tag:blogger.com,1999:blog-4088979.post2431708208791798782..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: My Security Strategy: The "Third Way"Richard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-4088979.post-24015141041670953302015-08-07T10:36:29.921-04:002015-08-07T10:36:29.921-04:00Thanks for your comment. I haven't checked my ...Thanks for your comment. I haven't checked my breach - intrusion definitions against anything already out there, yet.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-16650496869177585512015-08-06T13:59:42.954-04:002015-08-06T13:59:42.954-04:00I enjoyed your talk on Tuesday and read this blog ...I enjoyed your talk on Tuesday and read this blog entry while following up on some notes. You assert definitions for intrusion and breach here. Are those based on some external standard, just asserted for the sake of the article, or are you trying to sneakily fool us all into accepting them moving forward? If it is the latter, I am totally on board and will sign up right away. We could use some definitions of many of the terms we float around so loosely. "Breach" has been especially abused in British English where it is attached to the most insignificant event. "Yes I wanted to follow up about the spellcheck breach". I like your definitions and will happily sign up, but I just wanted to confirm they are yours.<br />If successful, I'll try your approach to creating a definition for "cyber" next.Perullohttps://www.blogger.com/profile/14675807551314280514noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-8898565648586359922015-07-07T11:48:25.308-04:002015-07-07T11:48:25.308-04:00I want to print this out and leave a copy on my CI...I want to print this out and leave a copy on my CISO's desk.Ryan G.noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-54829293131634941902015-06-30T15:45:58.148-04:002015-06-30T15:45:58.148-04:00I'm not sure the hearings had an audience that...I'm not sure the hearings had an audience that would have been receptive to the prevention vs. detection and response debate. "secure your network" is generic enough to include both types of solutions, as well as the relevant personnel.<br /><br />In any case the part that has me cringing is the consolidation of intelligence agencies' records into an infrastructure that clearly was not designed or funded to keep them safe. There was apparently some push back against this initiative, someone just made the wrong decision.Sylvain Gilhttp://www.exabeam.com/noreply@blogger.com