posted at 09:28 AM in General Background, Martin McKeay, Weblogs | | TrackBack (0)

May 20, 2010

Are Press Releases Worse Than Useless?

Well it looks like Rich’s article and mine have reinvigorated some of the security bloggers out there. At least for the time being anyway. One of my favorites (and by his own admission one of the oldest, I mean longest blogging) Martin McKeay has been blogging up a storm.

Martin blogged today about press releases. Like Martin I receive a decent amount of press releases every day too. I assume it has to do with writing in Network World. Also like Martin I usually take a quick look and hit the delete button on most press releases. 

Today Martin posted what he considered a press release that may be of interest to the security community, but not interesting enough for him to blog. His rational is some of the “professional blogs” he reads write a line or two and then post the press release as post. 

First of all Martin, what makes you think your not writing a professional blog? I think yours is probably better than many of the so called pros (what is a professional blog anyway?) Secondly, are press releases even relevant? With today’s social media  at their disposal, it just seems like such a 1995 way of getting the word out. Maybe if I was looking for a newspaper or something to publish it, I would send out my press release. Lastly, there are already enough places that republish (or regurgitate) these releases without giving them valuable real estate on your own blog, especially if they are not worthy of you blogging on it.

I don’t know but when I see these press releases being distributed to the press list, I feel like some PR company is just going through the motions. I would rather get a power point or something else to sink my teeth into.

Let me be clear, I am not advocating to stop putting out press releases. But the blind distribution list just screams old school to me. There has to be a better way to influence the influencers and get your story out. 

So Martin I would use the space on your blog to blog, not regurgitate someone else’s press release. Otherwise you are no better than some of those “professional blogs” you read.

Related articles by Zemanta
Reblog this post [with Zemanta]

Posted at 08:33 PM in awards and PR, Martin McKeay, security bloggers network, Weblogs | | TrackBack (0)

April 20, 2010

When humanity gets in the way of privacy and compliance

I am as big a supporter of privacy rights of others as anyone else (except maybe for Martin McKeay). I understand the need to protect our confidential information. In the health care field, people are entitled to their confidentiality for sure. But I cannot stand when it is used as an excuse to run an inhuman factory, when health care professionals hide behind it to increase their efficiencies and billing.

So what has me so upset? My wife had to undergo a minor medical procedure today. She was going to be under anesthesia. She went in at 8 and was going to under for an hour or two. The procedure was done at an outpatient surgery center in Delrey Beach.

I should have known what I was dealing with when I brought her in this morning. They would not let me walk with her past the waiting room.  In the past I have stayed with family members until they were put under or taken from the dressing/recovery room into the operating room.

I returned an hour early to wait for my wife and was told the doctor had come out to talk to me but that he was too busy now to speak. I asked if I could go sit with my wife until she was ready to go. I was told that “privacy and confidentiality” regulations prevented them from letting me into the recovery area.

Instead they asked me to pull my car around the side of the building where they discharge patients and she would be brought out when ready.

Guys we are not talking about picking up the frigging dog at the vet here. What has this country come to? If they designed their recovery room correctly I didn’t have to see anyone else or their confidential information. 

This was just a convenient excuse by this surgery center to not have to deal with patients and their relatives. This way they just ship the groggy patient out the side door with out any mess or fuss.

It is too much to ask to design a recovery room where a patient can be surrounded by loved ones. Where someone can speak to a doctor and find out what is going on?

I know health care is very politically charged topic right now. But we would do well to remember to keep the humanity in health care, rather than become some Orwellian monstrosity.

Related articles by Zemanta
Reblog this post [with Zemanta]

Posted at 02:23 PM in family, General Background, Martin McKeay | | TrackBack (0)

February 20, 2010

The road to perdition is paved with good intentions

cptprivacy So Captain Privacy, my friend Martin McKeay has reacted with the expected outrage over the disclosure that a school district in Pennsylvania had installed “spying” software (not spyware mind you, spying software) on some school issued laptops. I won’t bore us all with a recap of what the Lower Merion School District did. You can read the summaries of it here and here, if you  have not already heard the facts.

Let me start off by saying using the spying software for any thing other than the legitimate use of tracking down a stolen or lost laptop is wrong! If anyone were to do that, especially without notice to an innocent party, let alone a minor, they are guilty of abuse of power.

But before we go off and castrate the school officials involved and as Martin says those “. . . who instigated and ran this program need to lose their jobs; they obviously don’t have enough of a moral compass to understand the difference between right and wrong and have no right to be working with children and teaching the next generation.”

The people who thought of installing this software may not even be the people who used it. It was a perfectly reasonable assumption they made in any event. In case the laptops were stolen or lost, wouldn’t it be great to be able to find out where they are. 

The idea of “spying” on kids when the laptops weren’t stolen was probably just not given a lot of thought. As one of the first school districts to give out laptops to all the children, there was no “book” for them to follow. They were kind of making it up as they went.

Yes this program left open the possibility of abuse in the wrong hands. We would think that school officials would be sensitive to the rights and privacy of minors. We also trust police officers not to violate the rights of the criminals. We trust soldiers not to torture POWs. Sometimes that trust is misplaced. Sometimes people disappoint us when we have trusted them.

The thing about this case though is that much of Martin’s hand wringing is over what could have happened. Only one incident of what did happen. Do we now live in the world of the “Minority Report”, where the thought police are going to prosecute people over their thoughts or worse yet over “what could have happened”.

As much as I don’t want to give up my privacy, I don’t want any thought police or prosecutions over what could have been.  Martin and the mob has jumped to worst case scenarios without knowing who these people are, what safeguards may have been in place or anything else.

At the end of the day, anti-theft measures for school owned property is a good thing. This program did not seem to have the proper checks and balances in place to prevent any potential abuse which might have, but did not necessarily occur.

Other school districts should learn from it, but should not be dissuaded from handing out laptops to kids or installing anti-theft technology. I am glad Martin’s kids don’t need to take any computers home. But I assure you that there are millions of kids in the country who do!

Related articles by Zemanta

Reblog this post [with Zemanta]

Posted at 03:19 PM in Current Affairs, education, Martin McKeay | | TrackBack (0)

December 08, 2009

RB @McKeay Start planning early for a good party! << Be there!

bloggers meet up RB is my own twitter-esque  slang for ReBlog. Ok I was trying to be cool. But forget it, sometimes the harder you try the more un-cool you are. Anyway the point is, as Martin’s post announces, let the good times roll! The Security Bloggers Meet up @ RSA 2010 is officially on.  The first rounds of invites have been sent out and many have already RSVP’ed. If you are a member of the Security Bloggers Network, you are entitled to an invite. If you did not get one you can write me at ashimmy(@)ashimmy dot com which I will forward to Jennifer Leggio or you can email Jennifer directly.

As Martin details with sometimes fuzzy memory the annual Security Bloggers bash has certainly grown over the years.  It is no small task putting on this event anymore. The credit has to go to the organizing committee. Jennifer, Martin, RIch Mogull, Jeanne Friedman, Sonya Caprio and myself start working on the next years event literally before the present one is over.  But it is worth it. Each year the meet up is bigger, better and more fun.  We have learned a lesson from past years events though.  This year we are limiting the guest count to 150 people. This way the venue (and keep it secret) is not too overcrowded and our sponsors only put up a small kings ransom.  So if you have an invite better RSVP soon. If you deserve an invite and want one, reach out to us right away. We anticipate that we will fill up quickly.

Yes RSA is early March this year. If you have not already made your plans, I suggest you get on the stick. When I finalized my hotel and air fare a few weeks back there were still some good deals.

Finally as Martin also posted on the RSA Conference site, we are doing something a little different with the Social Security Blogger Awards this year. I will be posting on the RSA Conference site with all of the details in the next day or two.  In the meantime we are looking for a new sponsor for the award winners. Last year I think we gave away USB hard drives. Any decent techie kind of gift would do.If you or your company are interested drop me a line or leave a comment.  More on the awards shortly.

Posted at 02:52 PM in awards and PR, Food and Drink, links and appearances, Martin McKeay, security bloggers network, the security industry, tradeshows | | TrackBack (0)

May 07, 2009

Social Security Blogger awards video

As I wrote about earlier this was the first year of the Social Security Blogger Awards. Rich Mogull did a great job lining up a blue-ribbon panel of judges and I think the winners of the awards were very deserving.  You can see the complete list of winners and the full video on the RSA conference blog here.  But here is just part 1 of the video with Rich, Martin and then me:

This first years awards were a learning experience in many ways. I hope that we can take the lessons learned and improve for next year!

Posted at 12:12 AM in awards and PR, Martin McKeay, rich mogull, security bloggers network | | TrackBack (0)

Next »
My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search


Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Blog powered by TypePad
Member since 10/2005

About