Security Musings

Security Musings

Welcome to the Security Musings on sans.edu. I'm Stephen Northcutt and like many of you I am a manager and leader with an information technology job. At the SANS Technology Institute, we are always striving to become more skilled and knowledgeable in computer security as well as the people side of the job. These security musings are an informal set of articles, book reviews and whitepapers, almost a blog, about security, information technology, and the computer security industry. As we learn more, ponder issues and research content for SANS Management 512, Security Leadership Essentials and the GIAC Security Certification, we will continue to add to this site. Our hope is for this to be a resource for the community and we would love to hear from you. Feel free to drop us a note at stephen@sans.edu.

Click here to subscribe to the Security Musings Article Feed


Information Security Travel Guide

View this series only

Stephen Northcutt, an Information Security Researcher, United Airlines 1k, Writer and Instructor, documents the struggles of the travel and hospitality industries as we all face continually increasing energy costs. He and his peers share their travel experiences and give you quick tips and short reviews of the companies they do business with as they travel. If you came across this article because of a Google search, what you want is probably here, just use find with your browser (CTRL - F), it is easier than reading from top to bottom; however, you may get some useful tips if you stick around and read. Each major cluster of trips is documented in a separate file.

Information Security Travel Guide Edition 22

By Stephen Northcutt

Welcome to Edition 22 of the Infosec Travel Guide Journal. Kathy and I have looked at our calendar for the second half of 2012 and it looks like a lot of travel, a lot of work. We will be faithful to journal our experiences, the restaurants we visit, any insights in information security. At this point we have done a lot of writing and it may be hard to find things, here is a suggestion. If you are going to San Diego and want to know about restaurants we have been to, if you type "site:sans.edu san diego" it should bring up previous editions.

View Article

Information Security Travel Guide Edition 21

By Stephen Northcutt

For several years Stephen Northcutt has been documenting business (and a small amount of personal) travel as he works as a researcher of security management. He has blogged through the United bankruptcy, the great recession, the recovery with its fits and starts and documents the way travel keeps getting harder while at the same time more expensive. From time to time he will have a travel tip to share. We welcome you to this edition of the Infosec Travel Guide by Stephen Northcutt Google

View Article

Information Security Travel Guide Edition 20 - Stephen Northcutt

By Stephen Northcutt

For several years Stephen Northcutt has been documenting business (and a small amount of personal) travel as he works as a researcher of security management. He has blogged through the United bankruptcy, the great recession, the recovery with its fits and starts and documents the way travel keeps getting harder while at the same time more expensive. From time to time he will have a travel tip to share. We welcome you to this edition of the Infosec Travel Guide.

View Article

United Airlines News

By Stephen Northcutt

Stephen Northcutt, a United 1k traveler, collects pertinent news and blog items about airlines, especially United Airlines. We will keep you up to date on news, problems and other stories related to airline travel. Might even toss in a personal experience or two.

View Article

Information Security Travel Guide Edition 19 - Stephen Northcutt

By Stephen Northcutt

In this edition of the information security travel guide, Stephen and Kathy head to Washington DC for the SANS IPv6 Summit, SANSFIRE 2011 and 2 days of strategic planning for SANS in Bethesda; to Kauai for a week of working vacation; back to the mainland to teach for 8 days at Boston 2011 and then make a visit to Eaton Rapids, MI to teach a 1 day Mgt512 Executive class; finally, back home to Seattle for a short break before heading to SANS Virginia Beach 2011. Things get quite scrambled for our conference in Virginia Beach due to an unwelcome visit from Hurricane Irene, but thank goodness for our great staff and students, everyone got home safely - many with a few stories to tell. Next up, SANS Network Security 2011 in Vegas where we have a big crowd. Plans to return home to Seattle go sideways due to a flood in our house, so we work from Kauai until the next long trip which takes us to Washington DC, Richmond, Seattle, Philadelphia, and back to Richmond.

View Article

View Archives

Information Security Travel Guide Edition 17 - Stephen Northcutt - Nov 6th, 2010

By: Stephen Northcutt

In this edition of the information security travel guide, Stephen and Kathy will head to Richmond Virginia and then to San Diego for SANS Security West 2010 with a return to Kauai. Then back to Richmond for the Chicago concert, up to Baltimore and a trip to Palm Springs after SANSFIRE 2010, back to Kauai for a couple of weeks, then on to Seattle, Boston, Richmond, Branson, Pittsburgh, Dayton, Seattle, Virginia Beach, Kauai, Atlanta, Las Vegas, Seattle and more. We will talk about the latest airline add-on fees, the impact of an improving economy putting more people in airports, the restaurants and hotels that we meet and, of course, a bit about information security.

View Article

Information Security Travel Guide Edition 16 - Stephen Northcutt - Apr 27th, 2010

By: Stephen Northcutt

Thank you for joining us; this edition will cover Kauai, Richmond Virginia, Germany, Orlando Florida, Jamaica and the airports and airlines required to get from one point to the other. Finally we spend a couple of weeks on Kauai.

View Article

Information Security Travel Guide Edition 15 - Stephen Northcutt - Feb 23rd, 2010

By: Stephen Northcutt

In edition 15 of the information security tour guide we begin in Poipu Kauai, we will be attending the HICSS conference, then off island to New Orleans for SANS Security East 2010, and then on to Curacao and back to Richmond VA, and finally back to Kauai. We will document the hotels and restaurants we visit. We will also detail the struggles of travel after the Nigerian Islamic terrorist, Umar Farouk Abdulmutallab, tried to blow up a plane headed for Detroit on Christmas day. We will talk about information security, food, and similar things as well.

View Article

Information Security Travel Guide Edition 14 - Stephen Northcutt - Dec 10th, 2009

By: Stephen Northcutt

Stephen and Kathy Northcutt, your faithful infosec tour guides will be headed for a college business meeting in Bethesda Maryland. down to Richmond VA, off to London for SANS London 09, back to Richmond, then up to Washington DC for our Cyber Defense Initiative conference. Along the way we will talk about the joys and difficulties of travel since the Great Recession has caused so many amenities to be removed; we will also mention the restaurants and hotels we visit, maybe throw in a recipe or two; and, of course, a security tip here and there. At least, that is the plan for Edition 14 of the Information Security Tour Guide.

View Article

Information Security Travel Guide Edition 13 - Stephen Northcutt - Nov 21st, 2009

By: Stephen Northcutt

Stephen and Kathy Northcutt, your faithful security travel guides, will leave Kauai for New York City and a tour of Israel. We will talk about prepping to go, flying ultralights on Kauai with Big Sky Kauai, getting our new HP Minis set up; we will cover the places we go, what we learn, and any food we get to eat, and, of course, find a way to mention security along the way!

View Article

Information Security Travel Guide Edition 12 - Stephen Northcutt - Oct 5th, 2009

By: Stephen Northcutt

We will talk about security, safety, travel experience, and of course, restaurants. In this edition, Stephen documents his travels, beginning home on Kauai in preparation for a trip to Boston, Greece, VA Beach and SANS Network Security 2009 in San Diego.We end with a trip to the Navy lab where it all started, NSWC Dahlgren.

View Article

Information Security Travel Guide Edition 11 - Stephen Northcutt - Jul 25th, 2009

By: Stephen Northcutt

Stephen Northcutt, your infosec travel guide, begins edition 11 on Kauai. His next travels are Richmond VA/San Antonio TX for an onsite, then a couple weeks on Kauai and off to Baltimore MD for #sansfire09. And then down to Southern Florida for the sfissa.org conference. Finally after a week on Kauai, he is off to Denver, Tokyo, and back to San Antonio. Along the way, he will try to share about information security, a bit about the potential pandemic and any travel news that comes his way.

View Article

Information Security Travel Guide Edition 10 - Stephen Northcutt - Apr 28th, 2009

By: Stephen Northcutt

Stephen Northcutt, your Security Tour Guide, is preparing for his next trip, it will include a log management conference in Washington DC, some family time in Richmond VA, teaching at Tysons Corner conference, and then off to San Francisco for RSA 2009, before returning to Kauai.

View Article

Information Security Travel Guide Edition 9, Kauai to Frederick MD, Phoenix AZ, and back to Kauai - Mar 31st, 2009

By: Stephen Northcutt

I'm gearing up for travel to Fort Detrick near Frederick Maryland to teach Management 512 SANS Security Leadership Essentials. A big focus of the trip will be to prepare them for their 8570 GIAC GSLC exams. From there I'll head to Phoenix Arizona for a SANS conference. This edition will cover information security topics, travel tips, a word or two about restaurants and musings on life in general. Also, if you have time, please take a look at my United Airlines blog as well.

View Article

Information Security Travel Guide: February-March 2009, Kauai to Orlando, FL - Mar 10th, 2009

By: Stephen Northcutt

Stephen is preparing to go to Orlando for SANS2009, but he gets a chance to be home on Kauai for a few days before flying and take a look at what's happening in the world of information security, Facebook Google ad scams, and current affairs.

View Article

Information Security Travel Guide: January - February 2009, Kauai to Las Vegas NV, Richmond VA,Toronto ONT, and San Diego CA - Feb 18th, 2009

By: Stephen Northcutt

Stephen spent some time at home on Kauai during the holidays before their current trip to SANS Security West 2009 in Las Vegas. He was able to visit with family as well as catch up on recent information security news blogs and alerts.

View Article

Information Security Travel Guide: November - December 2008, Kauai to Italy, Washington DC and Richmond VA - Dec 27th, 2008

By: Stephen Northcutt

Stephen spent some time before their trip to Italy, London and beyond, to get caught up on all the latest information security courses, blogs and alerts, and he shares some recent trends in the airline industry that are important to frequent and casual travelers alike. And then, they are off and running in Italy, discovering historical sites, wonderful food, and breathtaking art; Stephen also has some great travel tips to share about getting around in Italy.

View Article

Information Security Travel Guide: October 2008, Kauai to Monterey CA and Richmond VA - Nov 11th, 2008

By: Stephen Northcutt

A two week trip to Monterey, CA and Richmond, VA has commenced for this instructor, and there are a lot of stories to discuss about information security, travel, airlines, and the hospitality industry.

View Article

Things to See, Do, Absorb on Kauai - Mar 19th, 2013

By: Stephen and Kathy Northcutt

A personalized guide for special things to do on Kauai, from former residents Stephen and Kathy Northcutt. Many of the best things to do in the Hawaiian islands are for free, and when you visit Kauai, we would love to have you enjoy this lovely island as much as we do. We offer you our take on great places to drive, hike, swim, eat, and kick back.

View Article

Information Security Travel Guide: October 2008, Kauai to Houston - Oct 22nd, 2008

By: Stephen Northcutt

Stephen spends some time before his trip to Houston to offer some findings from his internet searches on airlines, travel experiences and information security. Then, safely booked at a hotel in the Galleria area, he shares some of the ups and downs of running a small MGT512 class at the Hilton Garden Inn, Galleria area.

View Article

Information Security Travel Guide: September 2008, Kauai to Las Vegas - Oct 8th, 2008

By: Stephen Northcutt

We will talk about security, safety, travel experience, and of course, restaurants. In this edition, Stephen documents his travels, beginning home on Kauai in preparation for a trip to Las Vegas and SANS Network Security 2008.

View Article

United 1K News Archive 2010 (through Q3) - Jan 27th, 2011

By: Stephen Northcutt

Postings by very frequent traveler Stephen Northcutt about travel, in general, with a strong focus on United Airlines; an archive of activity for the first 3 quarters of 2010.

View Article

Information Security Travel Guide: August-September 2008, Boston, Richmond, Virginia Beach, Chicago, Branson - Sep 23rd, 2008

By: Stephen Northcutt

In this edition, Stephen documents his travels, including Boston, Fredericksburg Virginia, Virginia Beach, Richmond Virginia, Chicago, Branson MO and Chesterfield Virginia, including restaurants and products encountered. Lots of people say they want to travel; Kathy and Stephen are living the dream, working their way with writing and teaching across this nation and the world.

View Article

United 1K News Archive 2008-09 - Jan 27th, 2011

By: Stephen Northcutt

Postings by very frequent traveler Stephen Northcutt about travel, in general, with a strong focus on United Airlines; an archive of activity in 2008 and 2009.

View Article

Information Security Travel Guide: Tips for Traveling - Sep 11th, 2010

By: Stephen Northcutt

One of the readers of the SANS Information Security Travel Guide asked me to put all the travel tips in one place, so here is a consolidation of tips from my travel experiences and research.

View Article

Information Security Travel Guide: July 2008, Quantico, Atlanta and Washington DC - Oct 23rd, 2008

By: Stephen Northcutt

A three week trip to Quantico, VA, Atlanta, GA, and Washington, D.C. provides this instructor with a wide range of travel and hospitality experiences. Hopefully you can glean some useful tips in this travel diary from a very frequent flier.

View Article

Market Investment Strategies for Busy People

View this series only

I have been investing for over 41 years, so at least I know a few things not to do. With this series I'd like to share my thoughts on market investment strategies, and I would welcome hearing about your personal investment experiences, so please write to stephen@sans.edu.

A Fundamental Strategy for Investing

By Stephen Northcutt

What I am suggesting here is that financial independence doesn't happen overnight, but it can begin with lots of research and reasoned investments.

View Article

A Real World Example of the Investment Strategies

By Stephen Northcutt

This will be my 2012 diary of my trading decisions and activities based on the investment strategies I've been developing; it's a snapshot look at the real trades and orders I've placed recently, trying my best to act within my basic concepts. The wonderful news is we have a lot of "market chop" between the negative factors, ( the politicians of the world and the USA in particular are irresponsible and in the USA unemployment remains a major problem), but there are also positive factors, ( the economy is growing whether we like the amount or not and stocks are going up much more so than down).

View Article

The Search for Core Holdings

By Stephen Northcutt

After working on the fundamental strategy for investing to create an objective methodology, we're ready to start searching for those long term core equities that will continue to grow our portfolio.

View Article

Introduction to a Methodology and Sector Analysis

By Stephen Northcutt

When you consider investing in an equity there is a lot of uncertainty. Will it be the right equity? Is it the right price? Will the market go up or down? Anything we can do to reduce the amount of uncertainty improves the odds of having successful investments. So, we develop a strategy, a methodology, and follow that methodology in a disciplined manner. In this lesson I am going to share one of the methodologies that I use. It might be wrong for you, but it is one of the more successful approaches to market investing that I use.

View Article

SANS Insider Guide to Boston

View this series only

This is a fact filled introduction to of one of the greatest cities in the U.S. as we look forward to returning this year for SANS Boston 2010. By the way, some of the facts are pure fiction especially any references to base 16; hope you do not mind, and this should not be used as a primary source.

Insider's Guide to Touring Boston

By Stephen Northcutt

I think Boston is best visited on foot, but there are other options, a world class mass transit system, tourist trolleys, buses, haven't found a rickshaw yet, but will keep looking.

View Article

Insider's Guide to SANS Boston 2011

By Stephen Northcutt

SANS Boston 2011, August 8 - 15, 2011, is one of my favorite conferences. If you are going to visit Boston, July to September is the season you want to target, but I think August is the best month to visit: the weather is nice, the flowers are blooming, people seem happy (that changes a bit from November to March). The conference is held at the Hyatt Regency Boston, a wonderful hotel, and to be downtown just a block from Boston Common, the first American park, and Chinatown.

View Article

SANS Boston Insider's Guide Fun Facts

By Stephen Northcutt

Some of the information given is tongue and cheek, especially anything that is base 16, but if you invest ten minutes reading this, you will know a lot about Boston that is only available from an insider. This way you can impress the locals and you will have more appreciation for this great city.

View Article

SANS Boston Haiku Contest

By Stephen Northcutt

SANS Boston is sponsoring a haiku contest on twitter. Judge is Craig Duerr, and the Judge's word will be final. In honor of the conference location just outside Chinatown, the prize is a Kung Fu Iron Fan and a framed Honorary GIAC Certified Fan Expert certificate. Amaze your friends, be the first on your block, in fact, the only one on your block to have one.

View Article

SANS Insider's Guide to Boston Movies, Books and Songs

By Stephen Northcutt

Boston and its residents are showcased in many ways; it has been the subject of and background for many movies, books and songs, and there are many well-known characters that have Boston as their home.

View Article

View Archives

Insider's Guide to Boston's Social Media - May 3rd, 2010

By: Stephen Northcutt

A description of social media links to learn more about Boston including cool organizations and news, sports, interesting businesses, job-search sites, and thought leaders.

View Article

Excellent Conference Hotels

View this series only

SANS is always looking for the best in conference hotels - Stephen Northcutt describes some of them.

What hotel should I choose in New Orleans

By Stephen Northcutt

The Sheraton is a world class hotel in the perfect location to enjoy yourself in the French Quarter of New Orleans. Please allow me to introduce some of the fine restaurants within walking distance of the Sheraton at 500 Canal St.

View Article

The Hyatt Manchester is my favorite San Diego conference hotel

By Stephen Northcutt

San Diego is blessed with many great hotels that can support a meeting, but the Hyatt Grand Manchester is my favorite.

View Article

The Marriott Wardman Park is my favorite Washington DC conference hotel

By Stephen Northcutt

If you are running a conference event in Washington DC, and you do not need the downtown convention center, consider Northwest DC and, in particular, the Wardman Park Marriott Hotel. Stephen Northcutt of the SANS Technology Institute looks at three conference hotels in Northwest DC from the event planner's perspective.

View Article

Musings: Ethics

View this series only

Collected musings on ethics, in information security as well as in general.

Ethics in Information Security

By Stephen Northcutt

This is a response to an article by David Mortman that was posted on Search Security. Before, I go any further, I want to state that I agree with David more than I disagree with him, however, Seach Security needs to do more fact checking. I felt his earlier article also suffered from opinion over fact and contacted him to try to share information.

View Article

Is Civil Disobedience Ethical?

By Stephen Northcutt

The current Hawaii Superferry controversy brings up important questions about the ethics of civil disobedience. Many of us are in fields that are governed by a code of ethics or conduct. Let me encourage you to take a minute and take stock of your own life and point of view. Under what circumstances might you participate in civil disobedience, under what circumstances might you withdraw?

View Article

Laptop Security

By Ted Demopoulos and Stephen Northcutt

If there is one area of information security we need to make progress on, it is laptop security. They are small, easily sold, and valuable, and criminals are starting to understand the data they hold can be worth far more than the laptop itself. Here are some practical tips on physical security for laptops.

View Article

Musings: Press Releases

View this series only

This series will include press releases from The SANS Institute covering computer, network, and information security training.

Press Release: Management 512 Security Leadership Essentials for Managers now NIST SP800 Compliant

By Stephen Northcutt

SANS announces computer security management training is now NIST SP800 compliant. SANS Security Leadership Essentials For Managers is now incorporating guidance from NIST Special Publications in the 800 series.

View Article

Press Release: MAC OSX now supported in SEC508 (Systems Forensics, Investigation and Response)

By Rob Lee

Rob Lee announced today, "I am pleased to announce that my course now supports a student who wishes to bring a Intel Based MAC to the course. I performed a final live test with it this past week here in VA Beach with several students using a Intel Based MAC in the course."

View Article

Press Release: GIAC program change to all proctored exams

By Stephen Northcutt

As GIAC moves forward with the ANSI 17024 accreditation process, all GIAC certification exams will be administered in a proctored environment. Administering all certification exams in a proctored environment will raise the credibility of the GIAC program and the certifications that individuals hold.

View Article

Press Release - SANS Partner Series Oct 15-19 SEC504: Hacker Techniques

By Stephen Northcutt

SANS Partners with the State of Texas to teach Hacker Techniques, Exploits and Incident Handling Training at a substantial reduction in cost, October 15-19, 2007; SANS Partnership program is open to States, Law Enforcement, or Educational Institutions. What is particularly unique about this course offering is the pricing: SANS Partnership Series is an important way of delivering essential information security training at significant savings. The price for the upcoming class in Texas is $1150, about 1/3 of SANS regular pricing. You are eligible for this price if you are an employee of a state or local agency, a member of law enforcement at the state or local level, or a faculty or staff member from an accredited educational institution.

View Article

New Orleans and SANS Security 2008

By Stephen Northcutt

The good news is SANS is going back to New Orleans, January 12 - 18 for SANS Security 2008. Let's take a look at what makes New Orleans one of the most unique cities in the United States and a great place to attend a conference.

View Article

Musings on Certifications

View this series only

Collected musings on information security certifications.

GIAC Status Report October 2007

By Stephen Northcutt

As the Global Information Assurance Certification series enters its eighth year of operations and tenth year of development, I have been asked to update an article I wrote several years ago about GIAC. If someone told me in 1998 that one day I would run one of the most advanced technical security certification programs in the world, I would have laughed in their face. I had been given the offer several times, but flatly refused it because it sounded like a whole lot of work.

View Article

Is Tech Target deliberatly misleading with respect to Information Security Certification?

By Stephen Northcutt

Stephen Northcutt of The SANS Technology Institute examines the premises and conclusions set forth by Robert Westervelt in a recent blog regarding current security certifications available to IT professionals.

View Article

Response to SecurityFocus Op Ed, "It is time for a new certification"

By Stephen Northcutt

Stephen Northcutt discusses how the family of GIAC security certifications actually tests a student about the job someone might do; this is becoming known as role based training and role based assessment or certification, and it is important.

View Article

Interview with Laura Taylor (CISM), Author of the FISMA Certification & Accreditation Handbook

By Stephen Northcutt

Laura Taylor is Relevant Technologies' President and CEO. Her research has been used by the FDIC, the FBI, the IRS, the U.S. Federal Reserve, U.S. Customs, the U.S. Treasury, the White House, and many Fortune 500 companies.

View Article

Does GIAC need to create a HIPAA Certification?

By GIAC Advisory Board

Recently, Stephen Northcutt was contacted by a former employee of HIPAA Academy telling him that GIAC needed to create a HIPAA certification. It seemed like a lot of work, but GIAC would be willing to do it if the world needed it. To get clarification, he asked the GIAC Advisory Board (students that score 90 or above on their exams are invited, and they are a pretty smart bunch of folks). Here are their thoughts.

View Article

Musings on Branding - Learning Tree

By Stephen Northcutt

Stephen Northcutt examines the marketing materials created by Learning Tree in comparison to SANS branded materials, and he concludes, "...this package was their ambassador and it did not move me. In the same way, our web page and our brochure are our ambassadors. We need to make them as good as we can."

View Article

So, you're thinking about taking Management 512, SANS Security Leadership Essentials For Managers with Knowledge Compression

By Stephen Northcutt

Stephen Northcutt answers some questions about the SANS course, Management 512, SANS Security Leadership Essentials For Managers with Knowledge Compression, to give potential students an idea of what to expect when they take this class. Included in the discussion are hints about preparatory reading, who should attend, what you can expect to get out of the course, and how it differs from other security classes.

View Article

2006 Year in Review for Information Security: February Recap

By Stephen Northcutt

We are bombarded with so much information, it can be hard to keep track of the important trends in IT Security. This article, the second in a series of 12, is primarily based on the “Top of the News” from SANS NewsBites. The idea is to review some of the most important stories from 2006 to make sure we are grounded with the knowledge we need as we move into the future.

View Article

Is Wikipedia Appropriate for College Citations?

By Stephen Northcutt

CT News Update lead headline story begins: Vermont's Middlebury College has banned the use of the online encyclopedia Wikipedia as an acceptable source of academic information for students, United Press International reported.

View Article

Introducing: Podcasts from PaulDotCom Security Weekly

By Stephen Northcutt

On January 12, we released an article titled CERT is doing podcasts? While doing the research for this article, we came across PaulDotCom Security Weekly, a weekly computer security podcast, or pre-recorded Internet radio show, that focuses on security news, vulnerabilities, research, and hacking. We find the show and cast very interesting.

View Article

Microsoft Word Considered Harmful to HTML

By Stephen Northcutt, Brian Corcoran, and Sean Carolan

For years Stephen Northcutt and other content providers at the SANS Institute had written their content in Microsoft Word and sent the .doc files to the webmasters for posting. Since Microsoft Word had a translate to HTML function, surely it was not a big deal to convert from Word to Web. Or was it? It turns out using a WYSIWYG HTML editor can save your organization time and money.

View Article

2006 Year in Review for Information Security: January Recap

By Stephen Northcutt

We are bombarded with so much information, it can be hard to keep track of the important trends in IT Security. This article, the first of a series of 12, is primarily based on the “Top of the News” from SANS NewsBites. The idea is to review some of the most important stories from 2006 to make sure we are grounded with the knowledge we need as we move into the future.

View Article