Thursday, April 30, 2009

why MAC why

I hope this screenshot posts correctly if not

I already own the Earthy Riches and I love these mixes for days when I can't pick one solid shade to go with.

I'm sooo digging the Fresh Green Mix & Sea+Sky & Odd couple

Wednesday, April 29, 2009

gotta sneak in one april post

hello im still alive
i have many topics not alot of time so let me fire off the top

shopping from this weekend
coach work accessories

well let me clarify and say I was outlet shopping so people don't think I'm really balling
but sooo many ladies at work have been visually rubbing it in my face there lanyard better than mines "i picked this up a FOSE/ show". so....

If you are staring like wtf is that LOL basically a fancy badge holder

This is one of those neoprene hugg your laptop cases. No handle but its perfect for when your laptop goes into a bigger bag and it will be protected...speaking of bags

I'm off to Germany in a couple weeks (Stuttgart)

On another secret mission for the D-dept lol sike naw just really have to be thankful to have work experiences that allow travel esp in this "recession".Never been there of course Bahrain = first time out the country. Not sure what to expect I know I won't be doing much shopping that USA dollar conversion is killer. My niece is coming so I told her to research the tourist spots. The only thing I know that's famous in Germany is BMW factory apparently its too far from where we are staying.

So speaking of le Dept.. Im very excited about this new Obama initiative: New Pentagon Cyber Command

The Obama administration is finalizing plans for a new Pentagon command to coordinate the security of military computer networks and to develop new offensive cyber-weapons, sources said last night.

Planning for the reorganization of Defense Department and intelligence agencies is underway, and a decision is imminent, according to a person familiar with the White House plans.

The new command would affect U.S. Strategic Command, whose mission includes ensuring U.S. "freedom of action" in space and cyberspace, and the National Security Agency, which shares Pentagon cybersecurity responsibilities with the Defense Information Systems Agency.

The Pentagon plans do not involve the Department of Homeland Security, which has responsibility for securing the government's non-military computer domain.

I gotta say it command=$$ to be created what happened to the big DOD budget cuts huh!?
As long as the dept doesn't execute this new command in a similar fashion to how the joke agency (DHS) was created than Ill be pleased. But I think the timing is perfect obviously with all the data breaches in the news and Obama's crew wrapping up their 60 day cybersecurity review
change is a coming. Some security blogs have reported that the biggest out come of the review is the rehauling of FISMA. FISMA came about after the 9/11 attacks but its heavily criticised because its paper compliance focused and doesn't really prove that security has improved. The new bill focuses on the ability to detect and defend attacks. I agree I sooo hate how at work the Infosec team is labeled paper pushers and how we are only there to document when we are reallly trying to help improve the overall security posture of the program but at the end of the day we turn in "paper" so that people can do what they need to do and that sux!

Here are some excerpt from an article detailing the ICE ACT aka FISMA 2.0

Legislation being introduced Tuesday in the U.S. Senate would make sweeping changes in how cybersecurity is handled at the federal level, creating a chief information security officer (CISO) position in the White House that reports directly to the president. The Information and Communications Enhancement (ICE) Act being introduced by Sen. Thomas Carper (D-Del.), places a federal "cyber office" directly below the president.

Compliance with FISMA would also be changed, directly correlating it with security tools to measure progress, said Alan Paller, director of research at The SANS Institute, a Bethesda, Md.-based nonprofit cybersecurity research group. Instead of offering high grades for compliance under a FISMA checklist, gap analysis and vulnerability assessments would be used to measure the effectiveness of agency cybersecurity preparation.

"FISMA measured the wrong things," Paller said in a panel session last week at RSA. "FISMA needs a fundamental change to enable prioritization of resources so that costs can be controlled and Web application security can go from 'missing' to 'covered.'"

That new cybercommand is slated to open at Fort Meade home of NSA and future home of my agency once our BRAC migration is complete. Def see a good future up there and happy MD about to get its own infsec tech hub grab some of that Northern VA Shine.

Anyway about to sign off watching NBA playoffs.. which have been amazing.. I'll have another NBA post forthcoming but so far
I'm happy: Spurs dynasty=over; Boston&Orlando on edge, Cavs sweep, My Lakers advanced
Still more to come...