Welcome to today's edition of Security Longreads.
With a wealth of security reading available, the Security Longreads weekly e-mail is designed to highlight particularly interesting longer reads. Our "Security Reads" covers topics related to Information Security while our "Other Reads" are topics that have nothing to do with security but could be of interest to readers of JaySchulman.com.

Did someone forward this to you? Sign up at securitylongreads.com.
Happy Friday!

We start with yak shaving.  Because I just learned what yak shaving is.  (Doing something useless that looks productive.)

Vint Cerf on IoT.  Interesting read on web traffic interception.  DevSecOps.

Windows 10 China Government Edition. (It's a real thing.)

And then lots on the US and Russian government cyberweapons.

And finally, underestimating the importance of a cultural fit.

Have a good weekend,


Yak Shaving: CISOs Aren’t Immune

Sometimes, CISOs spin their wheels doing useless security activity that only looks productive from the outside.

Read More
Security Reads

Do you know where your organization's personal data is? And who accesses it? Here are five questions to ask your CISO to prepare for GDPR compliance.

” I like the idea behind programmable, communicating devices and I believe there is great potential for useful applications. At the same time, I am extremely concerned about the safety, security and privacy of such devices.”

This post summarizes how prevalent encrypted web traffic interception is and how it negatively affects online security according to a study we published at NDSS 2017.

Organizations are aiming for secure software development. They need to bridge the gap between the priorities of development, operations, and security teams.

Breach, Hacks And Attacks

Windows 10 is infamous for having snooping baked in, but one government stood up for user privacy. Oh, the irony!

Already used in Ukraine, the malware could be modified to target U.S. systems.

U.S. Cyberweapons, Used Against Iran and North Korea, Are a Disappointment Against ISIS - NYTimes.com

Security Careers

The Chief Information Security Officer’s job is to protect the business. How? By knowing technology, understanding risk

Overall Career
When Leaders Are Hired for Talent but Fired for Not Fitting In

Companies underestimate the importance of culture fit.

Read More
Jay's Security Longreads · One37 Security LLC · Oak Park IL 60302 · USA