Previous month:
April 2012
Next month:
June 2012

May 2012

Security Awareness Sticker Program: Creative Behavior Change

The SANS Securing The Human Program has launched a Security Awareness Sticker Challenge.  Participation is simple: create a sticker that conveys a key security awareness message and submit it to community@securingthehuman.org by the Friday, 15 June. If your sticker idea "sticks" you can win a cool shirt.

Details of participation can be found here. Basically, send an idea for a sticker that imparts a security message or suggests a behavior change. The folks at SANS Securing the Human Program will post all the ideas to stimulate even more ideas and also to make all the ideas available for any community member to use or remix.

You don't have to be a cartoonist or have any graphic arts skills (that's key because I have no such skillz). The sticker should be able to convey the security message without explanation. For fun, I found a cartoon at Flickr posted by AJC1 under a Creative Commons license. Here's my remix:

Secawarness

 


Book Review: Counting to Zero

Counting to Zero (Kindle, paperback) is another of my recent reads in the security suspense genre. Like The Alexandria Project, the plot of Alan Johnston's novel is built around a malware threat. Alan spins his plot around a zero-day attack that his protaganist, Mick O'Malley, is uniquely positioned (both in terms of having the talent and opportunity) to prevent.

Alan's Mick O'Malley is a very interesting character. A blend of engaging nerd and savant, Mick has the tech savvy and hacking skills you expect in a cyber hero, but he's not so embedded in cyberspace that he isn't equally able to think fast in the real world, even in the heat of a chase (a nerd with motorcycle mechanic and crazy riding skillz no less). He even lands himself in a relationship with an attractive female Romanian firewall expert as he pits his skills against his adversaries.

Johnston incorporates blog posts and email exchanges by Mick O'Malley to expose non-technical readers to technical jargon: keylogging, botnets, encrypted (PGP) email and more are inserted in most chapters to demystify the dialog and the plot as it unfolds. These are distinguished using Courier font (of course). Some of these will seem too fundamental to security professionals or practitioners but I suspect it works well for non tech readers. 

The plot works well and the suspense builds nicely to conclusion. Counting to Zero is a fun read, with a fun protaganist. I finished the book looking forward to seeing more adventures with Mick O'Malley in the future.

Disclosure: I know Alan Johnston well yet we have never met. We co-authored  Understanding Voice over IP Security. I was hesitant to publish a review at first but then I realized that I'm not getting any compensation, I enjoyed the book, I hope you will, too.