Ira Winkler

Contributing Columnist

Ira Winkler, CISSP, is president of Secure Mentem, and author of the forthcoming book, Advanced Persistent Security. He can be contacted at securementem.com.

WannaCry: Sometimes you can blame the victims

What security practitioners can learn from the United’s failures

What security practitioners can learn from the United’s failures

The United airlines debacle was a complete failure of process, and many security programs suffer the same fate.

What prevents breaches: process, technology or people? One answer is PC, and one is right.

What prevents breaches: process, technology or people? One answer is PC, and one is right.

Many experts say that people are more important than process in the IT security world. That is politically correct, as opposed to actually correct.

If you think ransomware is a user failure, you’re a failure

If you think ransomware is a user failure, you’re a failure

It is easy to blame users for causing ransomware infections of their own systems. However, the reality is that for the user to infect their system, there are many technical failures, which are due to the IT staff’s actions or lack...

Parting advice from Howard Schmidt

Parting advice from Howard Schmidt

Security expert Ira Winkler reflects on the late-Howard Schmidt.

Why awareness needs to teach scam detection and reaction

Why awareness needs to teach scam detection and reaction

Most awareness programs teach users how to behave. Ira Winkler argues training needs to go further so people know what to do if they do fall victim to fraud.

At Dulles, a security awareness success story

At Dulles, a security awareness success story

The detention of Norway’s former prime minister, when stripped of politics, was an example of proper security awareness.

The flaw in applying culture to awareness programs

The flaw in applying culture to awareness programs

I appreciate that organizations are beginning to realize that they need to understand their corporate culture in their implementation of awareness programs. It is long overdue. Unfortunately as a concept, it is being grossly...

Making the GRIZZLY STEPPE Joint Action Report useful

Making the GRIZZLY STEPPE Joint Action Report useful

I was surprised when I saw the cynicism to the Joint Action Report (JAR) put out by the Department of Homeland Security and FBI. It seems like it is cool to criticize the report, and that can be a disservice to the whole industry.

Security pros are their own worst enemy

Security pros are their own worst enemy

Just when the world seems ready to listen to us, we give it a display of epic bickering.

The security gift guide

The security gift guide

Give the gift of security, so people will give you the gift of not asking for help and advice.

Protection is dead. Long live detection.

Protection is dead. Long live detection.

As critical as it is, protection will fail. You need robust detection as well.

Load More