Contributor Biography

Home  /  Blogs  /  Contributors  /  Contributor Biography
Dan Sherman

Incident Response and Continuous Monitoring: When InfoSec and Diabetes Management Intersect

Dan Sherman
March 31, 2015

My daughter has childhood diabetes, which can be a frightening disease for a family to manage.  If her blood glucose spikes too high or dips too low, swift action needs to be taken.  Without immediate corrective action, conditions can become serious, or even life threatening.  But, we have developed a

Continue Reading ...

Assessing the Security Posture of Software Vendors

Dan Sherman
February 24, 2014

When evaluating software, business units need to evaluate not only whether the solution meets their business needs, but also whether it meets the security requirements of the organization. Based on the security of the offering, the risk of using the software or service may prove too high.

Continue Reading ...

Getting Back to the Security Basics in Five Simple Steps

Dan Sherman
September 25, 2013

A reminder for information security specialists: Take a breath, and get back to the basics.

Continue Reading ...

Salting Passwords

Dan Sherman
June 11, 2012

Recent high-profile security failures have put the spotlight on password security.

Continue Reading ...

BYOD Issues Are with Data, Not Device

Dan Sherman
April 12, 2012

Many of the current issues surrounding BYOD are similar to the BYOD issues from ten, fifteen, or twenty years ago. Whether a floppy disk, USB drive or iPhone–it isn’t the device that needs to be managed, but the data stored within the device.

Continue Reading ...

Social Engineering: Are You The Weakest Link?

Dan Sherman
November 16, 2011

Telos’ Director of Information Security, Dan Sherman, discusses how hackers use social engineering to target the weakest link in an organization.

Continue Reading ...

Is your organization a likely target of a Wikileaks-like attack?

Dan Sherman
December 21, 2010

The insider threat has been largely ignored and misunderstood, even by some of the top security professionals in the industry. And although this industry has made great strides in the past few years, a technology solution alone will not stop a malicious insider.

Continue Reading ...

Securing the Application Layer

Dan Sherman
September 3, 2010

Application security has been a steadily growing focus area of enterprise information security programs. Following many security breaches, affecting small and large corporations alike, businesses are finally giving application security the attention it has always deserved.

Continue Reading ...

Hiding Data in Documents – The Insider Threat Revisited

Dan Sherman
July 8, 2010

A malicious insider can use zipped up “.docx” files to hide text inside the document and have it go undetected by the Microsoft Document Inspector. How do you monitor and/or prevent this type of attack from happening? Read Dan Sherman’s blog post to find out more.

Continue Reading ...

Cybersecurity in 2010

Dan Sherman
May 18, 2010

It’s hard to believe that in 2010, we are still a nation ill prepared to deal with cyber attacks. The old belief that if you have a firewall you are safe no longer holds true. Application layer attacks may be the current drug of choice, but they are certainly nothing new… (more)

Continue Reading ...