Hi, welcome to my blog!
This blog focuses on technology, information security, and IT audit, but certainly not in that order. Miscellaneous tangents will appear occasionally.
My goals for this blog:
- Tackle audit and security issues, often from a slightly different angle.
- Provide how-to articles on various topics, including data analytics.
- Provide perspective on other articles, trends, and some projects in which I’ve been involved.
- Help you understand and do technology, infosec, and audit better.
- Make you laugh out loud.
I’m known as Mack. I’ve worked in IT for years, from the help desk to break/fix to system and network administrator. I’ve built a data center, led disaster recovery teams, and pulled IT SOX onto some ugly feet.
I’ve managed the security team of an international company and led the response of several major security incidents.
Probably the most interesting position I’ve had is a moderator of a online security forum where hats of all colors hung out. You can learn a lot from 12 year-olds as well the grey hairs, some of the best in the business.
It was also interesting when that security forum was hacked (if anyone tells you they’re invincible, laugh quietly to yourself, and wait until you see them in the news).
Lately, I’ve been doing IT audit and data analytics, which has given me a different view of risk and security. My next destination is secret, and I’m enjoying the breeze. I’m having fun and enjoying all that I still have to learn.
Favorite Topics of Mine
A buddy of mine, skyyler, helps with the ACL heavy lifting on this blog.
These posts describe events that happened under my watch in one of the many positions I’ve held. The names and some details have been changed for obvious reasons, but the stories are true.
Security Scope articles describe basic security principles; I like to refer to it as the “ah-ha” series. These posts also serve as reminders to those of us who know better, but need occasional nudges.
Many of these posts answer questions I am often asked by co-workers, relatives, and friends that don’t understand information security and why it’s important. This series is my personal security awareness campaign.
This series describes security adventures I have as I’m rambling around the landscape.
Occasionally I can’t resist poking some fun at people who say strange things, or say things without realizing how terribly wrong or misinformed they are, or how what they say is so true in a totally different context.
Most Popular Posts
These posts are the more popular ones, month-to-month:
Also check out my interviewing IT auditors series.
I love reader comments. Let me know what you like, what you hate, and what you’d like to read more about.
For my Comment Policy, see Copyright.
If you find a typo, broken link, or a brain leak, please let me know. And leave me a comment once in a while, and let me know what you’re thinking…
Also, some of the details, conversations, and circumstances revealed in this blog are sometimes veiled or enhanced to protect me and the guilty, but scare the innocent…
All information and humor provided on the ITauditSecurity blog and Onedrive (formerly Skydrive) website is presented as is, without any warranty or guarantee. Anybody using any advice, scripts, jokes, or whatnot on these pages is encouraged to validate the effectiveness and reliability on their own, away from their business network. Also, make sure you seek legal advice, obtain tax advice, and check with your doctor and your mother.
Finally, do not run backwards with scissors.