Andrew Hay

Cool post.

I don't know much about NERC so I figure this is as good a start as any.

Raffy's book is out….buy hundreds of copies today!

Interesting…I'll have to check this LiveCD out.

"We can’t expect that an ordinary worker will know if USB sticks, peripherals with Bluetooth enabled, innocent looking hardware keyloggers etc. connected to their desktop computers and even to laptops are malicious – and not installed by a local IT support." — WHAT?!?!? It's called an awareness program and, yes, you should expect your staff to know what those technologies are and if they should be installed/connected. (blinding rage subsiding)…

Why wasn't the "focus and direction" decided on before thinking about having the Air Force establish a Cyber Command program? SNAFU!

I'd have to agree with this article. Although multifactor authentication might make this exponentially easier instead of just relying on "strong" passwords and a "super-secret security question".

I'm still not convinced that this is a good idea. I would really need to see a breakdown of the security safeguards that will be implemented before I remotely felt comfortable purchasing something using my cell phone.