You can subscribe to these podcasts via iTunes or RSS.

For more information, please visit - Shark Talk with Mano Paul

1. initiate a drive to develop next-generation secure computers and networking for national security applications; 
2. establish tough new standards for cyber security and physical resilience; 
3. battle corporate cyber espionage and 
4. target criminal activity on the Internet.

All of these are absolutely important and critical issues that cannot be ignored, but one major issue missing in these is the PEOPLE component of cybersecurity. As my whitepapers have repeatedly eluded to, People are the FIRST line of DEFENSE; technical security controls are rendered futile by people who are not aware of how to protect their own computing ecosystem.

I was  privileged to be in the audience of the Commission on Cybersecurity for the 44th Presidency on the day  (December 29), their report was released for public viewing, where the panelists - Rep. Jim Langevin (D. R.I), Rep. Michael McCaul (R. TX), Lt. General Harry D. Raduege Jr. USAF, retd.) Deloitte & Touche and Marcus Sachs, Verizon Comunications participated.

Highlights from the panel I captured are given below.

1. Cybersecurity is today’s greatest security threat.
2. There is a need for increased awareness among the American people.
3. Threats are real today in the virtual world.
4. Espionage and Digital Pearl Harbor is very likely.
5. Cyberspace is an national asset and needs apropriate protection not just for national security but also for economic security without compromise on privacy and civil liberties.
6. There is a need for buy-in from the International community as well as cyberspace does not end at the waters edge.
7. Partnerships with the private sector as well is extemely important and has been proven to be useful in past situations.
8. There is a need for a cyber mindset - safe and protected use of the cyberspace.
9. There is a need for education and awareness - across the nation and internationally.

“It is Imperative as a nation that cybersecurity is taken into account seriously for the liveability of the nation. If not we have failed as a nation.” 

From the press release it seems to be like President Obama is taken cybersecurity into account seriously. Only time will tell of the liveability of this nation and the world. It’s about time that cybersecurity was in the forefront.

Honestly, I dont even know where to start. Succintly, I must admit that the experiences in Algarve, Portugal and at the OWASP EU was varied, interesting, and a mixture of highs and hangovers from just a few hours of sleep each night (as some were working and preparing for talks and others were partying and some doing both:-)) to say the least.

Training at OWASP

It was a privilege to be one of the 80+ invitees to attend the OWASP EU Summit and deliver two training courses. One of it was - Web Application Security for Executives and Managers and the other was The Art and Science of Threat Modeling .

Texas Representation

Arriving in Lisbon, I met Matt Tesauro, leader of the OWASP Live CD project and Nishi Kumar, graphics contributor for the OWASP LiveCD project.

The Pride of Texas -  Mano “The Bull Rider” Paul

Need I say more - you be the judge of this …
On the bull for one minute and 20 seconds; 8 seconds is a joke … Enjoy the video. by clicking on Media Showcase once the page loads
Let’s just say that this was one of the highlights until …
Note:Voice of Tom Brennan, Marcin Wielgoszewski, Kuai Hinojosa and David Campbell (champion swimmer) in the back screaming - “hands in the air”, “i am getting this on video” and “ha ha ha ha ha …”
Payback will be sweet.

Sessions and Friends

Session I attended were in the following tracks - Education, Ceritification, SAMM, and OWASP Live CD, all of which had discussions (some heated) and very productive in chartering out the objectives, goals, scope and course for the coming years. Friendships were established that would last a lifetime.

All in all …
All in all - what can I say, Honestly, I dont even know where to end. Succintly put, I must admit that the experiences in Algarve, Portugal and at the OWASP EU was varied, interesting, and a mixture of highs and hangovers - a cornucopia of experiences - to say the least.

Covering topics from Secure Software Concepts to Secure Deployment and Operations, weaving through Requirements, Design, Development, Testing and Acceptance, this certification is a welcome addition to the already existing gold standard certifications that (ISC)2 administers such as the CISSP, SSCP, CAP, CISSP-MP/AP/EP.

More information about CSSLP can be found at https://www.isc2.org/csslp
A whitepaper on the Need for Secure Software can be found at https://www.isc2.org/download/CSSLP-white-paper.pdf

Check it out.
http://armorize-cht.blogspot.com/2008/09/owasp-appsec_22.html
http://projectbee.org/blog/archive/owasp-appsec-conf-delhi-day-2-and-more/
http://projectbee.org/blog/archive/owasp-appsec-conf-delhi-day-1/

If you plan to attend or you will be there, come by and say hello.

Dates - August 20th, 2008 @ 9:00 -10:00 a.m.
Venue - India Habitat Center, New Delhi
More Information, click here

Step 1 - Follow Chinese War Strategist, Sun Tzu’ss advice in the “Art of War” “Know Thyself” a.k.a. - Be Aware
Step 2 - Follow Queen Elizabeth II’s advice on “Training” and Be Skilled
Step 3 - Follow Goethe’s advice that “Knowing is not enough, we must apply” and Be Certified

Resource Link - AT&EC Security Solutions Datasheet by SecuRisk Solutions
To be SecuriTRAINED is to Be Aware, Be Skilled and Be Certified in Security … read more

The following are best practices and standards recommended for wireless security:

1. Develop a wireless security policy.
2. Periodically assess risks of your wireless networks.
3. Periodically test and evaluate your wireless security controls.
4. Develop a secure wireless architecture that is consistent with your policy.
5. Develop your wireless security plans, factoring in performance, usability and risks supporting your architecture and policy.
6. Maintain a secure wireless network on an ongoing basis.

Read entire article on Managing Security Risks in a Wireless World (reprinted and better formatted) - Here