Infosec Reading List – December 2021
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Best of Twitterverse
- 3 part series about securing the digital identity:
- If You’re Not Doing Continuous Asset Management You’re Not Doing Security – I agree with most of the points, however, I doubt that just “hiring a full time resource” is the right approach for all organizations – the need to adhere to solid asset management processes needs to be pushed and lived from the top, especially within IT/tech organizations, since it affects various teams (e.g. engineering, operations etc.) – link
- Want to Build Better Leaders? Focus on Mindset, Skills, Knowledge – link
- Swiss Firm Executive Operates Secret Surveillance Operation, Sources Say – link
- Inside Ireland’s Public Healthcare Ransomware Scare – link
- Connect with Empathy, But Lead with Compassion – link
- The human toll of log4j maintenance – interesting, theoretic approach “The team then sends a quote for the fix (to be made open source, of course), for $50,000. That’s peanuts to Alibaba. Their market cap alone is nearly 7 million times that quote. They stand to lose untold amounts of money with a vulnerability like Log4Shell.” – link
- CISO: Archeologist, Historian or Explorer? – link