by mfisch | Dec 11, 2018 | Consumerization of IT, Information Security
Is the (PSTN) phone system a dead man walking? So in the last day I’ve talked to colleagues one-on-one on Slack, I’ve had meetings with customers using Google Hangouts, talked to some friends and family via WhatsApp — and I’ve had several junk calls come into my... by mfisch | Sep 25, 2018 | Information Security
The last two years I’ve been intently focused launching FortMesa to solve what I think is a civilization-level risk: Cyber Security. I’ve got plenty of product messaging out there, but some people have asked me to talk more specifically about the mission.... by mfisch | Jan 26, 2018 | Information Security
Today I learned NIST no longer admits cell phone SMS authentication is horribly insecure. NIST SP800-63B Published June 2017 refutes earlier guidance to avoid SMS authentication because security. #fedslovesms Tweets by mfisch | Jun 9, 2017 | Cloud Ascension, Consumerization of IT, Information Security
Last week I was lucky to have squeezed an early sample of the Samsung Chromebook Pro out of my distributor for evaluation. This is not a review of the device but of how a device like this one, equipped with the ChromeOS stack might fit into the enterprise. Seek... by mfisch | Apr 25, 2017 | Information Security
A couple of months ago I reported a chained vector vulnerability which affected a corner case 2-Factor bug to Facebook. While their security department utilizes the same anonymous ticketing system their consumer support department I found the encounter professional... by mfisch | Apr 28, 2016 | Information Security
How I Passed the CISSP in Two Weeks So it’s been on my mind a while, okay, maybe a long while. What’s a certification I can take that will provide assurance to my clients and not be a complete waste of time or lock me into a fixed mind set dependent on a...