Browsing Category

InfoSec Issues

InfoSec Issues

Everyday I’m shuffling

January 25, 2016

It’s always around this time of year that I realize that the previous year I swore that I was going to blog more in the upcoming year. I could say that there were countless reasons why this didn’t make it to the top of my priority list, but the reality is that I just prioritized other things above it time and time again. There was this time when I grabbed my coffee every morning and sat down at my desk and read through my favorite blogs to see what was going on. Then I would go onto Twitter and make sure I didn’t miss anything. This doesn’t happen anymore. I wish I could say that there was still tons of good information being blogged about, but the sources for my information also seemed to have reprioritized their blogging efforts.


So that leaves me with today, today is my quest to find out how to best aggregate the information that is important to know on a daily basis.hqdefault

Conferences, InfoSec Issues

Backup Buddies – BSidesLV | BlackHat | DefCon 2015

July 20, 2015

We are back for the 3rd year!!!!

Backup Buddies

Backup Buddies started in 2013 due to the great deal of attention paid to the treatment and incidents involving females at conferences. Instead of just addressing problems after the fact or talking about it, this is our call to action to address any potential issues and offering at least somewhat of a solution. This year, much like last, I’m SO THRILLED to say that many amazing members of the Black Hat / DEF CON community have jumped onboard to help as well to be the ‘eyes’ and ‘ears’ for anyone who needed a hand.

I truly love this community and the amazing experience that the conferences can be, and we all want to do our part to ensuring everyone (from industry to journalists and everyone in-between) has the most positive experience that they can. For the 2015 week of Security BSides + BlackHat + DEFCON,  a bunch of us are offering up our time and efforts to help. If you or someone you know, especially (but not only) female, who is new to the conferences or might need a friendly hand, give them this number:


This has been setup to contact me via voice and text during the conference so if I’m not close by, I can pass it on to one of our trusted ‘Buddies’ that is close to the area to help assist people who find themselves uncomfortable, need a friend to talk to about something that happened, are in a situation that is turning bad that need some assistance, or need some first-time attendee guidance. Anyone who reaches out will have their information kept confidential and not shared unless the individual wishes for someone to speak on their behalf.

This number is not:

  • A party-info line. I can’t get you into parties.
  • A general conference information line. Google and conference staffs are there for you for general info.
  • A phishing expedition.
  • 1-900-CHATROOM.
  • “I just wanted to see what’s up”

This number is for situations such as:

  • I need help with or someone to talk to in confidence about an inappropriate situation that is developing or has occurred.
  • It’s my first conference and I feel absolutely alone or am having an absolutely horrid experience.

This line has been a positive experience, let’s keep the option open for those who may need it. Please don’t be “that guy/girl” who abuses the number or thinks it’s funny to crank call. Go crank call rooms at Bally’s instead 😉 .

If you are trusting, friendly, and want to help others, send an email to backups at


Conferences, InfoSec Issues

DefCon Sunday – The Buddy Line Update

August 4, 2013

SecBarbieVegas2013As I sit and enjoy the Vegas morning, I am happy to report that the Buddy line has not been used to report an incident this entire week. Well, perhaps I’m not so happy, I’m hoping that things are going well for all and that incidents are not occurring and just not getting reported. One of the types of issues that I am personally trying to avoid by having the buddy line is having people feel they can’t report incidents due to repercussions, this is also intended to give victims a safer avenue for reporting.

I personally had my two negative experiences at DefCon this year I wanted to let others know that it happens to everyone. Luckily for me, they were not ‘attacks’ or anything of such. One incident was at the Friday night pub crawl, and was a drunken guy who nearly put me to the ground running straight through me for no apparent reason, I was left with bruises as well as drenched with my drink (for context as to time: it was only 11pm or so). This can be chalked up to party-foul, but was still not pleasant. The other incident was Saturday night and a lot closer to the heart.  I’m not ready to really address it in pubic yet, but the TL;DR is that I was publicly minimized by a person associated with a group of people that I consider good friends.

I would not normally air those incidents, or even think that much about them until this year and trying to imagine what it is like for someone who is attending for the first or second time. Luckily I have a great support system here in Vegas and I was able to vent a bit about this already, but for those that don’t have the system… the buddy line is still up!

I love you all InfoSec community, even the jackasses. I have faith we can do better.

InfoSec Issues

Healthcare security – My recent experience

March 16, 2013

There is always human error, and I’m sure that this is not uncommon in hand written charts, but here is a disturbing fact. When I recently went to my doctor, she was going over my past vital stats from past charts from other appointments with me. She mentioned one particular date from last summer that I KNEW that I was never there, it was  the day of my mother’s funeral, so I have full confidence what I was doing that day.

To make matters a bit worse, and this is pure human error, when my doctor left the room, she did not log out of the system. All my information was left up on the screen, I had every opportunity to play with the information if I so desired (or other people’s information for that matter). Being as I do not care to have my healthcare information tampered with, I locked the screen for her.

We have so very far to go, but it does beg the question…. What else is not accurate?