Category Archives: Privacy

Incident Response Plans for our Careers?

At the recent “Security Summer Camp” in Vegas I got to chatting with a guy who was employed as an intermediate-level security analyst. As we discussed our backgrounds he reluctantly disclosed that he had been a former Info Sec executive. Doing my best to not pry I hinted about why an Exec chose to be an analyst fully expecting to hear that he missed having a technical role, something I struggle with frequently.

His story, however, had nothing to do with a need to return to the trenches. He had been responsible for security at a company that had a semi-famous breach. As he explained it, once his name had been tarnished by the breach he could not find anyone to take a chance on him. He referred to himself as “damaged goods.”

As a sad piece of short-sighted irony, after talking to him I can tell you there is no one who has thought more about breach prevention than he had. His perseverating on the incident in the months following gave him a remarkable insight that any organization with digital assets to protect could benefit from.

After we parted and went our separate ways it occurred to me that while we work hard to create incident response plans for our organizations we do little about an IR plan for our career should an incident leave our names tarnished.

While a termination may not necessarily constitute an incident, the weeks following this person’s termination clearly met the criteria. His initial assessment of the damage to his career was dire. He was losing LinkedIn contacts daily and his calls to his peers were not being returned. He had never planned for such an event and the incident and termination left him too beaten down to take much action. In essence, he had failed to have an incident response plan for his career.

Feeling isolated and shunned, he wanted to reach out to key contacts. However, with the intensity of building his career he failed to form friendships within the profession and had certainly never discussed this type of situation with any colleagues. In essence, he had failed to create his incident response team.

The interaction left me wondering- in Info Sec are we too quick to label someone as damaged goods once their organization has been breached? While we put plans in place to respond to reputational damage to our organizations do we also need plans for our own reputations? In this post-Google world should we think of ourselves more as brands than a workforce pool?

The story you have just read is mostly true. Some details were changed to protect the innocent.



Being in Cyber Security is a lot like being a goalie in soccer- no one remembers all of the attacks you blocked but they never forget the one you missed.

Apple’s New (and Unannounced!) Move Towards Improved Privacy

This week Apple made an historic move towards improved privacy for users of its mobile devices. The problem is that few know they did it and even fewer understand what it is they did.

We’ve all heard by now of the concerns on government spying and our mobile carrier’s ability to track out whereabouts by triangulating our cell phone signals. However, very few people know about the simple way our mobile devices betray our trust every day.Apple Logo

You see, every device on a network has a unique “name” called a Media Access Control address also known as a MAC address. Your phone, tablet and any other device with Wi-Fi enabled has one and isn’t shy about it. While you may not be aware of it these devices are always shouting out “Hey all you access points, I’m looking to connect! My name is <MAC address>.” This is how your devices automatically connect to known wireless networks.

Like many convenient features in computing, this one has been used by some organizations to track people’s devices with neither their knowledge nor their permission. (Click here for a great article on the situation and some legal action taking place in San Francisco). What is happening is there are now companies writing software that when your device beacons out “I’m here and my name is <MAC Address>” the software will record your visit and look for patterns of consumer behavior. While they claim not to make any effort to identify the owner they do record the device’s visits.

Apple, with very little fanfare or press releases has added a new feature to iOS 8 that will send out randomized MAC addresses when the Apple device beacons essentially defeating any software that is tracking the device via the MAC address. What that means is that the tracking software used to data mine your visits and movements will be flooded with random MAC addresses!

For more information on your Online Privacy visit the Electronic Frontier Foundation’s website at

If you liked this blog entry please click one of the social media buttons below.