Privacy Policy

Privacy Policy for blog.isitinfosec.com

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at isitinfosec@gmail.com.
At blog.isitinfosec.com, the privacy of our visitors is of extreme importance to us. This privacy policy document outlines the types of personal information is received and collected by blog.isitinfosec.com and how it is used.
Log Files
Like many other Web sites, blog.isitinfosec.com makes use of log files. The information inside the log files includes internet protocol ( IP ) addresses, type of browser, Internet Service Provider ( ISP ), date/time stamp, referring/exit pages, and the number of clicks to analyze trends, administer the site, track users movement around the site, and gather demographic information. IP addresses and other such information are not linked to any information that is personally identifiable.
Cookies and Web Beacons
blog.isitinfosec.com does not use cookies.
DoubleClick DART Cookie
.:: Google, as a third-party vendor, uses cookies to serve ads on blog.isitinfosec.com.
.:: Google's use of the DART cookie enables it to serve ads to your users based on their visit to blog.isitinfosec.com and other sites on the Internet.
.:: Users may opt-out of the use of the DART cookie by visiting the Google ad and content network privacy policy at the following URL - http://www.google.com/privacy_ads.html
These third-party ad servers or ad networks use technology to the advertisements and links that appear on blog.isitinfosec.com send directly to your browsers. They automatically receive your IP address when this occurs. Other technologies ( such as cookies, JavaScript, or Web Beacons ) may also be used by the third-party ad networks to measure the effectiveness of their advertisements and/or to personalize the advertising content that you see.
blog.isitinfosec.com has no access to or control over these cookies that are used by third-party advertisers.
You should consult the respective privacy policies of these third-party ad servers for more detailed information on their practices as well as for instructions about how to opt-out of certain practices. blog.isitinfosec.com's privacy policy does not apply to, and we cannot control the activities of, such other advertisers or web sites.
If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers' respective websites.

Facial Recognition and privacy

ow.ly/lsGm50xXHQ3

I posted this article to my twitter, LinkedIn and Facebook pages because it is an issue that has been a hot topic through the last decade.  While improvements to the technology have been great and false positives have decreased there is still gaping holes when it comes to minorities and women.  It is apart of the CCPA that went into effect at the beginning of this year and it is a point of contention in Washington State WaPA.  The federal government is also trying to figure out how to regulate this technology and what protections do Americans have if they have been falsely identified.  There is bipartisan support for "getting it right" but what does that exactly mean?

The CCPA discusses biometric data collection and states "...businesses that are covered by the law will need to inform consumers if they are collecting biometric information, be prepared to provide that information to consumers if they exercise a right to access request and delete that information if a consumer requests it."  The issue becomes how exactly does one delete facial recognition from video feeds or systems?  Can a criminal request "to be forgotten" or have that data removed from the system before they are apprehended?

That is just one angle to deal with and the false-positive rates are the other. We are seeing similar bias when it comes to machine learning as the bias' of the person feeding the data will eventually end up in the machine.  The technology in both realms is not there despite dramatic improvement to them and will still require human intervention to ensure that the machine/system is not misidentifying someone.  As some of the senator's state in the article that represents districts with minorities, they feel that their constituents could be wrongly identified and most would not have the ability to fight that case.  Despite all this, the federal government has introduced legislation this past Monday that would effectively regulate facial-recognition technology.

While I would like to have hope that our government will "get it right," I cannot help but feel special interest and big tech companies will find a way to push their own agendas or skirt whatever legislation is passed.  It will be interesting to see how this plays out both at the federal and state levels as states will follow California and pass their own version of privacy acts.

Resources:
https://www.clarip.com/data-privacy/california-privacy-law-facial-recognition/
https://www.wired.com/story/how-to-teach-artificial-intelligence-common-sense/
https://www.wired.com/story/tainted-data-teach-algorithms-wrong-lessons/

2020 No Looking Back

2020 is off and running and I am already trying to catch up.  Being sick at the end of  December did not help much either.  I titled this post "2020 No Looking Back" because this past decade was filled with pain and growth.  For every achievement, I made it was met with an equally painful situation.  I was able to graduate both with my Bachelors's and Masters's degrees and was able to obtain my CCNA and my CISSP.  I also ended my marriage, suffered through some rough personal times through it all.  I am not where I thought nor wanted to be, I had a grand plan to already be in the Cybersecurity arena by the time I was 30 and well entrenched in it by my 35th birthday.  This was to assist in preparing me for my children's future as well as my own.  In a couple of months, I will be turning 35 and just entering the cybersecurity arena as a practitioner and not just a lurker.  Not quite the plan I had envisioned as I approached my 30th.

I had my review about a month back and my director, who I have been working with now for 14 years, had an observation.  He mentioned to me that despite all the headway I have made in my career I seem to still be stuck when it comes to my personal life and relationships.  It got me thinking what has happened to me and the young gentleman who had all these ideas and plans? Like everything I do, I gave too much of myself and put others in front of my well being, my career and my mental health. 

I have been thinking a lot lately about what I am going to do to ensure I catch up and position myself to succeed both in my career and personally.  One thing is I am going to commit to learning more and working on the tech skills that I am weak in.  That process has started as evidenced by the posts I have made regarding the different programs and things I am learning.  The next is I am going to be more active in social media and reading different articles and news in cybersecurity.  I know I will not be the first to tweet it or put it on LinkedIn or even Facebook but I want to get in the habit of showing that I am active in reading and commenting on things in the industry.  I am planning on expanding my network by attending more events as well as volunteering and teaching which has always been a passion of mine.  I believe that these are the building blocks I need to catch up and position myself to be where I should be by my own standards.

The is no looking back and while I will carry the wounds from the past decade I will wear them as scars of war.  I have learned a lot and I am still learning about myself and what limits I have that I need to break.  I look forward to sharing my experiences with you as I go and I hope those that are coming behind me will be able to learn something from the mistakes I have made.